Skip Headers
Oracle® Database Security Guide
11g Release 2 (11.2)

Part Number E16543-13
Go to Documentation Home
Home
Go to Book List
Book List
Go to Table of Contents
Contents
Go to Master Index
Master Index
Go to Feedback page
Contact Us

Go to previous page
Previous
PDF · Mobi · ePub

Index

A  B  C  D  E  F  G  H  I  J  K  L  M  N  O  P  Q  R  S  T  U  V  W  X 

A

access control
encryption, problems not solved by, 8.1.1
enforcing, 10.9.1
object privileges, 4.5.1
password encryption, 3.2.1
access control list (ACL)
examples
external network connection for email alert, 9.5.10.1
external network connections, 4.11.6
wallet access, 4.11.6
external network services
about, 4.11.1
adding more users or privileges, 4.11.4.1
advantages, 4.11
affect of upgrade from earlier release, 4.11.3
creating ACL, 4.11.4
DBMS_NETWORK_ACL_ADMIN package, general process, 4.11.4
email alert for audit violation tutorial, 9.5.10.1
finding information about, 4.11.12
hosts, assigning, 4.11.4.2
network hosts, using wildcards to specify, 4.11.7
ORA-24247 errors, 4.11.3
order of precedence, hosts, 4.11.8
port ranges, 4.11.9
privilege assignments, about, 4.11.10
privilege assignments, database administrators checking, 4.11.10.1
privilege assignments, users checking, 4.11.10.2
setting precedence, multiple roles, 4.11.11
setting precedence, multiple users, 4.11.11
syntax for creating, 4.11.4.1
hosts
local host, 4.11.4.2
localhost setting, 4.11.4.2
wallet access
about, 4.11.2
advantages, 4.11.2
client certificate credentials, using, 4.11.5
finding information about, 4.11.12
non-shared wallets, 4.11.5
password credentials, 4.11.5
password credentials, using, 4.11.5
shared database session, 4.11.5
wallets with sensitive information, 4.11.5
wallets without sensitive information, 4.11.5
account locking
example, 3.2.3.5
explicit, 3.2.3.5
password management, 3.2.3.5
PASSWORD_LOCK_TIME profile parameter, 3.2.3.5
ad hoc tools
database access, security problems of, 4.4.7.1
ADM_PARALLEL_EXECUTE_TASK role
about, 4.4.2
ADMIN OPTION
about, 4.6.1.1
revoking privileges, 4.7.1
revoking roles, 4.7.1
roles, 4.4.5.1
system privileges, 4.3.4
administrative user passwords
default, importance of changing, 10.5
administrator privileges
access, 10.9.2
operating system authentication, 3.3.2
passwords, 3.3.3, 10.5
SYSDBA and SYSOPER access, centrally controlling, 3.3.1, 3.3.1
write, on listener.ora file, 10.9.2
adump audit files directory, 9.6.2
alerts, used in fine-grained audit policy, 9.5.10.1
"all permissions", 10.3
ALTER ANY LIBRARY statement
security guidelines, 10.3
ALTER privilege statement
SQL statements permitted, 5.8.2
ALTER PROCEDURE statement
used for compiling procedures, 4.5.6.6
ALTER PROFILE statement
password management, 3.2.3.1
ALTER RESOURCE COST statement, 2.4.4.2
ALTER ROLE statement
changing authorization method, 4.4.3
ALTER SESSION statement
schema, setting current, 5.7.1
ALTER USER privilege, 2.3.1
ALTER USER statement
AUTHENTICATION USER PASSWORD clause deprecated, Preface
default roles, 4.10.2
explicit account unlocking, 3.2.3.5
GRANT CONNECT THROUGH clause, 3.10.1.4
passwords, changing, 2.3.3
passwords, expiring, 3.2.3.7
profiles, changing, 3.2.3.7
REVOKE CONNECT THROUGH clause, 3.10.1.4
user profile, 3.2.3.1
altering users, 2.3.2
ANSI operations
Oracle Virtual Private Database affect on, 7.5.3
ANY system privilege
guidelines for security, 10.6
application contexts
about, 6.1.1
as secure data cache, 6.1.4
benefits of using, 6.1.4
bind variables, 7.1.4
components, 6.1.2
DBMS_SESSION.SET_CONTEXT procedure, 6.3.3.6, 6.3.3.6
driving context, 6.6
editions, affect on, 6.1.5
finding errors by checking trace files, 6.6
finding information about, 6.6
global application contexts
authenticating user for multiple applications, 6.4.3.5
creating, 6.4.2
logon trigger, creating, 6.3.4
Oracle Virtual Private Database, used with, 7.1.4
performance, 7.4.2.8
policy groups, used in, 7.3.5.1
returning predicate, 7.1.4
session information, retrieving, 6.3.3.2
support for database links, 6.3.6
types, 6.2
users, nondatabase connections, 6.4.1, 6.4.3.6
where values are stored, 6.1.3
See also client session-based application contexts, database session-based application contexts, global application contexts
application developers
CONNECT role change, 10.11.3.2
application security
restricting wallet access to current application, 4.11.5
sharing wallet with other applications, 4.11.5
specifying attributes, 6.3.2
application users who are database users
Oracle Virtual Private Database, how it works with, 7.5.9
applications
about security policies for, 5.1
database users, 5.2.1
enhancing security with, 4.4.1.2
object privileges, 5.8.1
object privileges permitting SQL statements, 5.8.2
One Big Application User authentication
security considerations, 5.2.2
security risks of, 5.2.1
Oracle Virtual Private Database, how it works with, 7.5.4
password handling, guidelines, 5.3.1.2
password protection strategies, 5.3
privileges, managing, 5.4
roles
multiple, 4.4.1.3.1
privileges, associating with database roles, 5.6
security, 4.4.7, 5.2.2
security considerations for use, 5.2
security limitations, 7.5.4
security policies, 7.3.5.3
validating with security policies, 7.3.5.5
AQ_ADMINISTRATOR_ROLE role
about, 4.4.2
AQ_USER_ROLE role
about, 4.4.2
archiving
operating system audit files, 9.8.3.4
standard audit trail, 9.8.2.5
timestamping audit trail, 9.9.3.4
attacks
See security attacks
AUDIT EXECUTE PROCEDURE statement, 9.3.12.2
audit files
activities always written to, 9.1.5
directory, 9.6.2
file names, form of, 9.6.2
operating system audit trail
archiving, setting timestamp, 9.9.3.4
audited actions in common with database audit trail, 9.3.3
operating system file
advantages of using, 9.3.4.3
appearance of text file, 9.3.4.2
appearance of XML file, 9.3.4.2
archiving, 9.8.3.4
contents, 9.3.4.1
directory location, 9.3.4.5
how it works, 9.3.4.4
if becomes too full, 9.8.3.1
standard audit trail
archiving, setting timestamp, 9.9.3.4
audited actions in common with operating system audit trail, 9.3.3
records, archiving, 9.8.2.5
where written to, 9.6.2
AUDIT statement
about, 9.3.1.1
schema objects, 9.3.10.5
audit trail
about, 9.8.1
archiving, 9.8.2.5
deleting views, 9.10.3
finding information about, 9.10.1
interpreting, 9.10.2
types of, 9.8.1
See also standard audit trail, SYS.AUD$ table, SYS.FGA_LOG$ table
AUDIT_FILE_DEST initialization parameter
about, 9.3.4.5
setting for OS auditing, 9.3.4.5
AUDIT_SYS_OPERATIONS initialization parameter
auditing SYS, 9.6.2
AUDIT_SYSLOG_LEVEL initialization parameter
how it affects mandatory audit records, 9.1.5
AUDIT_TRAIL initialization parameter
about, 9.3.2.1
auditing SYS, 9.6.2
database, starting in read-only mode, 9.3.2.2
DB (database) setting, 9.3.2.2
DB, EXTENDED setting, 9.3.2.2
disabling, 9.3.2.2
OS (operating system) setting, 9.3.2.2
setting, 9.3.2.1
values, 9.3.2.2
XML setting, 9.3.2.2
XML, EXTENDED setting, 9.3.2.2
auditing
administrators
See standard auditing
audit options, 9.2
audit records, 9.8.1
audit trail, sensitive data in, 10.10.1
audit trails, 9.8.1
before-and-after changes, recording with triggers, 9.7
committed data, 9.3.6.2, 10.10.3
database user names, 3.5
default auditing, enabling, 9.4.1
distributed databases and, 9.1.6
finding information about, 9.10.1
fine-grained
See fine-grained auditing
functions, 9.3.12.1
functions, Oracle Virtual Private Database, 9.3.12.1
general steps for, 9.2
guidelines for security, 10.10
historical information, 10.10.3
keeping information manageable, 10.10.2
LOBs, auditing
user-defined columns, 9.5.3
logon and logoff events, 9.3.7.3
middle-tier systems, real user actions, 3.10.1.11
multitier environments
See standard auditing
network
See standard auditing
object columns, 9.5.3
objects
See standard auditing
One Big Application User authentication, compromised by, 5.2.1
operating system files
appearance, 9.3.4.2
configuring, 9.3.2.2
managing, 9.8.3
operating-system user names, 3.5
Oracle Virtual Private Database policy functions, 9.3.12.1
packages, 9.3.12.1
performance, 9.1.7
PL/SQL packages, 9.3.12.1
privileges
See standard auditing
procedures, 9.3.12.1
range of focus, 9.2
recommended settings, 10.10.5
Sarbanes-Oxley Act
auditing, meeting compliance through, 9.1.1
schema objects
See standard auditing
schema objects created in the future, 9.3.10.5
SQL statements
See standard auditing
standard
See standard audit trail, standard auditing
statements
See standard auditing
STMT_AUDIT_OPTION_MAP table, 9.3.3
suspicious activity, 10.10.4
SYS user, 9.6.2
SYS.FGA_LOG$ table, 9.5.5
SYSTEM user, 9.6.1
SYSTEM_PRIVILEGE_MAP table, 9.3.3
triggers, 9.3.12.1
triggers used for, 9.7
UNIX syslog, 9.1.5
views
active object options, 9.10.2.3
active privilege options, 9.10.2.2
active statement options, 9.10.2.1
default object options, 9.10.2.4
when audit options take effect, 9.3.1.3
XML files
appearance, 9.3.4.2
configuring, 9.3.2.2
See also SYS.AUD$ table, SYS.FGA_LOG$ table, standard auditing, standard audit trail, fine-grained auditing
auditing, purging records
about, 9.9.1
cancelling archive timestamp, 9.9.6.7
clearing database audit trail batch size, 9.9.6.8
creating audit trail
purge job, 9.9.3
creating the purge job, 9.9.3.5
database audit trail
purging subset of records, 9.9.5
deleting a purge job, 9.9.6.6
disabling purge jobs, 9.9.6.4
enabling purge jobs, 9.9.6.4
example, 9.9.7
general steps for, 9.9.2
initializing
cancelling, 9.9.6.3
initializing cleanup operation, 9.9.3.3
initializing, checking if done, 9.9.6.1
purging audit trail manually, 9.9.4
purging records in batched groups, 9.9.3.6
roadmap, 9.9.2
scheduling the purge job, 9.9.3.5
setting archive timestamp, 9.9.3.4
time interval for all purge jobs, 9.9.6.2
time interval for named purge job, 9.9.6.5
AUTHENTICATEDUSER role, 4.4.2
authentication
about, 3.1
administrators
operating system, 3.3.2
passwords, 3.3.3
SYSDBA and SYSOPER access, centrally controlling, 3.3.1
by database, 3.4
by SSL, 3.7.1.1
client, 10.9.1
client-to-middle tier process, 3.10.1.6
database administrators, 3.3
databases, using
about, 3.4.1
advantages, 3.4.2
procedure, 3.4.3
directory service, 3.7.1
directory-based services, 3.6.2
external authentication
about, 3.8.1
advantages, 3.8.2
operating system authentication, 3.8.4
user creation, 3.8.3
global authentication
about, 3.7
advantages, 3.7.2
user creation for private schemas, 3.7.1.1
user creation for shared schemas, 3.7.1.2
middle-tier authentication
proxies, example, 3.10.1.8
multitier, 3.9
network authentication
Secure Sockets Layer, 3.6.1
third-party services, 3.6.2
One Big Application User, compromised by, 5.2.1
operating system authentication
about, 3.5
advantages, 3.5
disadvantages, 3.5
proxy user authentication
about, 3.10.1.1
expired passwords, 3.10.1.4
public key infrastructure, 3.6.2
RADIUS, 3.6.2
remote, 10.9.1, 10.9.1
specifying when creating a user, 2.2.3
strong, 10.5
SYSDBA on Windows systems, 3.3.2
Windows native authentication, 3.3.2
See also passwords, proxy authentication
AUTHID DEFINER clause
used with Oracle Virtual Private Database functions, 7.1.3
authorization
about, 4
changing for roles, 4.4.3
global
about, 3.7
advantages, 3.7.2
multitier, 3.9
omitting for roles, 4.4.3
operating system, 4.4.4.3.1
roles, about, 4.4.4
automatic reparse
Oracle Virtual Private Database, how it works with, 7.5.5
Automatic Storage Management (ASM)
SYSASM privilege, Preface

B

banners
auditing user actions, configuring, 5.9.5
unauthorized access, configuring, 5.9.5
batch jobs, authenticating users in, 3.2.5.1
BFILEs
guidelines for security, 10.6
bind variables
application contexts, used with, 7.1.4
information captured in audit trail, 9.3.2.2
BLOBS
encrypting, 8.2.6
BY ACCESS clause
about, 9.3.6.5
benefits of using, 9.3.6.5
finding statement audit options, 9.10.2.1
NOAUDIT statement non-support of, 9.3.6.7
using, 9.3.6.5

C

CAPI_USER_ROLE role, 4.4.2
cascading revokes, 4.7.3
CATNOAUD.SQL script
about, 9.10.3
audit trail views, deleting with, 9.10.3
certificate key algorithm
Secure Sockets Layer, 10.9.3
change_on_install default password, 10.5
character sets
role names, multibyte characters in, 4.4.3
role passwords, multibyte characters in, 4.4.4.1
cipher suites
Secure Sockets Layer, 10.9.3
client connections
guidelines for security, 10.9.1
secure external password store, 3.2.5.3
securing, 10.9.1
client identifier
setting for applications that use JDBC, 3.10.2.4
client identifiers
about, 3.10.2.1
auditing users, 9.3.9
consistency between DBMS_SESSION.SET_IDENTIFIER and DBMS_APPLICATION_INFO.SET_CLIENT_INFO, 3.10.2.5
global application context, independent of, 3.10.2.4
setting with DBMS_SESSION.SET_IDENTIFIER procedure, 6.4.1
See also nondatabase users
client session-based application contexts
about, 6.5.1
CLIENTCONTEXT namespace, clearing value from, 6.5.4
CLIENTCONTEXT namespace, setting value in, 6.5.2
retrieving CLIENTCONTEXT namespace, 6.5.3
See also application contexts
CLIENT_IDENTIFIER USERENV attribute
setting and clearing with DBMS_SESSION package, 3.10.2.5
setting with OCI user session handle attribute, 3.10.2.4
See also USERENV namespace
CLIENTID_OVERWRITE event, 3.10.2.5
column masking behavior, 7.3.4.3
column specification, 7.3.4.3
restrictions, 7.3.4.3
columns
granting privileges for selected, 4.6.2.3
granting privileges on, 4.6.2.3
INSERT privilege and, 4.6.2.3
listing users granted to, 4.12.3
privileges, 4.6.2.3
pseudo columns
USER, 4.5.5.3
revoking privileges on, 4.7.2.2
command line recall attacks, 5.3.1.1, 5.3.1.4
committed data
auditing, 9.3.6.2, 10.10.3
configuration
guidelines for security, 10.8
configuration files
listener.ora, 10.9.2
sample listener.ora file, 10.9.2
server.key encryption file, 10.9.3
tsnames.ora, 10.9.3
typical directory, 10.9.3, 10.9.3
CONNECT role
about, 10.11
applications
account provisioning, 10.11.2.2
affects of, 10.11.2
database upgrades, 10.11.2.1
installation of, 10.11.2.3
script to create, 4.4.2
users
application developers, impact, 10.11.3.2
client-server applications, impact, 10.11.3.3
general users, impact, 10.11.3.1
how affects, 10.11.3
why changed, 10.11.1
CONNECT role, privilege available to, 4.4.1.1
connection pooling
about, 3.9
global application contexts, 6.4.1
nondatabase users, 6.4.3.6
proxy authentication, 3.10.1.6
connections
SYS privilege, 10.3
CPU time limit, 2.4.2.3
CREATE ANY LIBRARY statement
security guidelines, 10.3
CREATE ANY PROCEDURE system privilege, 4.5.6.5
CREATE ANY TABLE statement
non-administrative users, 10.3
CREATE CONTEXT statement
about, 6.3.2
example, 6.3.2
CREATE LIBRARY statement
security guidelines, 10.3
CREATE PROCEDURE system privilege, 4.5.6.5
CREATE PROFILE statement
account locking period, 3.2.3.5
failed login attempts, 3.2.3.5
password aging and expiration, 3.2.3.7
password management, 3.2.3.1
passwords, example, 3.2.3.7
CREATE ROLE statement
IDENTIFIED EXTERNALLY option, 4.4.4.3
CREATE SCHEMA statement
securing, 5.7.1
CREATE SESSION statement, 4.4.1.1
CONNECT role privilege, 10.4
securing, 5.7.1
CREATE USER statement
explicit account locking, 3.2.3.5
IDENTIFIED BY option, 2.2.3
IDENTIFIED EXTERNALLY option, 2.2.3
passwords, expiring, 3.2.3.7
user profile, 3.2.3.1
CSW_USR_ROLE role, 4.4.2
CTXAPP role, 4.4.2
cursors
reparsing, for application contexts, 6.3.4
shared, used with Virtual Private Database, 7.1.4
custom installation, 10.8, 10.8
CWM_USER role, 4.4.2

D

data definition language (DDL)
roles and privileges, 4.4.1.6
standard auditing, 9.3.7.2
data dictionary
protecting, 10.6
securing with O7_DICTIONARY_ACCESSIBILITY, 4.3.2.1
data dictionary views
See views
data files, 10.6
guidelines for security, 10.6
data manipulation language (DML)
privileges controlling, 4.5.4.1
standard auditing, 9.3.7.2
data security
encryption, problems not solved by, 8.1.3
database administrators (DBAs)
access, controlling, 8.1.2
authentication, 3.3
malicious, encryption not solved by, 8.1.2
database audit trail
audited actions in common with operating system audit trail, 9.3.3
batch size for records during purging, 9.9.3.6
protecting, 9.1.3
tablespace, moving to one other than SYSTEM, 9.8.2.3
Database Configuration Assistant (DBCA)
default passwords, changing, 10.5
user accounts, automatically locking and expiring, 10.3
database links
application context support, 6.3.6
application contexts, 6.3.3.5
auditing, 9.3.10.2
authenticating with Kerberos, 3.6.2
authenticating with third-party services, 3.6.2
global user authentication, 3.7.2
object privileges, 4.5.3
operating system accounts, care needed, 3.5
session-based application contexts, accessing, 6.3.3.5
database session-based application contexts
about, 6.3.1
cleaning up after user exits, 6.3.1
components, 6.3.1
creating, 6.3.2
database links, 6.3.3.5
dynamic SQL, 6.3.3.3
externalized, using, 6.3.8
how to use, 6.3
initializing externally, 6.3.6
initializing globally, 6.3.7.1
ownership, 6.3.2
parallel queries, 6.3.3.4
PL/SQL package creation, 6.3.3
session information, setting, 6.3.3.6
SYS_CONTEXT function, 6.3.3.2
trusted procedure, 6.1.2
tutorial, 6.3.5.1
See also application contexts
database upgrades and CONNECT role, 10.11.2.1
databases
access control
password encryption, 3.2.1
additional security resources, 1.2
authentication, 3.4
database user and application user, 5.2.1
default audit settings
about, 9.4.1
DBCA-created databases, 9.4.1
manually-created databases, 9.4.1
default password security settings, 3.2.3.4
DBCA-created databases, 3.2.3.4
manually-created databases, 3.2.3.4
default security features, summary, 1.1
granting privileges, 4.6
granting roles, 4.6
limitations on usage, 2.4.1
read-only mode, starting in, 9.3.2.2
security and schemas, 5.7
security embedded, advantages of, 5.2.2
security policies based on, 7.1.2.1
DATAPUMP_EXP_FULL_DATABASE role, 4.4.2
DATAPUMP_IMP_FULL_DATABASE role, 4.4.2
DB_EXTENDED setting in AUDIT_TRAIL initialization parameter, Preface
DBA role
about, 4.4.2
DBA_NETWORK_ACL_PRIVILEGES view, 4.11.10
DBA_ROLE_PRIVS view
application privileges, finding, 5.4
DBA_ROLES data dictionary view
PUBLIC role, 4.3.5
DBMS_APPLICATION.SET_CLIENT_INFO procedure
DBMS_SESSION.SET_IDENTIFIER value, overwriting, 3.10.2.5
DBMS_CRYPTO package
about, 8.3
encryption algorithms supported, 8.3
examples, 8.5.1
DBMS_FGA package
about, 9.5.9.1
ADD_POLICY procedure, 9.5.9.2
DISABLE_POLICY procedure, 9.5.9.3
DROP_POLICY procedure, 9.5.9.4
ENABLE_POLICY procedure, 9.5.9.3
DBMS_OBFUSCATION_TOOLKIT package
backward compatibility, 8.3
See also DBMS_CRYPTO package
DBMS_RLS package
about, 7.3.1
DBMS_RLS.ADD_CONTEXT procedure, 7.3.1
DBMS_RLS.ADD_GROUPED_POLICY procedure, 7.3.1
DBMS_RLS.ADD_POLICY
sec_relevant_cols parameter, 7.3.4.1
sec_relevant_cols_opt parameter, 7.3.4.3
DBMS_RLS.ADD_POLICY procedure
about, 7.3.1
DBMS_RLS.CREATE_POLICY_GROUP procedure, 7.3.1
DBMS_RLS.DELETE_POLICY_GROUPS procedure, 7.3.1
DBMS_RLS.DISABLE_GROUPED_POLICY procedure, 7.3.1
DBMS_RLS.DROP_CONTEXT procedure, 7.3.1
DBMS_RLS.DROP_GROUPED_POLICY procedure, 7.3.1
DBMS_RLS.DROP_POLICY procedure, 7.3.1
DBMS_RLS.ENABLE_GROUPED_POLICY procedure, 7.3.1
DBMS_RLS.ENABLE_POLICY procedure, 7.3.1
DBMS_RLS.REFRESH_GROUPED_POLICY procedure, 7.3.1
DBMS_RLS.REFRESH_POLICY procedure, 7.3.1
DBMS_SESSION package
client identifiers, using, 3.10.2.5
global application context, used in, 6.4.3
SET_CONTEXT procedure
about, 6.3.3.6
application context name-value pair, setting, 6.3.3.1
DBMS_SESSION.SET_CONTEXT procedure
about, 6.3.3.6
syntax, 6.3.3.6
username and client_id settings, 6.4.3.3
DBMS_SESSION.SET_IDENTIFIER procedure
client session ID, setting, 6.4.1
DBMS_APPLICATION.SET_CLIENT_INFO value, overwritten by, 3.10.2.5
DBMS_SQLHASH encryption package
about, 8.4.1
GETHASH function, 8.4.2
DBSNMP user account
password usage, 10.5
DDL
See data definition language
default passwords, 10.5, 10.5, 10.5, 10.5
change_on_install or manager passwords, 10.5
changing, importance of, 3.2.3.2
finding, 3.2.3.2
default permissions, 10.6
default profiles
about, 3.2.3.3
default roles
setting for user, 2.2.8
specifying, 4.10.2
default users
accounts, 10.3, 10.3
Enterprise Manager accounts, 10.3
passwords, 10.5
defaults
tablespace quota, 2.2.5
user tablespaces, 2.2.4
definer's rights
about, 4.5.6.3
procedure privileges, used with, 4.5.6.3
procedure security, 4.5.6.3
secure application roles, 5.5.2
used with Oracle Virtual Private Database functions, 7.1.3
DELETE privilege
SQL statements permitted, 5.8.2
DELETE_CATALOG_ROLE role
about, 4.4.2
SYS schema objects, enabling access to, 4.3.2.2
denial-of-service (DoS) attacks
bad packets, preventing, 5.9.1
networks, securing, 10.9.2
denial-of-service attacks
about, Glossary
denial-of-service(DoS) attacks
audit trail, writing to operating system file, 9.3.4.3
deprecated security features, Preface
dictionary protection mechanism, 4.3.2.1
direct path load
fine-grained auditing effects on, 9.5.1
directory authentication, configuring for SYSDBA or SYSOPER access, 3.3.1.1
directory object auditing
configuring, 9.3.11.2
removing, 9.3.11.3
directory objects
auditing, 9.3.11.1
granting EXECUTE privilege on, 4.6.1
directory-based services authentication, 3.6.2
disabling unnecessary services
FTP, TFTP, TELNET, 10.9.2
dispatcher processes (Dnnn)
limiting SGA space for each session, 2.4.2.5
distributed databases
auditing and, 9.1.6
DML
See data manipulation language
driving context, 6.6
DROP PROFILE statement
example, 2.4.4.2
DROP ROLE statement
example, 4.4.6
security domain, affected, 4.4.6
DROP USER statement
about, 2.5
schema objects of dropped user, 2.5
DUAL table
about, 6.3.3.2
dynamic Oracle Virtual Private Database policy types, 7.3.6.2
DYNAMIC policy type, 7.3.6.2

E

editions
application contexts, how affects, 6.1.5
fine-grained auditing packages, results in, 6.4.3.2
global application contexts, how affects, 6.4.3.2
Oracle Virtual Private Database packages, results in, 6.4.3.2
EJBCLIENT role, 4.4.2
email alert example, 9.5.10.1
encryption
access control, 8.1.1
BLOBS, 8.2.6
challenges, 8.2
data security, problems not solved by, 8.1.3
data transfer, 10.9.2
DBMS_CRYPTO package, 8.3, 8.3
deleted encrypted data, 10.6
examples, 8.5.1
finding information about, 8.6
fine-grained audit policies on encrypted columns, 9.5.9.2
indexed data, 8.2.1
key generation, 8.2.2
key storage, 8.2.4
key transmission, 8.2.3
keys, changing, 8.2.5
malicious database administrators, 8.1.2
network traffic, 10.9.2
problems not solved by, 8.1
transparent data encryption, 8.2.4.4
transparent tablespace encryption, 8.2.4.4
enterprise directory service, 4.4.4.4
Enterprise Edition, 10.5
Enterprise Manager
granting roles, 4.4.5
statistics monitor, 2.4.3
enterprise roles, 3.7, 4.4.4.4
enterprise user management, 5.2.1
Enterprise User Security
application context, globally initialized, 6.3.7.3
proxy authentication
Oracle Virtual Private Database, how it works with, 7.5.9
enterprise users
centralized management, 3.7
global role, creating, 4.4.4.4
One Big Application User authentication, compromised by, 5.2.1
proxy authentication, 3.10.1.1
shared schemas, protecting users, 5.7.2
errors
OPW-00005, 2.3.4
ORA-00036, 9.5.9.2
ORA-01720, 4.5.5.2
ORA-06512, 9.5.10.6
ORA-1000, 9.5.9.2
ORA-24247, 4.11.3, 9.5.10.6
ORA-28009, 4.3.2.1
ORA-28031, 4.10.2
ORA-28040, 3.4.1
ORA-28046
ORA-28046 error, 2.3.4
ORA-28132, Preface
ORA-28133, 9.5.9.2
ORA-28144, 9.5.9.2
examples
access control lists
external network connections, 4.11.6
wallet access, 4.11.6
account locking, 3.2.3.5
audit trail, purging, 9.9.7
audit trigger to record before-and-after values, 9.7
data encryption
encrypting and decrypting BLOB data, 8.5.3
encrypting and decrypting procedure with AES 256-Bit, 8.5.2
directory objects, granting EXECUTE privilege on, 4.6.1
encrypting procedure, 8.5.1
Java code to read passwords, 5.3.4
locking an account with CREATE PROFILE, 3.2.3.5
login attempt grace period, 3.2.3.7
nondatabase user authentication, 6.4.3.6
O7_DICTIONARY_ACCESSIBILITY initialization parameter, setting, 4.3.2.1
passwords
aging and expiration, 3.2.3.7
changing, 2.3.3
creating for user, 2.2.3
privileges
granting ADMIN OPTION, 4.6.1.1
views, 4.12
procedure privileges affecting packages, 4.5.6.7, 4.5.6.7
profiles, assigning to user, 2.2.7
roles
altering for external authorization, 4.4.3
creating for application authorization, 4.4.4.2
creating for external authorization, 4.4.4.3
creating for password authorization, 4.4.3
default, setting, 4.10.2
using SET ROLE for password-authenticated roles, 4.4.4.1
views, 4.12
secure external password store, 3.2.5.2
session ID of user
finding, 2.5
terminating, 2.5
system privilege and role, granting, 4.6.1
tablespaces
assigning default to user, 2.2.4
quota, assigning to user, 2.2.5
temporary, 2.2.6
type creation, 4.5.7.5
users
account creation, 2.2.1
creating with GRANT statement, 4.6.1.2
dropping, 2.5
middle-tier server proxying a client, 3.10.1.4
naming, 2.2.2
object privileges granted to, 4.6.2
proxy user, connecting as, 3.10.1.4
See also tutorials
exceptions
WHEN NO DATA FOUND, used in application context package, 6.3.5.4
WHEN OTHERS, used in triggers
development environment (debugging) example, 6.3.4
production environment example, 6.3.4
exclusive mode
SHA-1 password hashing algorithm, enabling, 3.2.4
EXECUTE ANY LIBRARY statement
security guidelines, 10.3
EXECUTE privilege
SQL statements permitted, 5.8.2
EXECUTE_CATALOG_ROLE role
about, 4.4.2
SYS schema objects, enabling access to, 4.3.2.2
execution time for statements, measuring, 7.3.6.2
EXEMPT ACCESS POLICY privilege
Oracle Virtual Private Database enforcements, exemption, 7.5.7.2
EXP_FULL_DATABASE role
about, 4.4.2
expiring a password
explicitly, 3.2.3.7
exporting data
direct path export impact on Oracle Virtual Private Database, 7.5.7.2
policy enforcement, 7.5.7.2
external authentication
about, 3.8.1
advantages, 3.8.2
network, 3.8.5
operating system, 3.8.4, 3.8.4
user creation, 3.8.3
external network services, fine-grained access to
See access control list (ACL)
external tables, 10.6

F

failed login attempts
account locking, 3.2.3.5
password management, 3.2.3.5
resetting, 3.2.3.5
features, new security
See new features, security
files
BFILEs
operating system access, restricting, 10.6
BLOB, 8.2.6
data
operating system access, restricting, 10.6
external tables
operating system access, restricting, 10.6
keys, 8.2.4.2
listener.ora file
guidelines for security, 10.9.2, 10.9.3
log
audit file location for Windows, 9.6.2
audit file locations, 9.3.4.5
operating system access, restricting, 10.6
restrict listener access, 10.9.2
server.key encryption file, 10.9.3
symbolic links, restricting, 10.6
tnsnames.ora, 10.9.3
trace
operating system access, restricting, 10.6
fine-grained access control
See Oracle Virtual Private Database (VPD)
fine-grained auditing
about, 9.5.1
activities always recorded, 9.5.5
advantages, 9.5.3, 9.5.3
alerts, adding to policy, 9.5.10.1
archiving audit trail, 9.8.2.5
columns, specific, 9.5.9.2
creating audit trail for, 9.5.7
DBMS_FGA package, 9.5.9.1
direct loads of data, 9.5.1, 9.5.1
edition-based redefinitions, 9.5.6
editions, results in, 6.4.3.2
encrypted table columns, 9.5.9.2
finding errors by checking trace files, 9.10
how audit records are generated, 9.5.8
how to use, 9.5.1
location of audit records, 9.5.2
non-SYS activities audited, 9.1.4
policies
adding, 9.5.9.2
disabling, 9.5.9.3
dropping, 9.5.9.4
enabling, 9.5.9.3
modifying, 9.5.9.2
where created, 9.5.9.2
privileges needed, 9.5.4
records
archiving, 9.8.2.5
See also SYS.FGA_LOG$ table
firewalls
advice about using, 10.9.2
database server location, 10.9.2
ports, 10.9.3
supported types, 10.9.2
flashback query
auditing, used with, 9.8.2.1
Oracle Virtual Private Database, how it works with, 7.5.6
foreign keys
privilege to use parent key, 4.5.4.2
FTP service, 10.9.2
functions
auditing, 9.3.12.1
Oracle Virtual Private Database
components of, 7.2.1
privileges used to run, 7.1.3
privileges for, 4.5.6.1
roles, 4.4.1.5

G

GATHER_SYSTEM_STATISTICS role, 4.4.2
global application contexts
about, 6.4.1
authenticating nondatabase users, 6.4.3.6
components, 6.4.1
editions, affect on, 6.4.3.2
example of authenticating nondatabase users, 6.4.3.6
example of authenticating user moving to different application, 6.4.3.5
example of setting values for all users, 6.4.3.4
Oracle RAC instances, 6.4.1
ownership, 6.4.2
PL/SQL package creation, 6.4.3.1
process, lightweight users, 6.4.6.2
process, standard, 6.4.6.1
sharing values globally for all users, 6.4.3.4
system global area, 6.4.1
tutorial for client session IDs, 6.4.5.1
used for One Big Application User scenarios, 7.5.9
user name retrieval with USER function, 6.4.3.3
uses for, 7.5.9
See also application contexts
global authentication
about, 3.7
advantages, 3.7.2
user creation for private schemas, 3.7.1.1
user creation for shared schemas, 3.7.1.2
global authorization
about, 3.7
advantages, 3.7.2
role creation, 4.4.4.4
roles, 3.7
global roles
about, 4.4.4.4
global users, 3.7
GLOBAL_AQ_USER_ROLE role, 4.4.2
grace period for login attempts
example, 3.2.3.7
grace period for password expiration, 3.2.3.7
GRANT ALL PRIVILEGES statement
SELECT ANY DICTIONARY privilege, exclusion of, 10.6
GRANT ANY OBJECT PRIVILEGE system privilege, 4.6.2.2, 4.7.2.1
GRANT ANY PRIVILEGE system privilege, 4.3.4
GRANT CONNECT THROUGH clause
consideration when setting FAILED_LOGIN_ATTEMPTS parameter, 3.2.3.3
for proxy authorization, 3.10.1.4
GRANT statement, 4.6.1
ADMIN OPTION, 4.6.1.1
creating a new user, 4.6.1.2
object privileges, 4.6.2, 5.8.1
system privileges and roles, 4.6
when takes effect, 4.10
WITH GRANT OPTION, 4.6.2.1
granting privileges and roles
about, 4.3.3
finding information about, 4.12
specifying ALL, 4.5.2
guidelines for security
auditing, 10.10
custom installation, 10.8, 10.8
data files and directories, 10.6
encrypting sensitive data, 10.6
installation and configuration, 10.8
networking security, 10.9
operating system accounts, limiting privileges, 10.6
operating system users, limiting number of, 10.6
Oracle home default permissions, disallowing modification, 10.6
ORACLE_DATAPUMP access driver, 10.7
passwords, 10.5
Secure Sockets Layer
mode, 10.9.3
TCPS protocol, 10.9.3
symbolic links, restricting, 10.6
user accounts and privileges, 10.3

H

hackers
See security attacks
HS_ADMIN_EXECUTE_ROLE role
about, 4.4.2
HS_ADMIN_ROLE role
about, 4.4.2
HS_ADMIN_SELECT_ROLE role
about, 4.4.2
HTTP authentication
See access control lists (ACL), wallet access
HTTPS
port, correct running on, 10.9.3

I

IMP_FULL_DATABASE role
about, 4.4.2
INDEX privilege
SQL statements permitted, 5.8.2
indexed data
encryption, 8.2.1
indirectly granted roles, 4.4.1.1
initialization parameters
application protection, 5.9
AUDIT_FILE_DEST, 9.1.5, 9.6.2
AUDIT_SYS_OPERATIONS, 9.6.2
AUDIT_SYSLOG_LEVEL, 9.3.5.4
AUDIT_TRAIL
about, 9.3.2.1
using, 9.3.2.2
current value, checking, 9.3.2.1
MAX_ENABLED_ROLES, 4.10.3
O7_DICTIONARY_ACCESSIBILITY, 4.3.2.1
OS_AUTHENT_PREFIX, 3.8.1
OS_ROLES, 4.4.4.3.1
REMOTE_OS_AUTHENT, 10.9.1
RESOURCE_LIMIT, 2.4.4
SEC_CASE_SENSITIVE_LOGON, 3.2.3.10
SEC_MAX_FAILED_LOGIN_ATTEMPTS, 5.9.3
SEC_PROTOCOL_ERROR_FURTHER_ACTION, 5.9.2
SEC_PROTOCOL_ERROR_TRACE_ACTION, 5.9.1
SEC_RETURN_SERVER_RELEASE_BANNER, 5.9.4
SEC_USER_AUDIT_ACTION_BANNER, 5.9.5
SEC_USER_UNAUTHORIZED_ACCESS_BANNER, 5.9.5
INSERT privilege
granting, 4.6.2.3
revoking, 4.7.2.2
SQL statements permitted, 5.8.2
installation
guidelines for security, 10.8
intruders
See security attacks
invoker's rights
about, 4.5.6.4
procedure privileges, used with, 4.5.6.3
procedure security, 4.5.6.4
secure application roles, 5.5.2
secure application roles, requirement for enabling, 5.5.2
IP addresses
falsifying, 10.9.2

J

JAVA_ADMIN role, 4.4.2
JAVA_DEPLOY role, 4.4.2
JAVADEBUGPRIV role, 4.4.2
JAVAIDPRIV role, 4.4.2
JAVASYSPRIV role, 4.4.2
JAVAUSERPRIV role, 4.4.2
JDBC connections
JDBC Thin Driver proxy authentication
configuring, 3.10.1.1
with real user, 3.10.1.6
JDBC/OCI proxy authentication, 3.10.1.1
multiple user sessions, 3.10.1.6
Oracle Virtual Private Database, 7.5.9
JMXSERVER role, 4.4.2

K

Kerberos authentication, 3.6.2
configuring for SYSDBA or SYSOPER access, 3.3.1.2
password management, 10.5
key generation
encryption, 8.2.2
key storage
encryption, 8.2.4
key transmission
encryption, 8.2.3

L

LBAC_DBA role, 4.4.2
least privilege principle, 10.3
about, 10.3
granting user privileges, 10.3
middle-tier privileges, 3.10.1.7
libraries
security guidelines, 10.3
lightweight users
example using a global application context, 6.4.5.1
Lightweight Directory Access Protocol (LDAP), 7.4.2.8
listener
not an Oracle owner, 10.9.2
preventing online administration, 10.9.2
restrict privileges, 10.9.2, 10.9.2
secure administration, 10.9.2
listener.ora file
administering remotely, 10.9.2, 10.9.2
default location, 10.9.3
online administration, preventing, 10.9.2
TCPS, securing, 10.9.3
LOBS
auditing, 9.5.3
lock and expire
default accounts, 10.3
predefined user accounts, 10.3
log files
auditing, default location, 9.3.4.5
owned by trusted user, 10.6
Windows Event Viewer, 9.6.2
logical reads limit, 2.4.2.4
logon triggers
auditing current session, 9.3.7.3
examples, 6.3.4
externally initialized application contexts, 6.3.4
secure application roles, 4.4.8
LOGSTDBY_ADMINISTRATOR role, 4.4.2

M

malicious database administrators
See also security attacks
manager default password, 10.5
mandatory auditing
about, 9.1.5
syslog, written to, 9.1.5
memory
users, viewing, 2.6.5
MERGE INTO statement, affected by DBMS_RLS.ADD_POLICY statement_types parameter, 7.3.3
methods
privileges on, 4.5.7
MGMT_USER role, 4.4.2
middle-tier systems
auditing real user actions, 3.10.1.11
client identifiers, 3.10.2.2
enterprise user connections, 3.10.1.10.2
password-based proxy authentication, 3.10.1.10.1
privileges, limiting, 3.10.1.7
proxies authenticating users, 3.10.1.8
proxying but not authenticating users, 3.10.1.9
reauthenticating user to database, 3.10.1.10
USERENV namespace attributes, accessing, 6.3.6.3
monitoring user actions
See also auditing, standard auditing, fine-grained auditing
multiplex multiple-client network sessions, 10.9.2
My Oracle Support
security patches, downloading, 10.2.1

N

Net8
See Oracle Net
network auditing
about, 9.3.13.1
removing, 9.3.13.3
network authentication
external authentication, 3.8.5
guidelines for securing, 10.5
roles, granting using, 4.9
Secure Sockets Layer, 3.6.1
smart cards, 10.5
third-party services, 3.6.2
token cards, 10.5
X.509 certificates, 10.5
network connections
denial-of-service (DoS) attacks, addressing, 10.9.2
guidelines for security, 10.9, 10.9.1, 10.9.2
securing, 10.9.2
network IP addresses
guidelines for security, 10.9.2
new features, security, Preface
NOAUDIT statement
audit options, removing, 9.3.6.7
default object audit options, disabling, 9.3.10.6
network auditing, removing, 9.3.13.3
object auditing, removing, 9.3.10.6
privilege auditing, removing, 9.3.8.4
statement auditing, removing, 9.3.7.4, 9.3.7.4
nondatabase users
about, 6.4.1
audit record information, 9.8.1
auditing, 9.5.11.1
clearing session data, 6.4.3.7
creating client session-based application contexts, 6.5.1
global application contexts
package example, 6.4.3.6
reason for using, 6.4.1
setting, 6.4.3.6
tutorial, 6.4.5.1
One Big Application User authentication
about, 7.5.9
features compromised by, 5.2.1
security risks, 5.2.1
Oracle Virtual Private Database
how it works with, 7.5.9
tutorial for creating a policy group, 7.4.3.1
See also application contexts, client identifiers

O

O7_DICTIONARY_ACCESSIBILITY initialization parameter
about, 4.3.2.1
auditing privileges on SYS objects, 9.1.3, 9.3.1.2
data dictionary protection, 10.6
default setting, 10.6
securing data dictionary with, 4.3.2.1
object columns
auditing, 9.5.3
object privileges, 10.3
about, 4.5.3
granting on behalf of the owner, 4.6.2.2
managing, 5.8
revoking, 4.7.2
revoking on behalf of owner, 4.7.2.1
schema object privileges, 4.5.3
See also schema object privileges
synonyms, 4.5.3.3
objects
applications, managing privileges in, 5.8
granting privileges, 5.8.2
privileges
applications, 5.8.1
managing, 4.5.7
protecting in shared schemas, 5.7.2
protecting in unique schemas, 5.7.1
SYS schema, access to, 4.3.2.2
OEM_ADVISOR role, 4.4.2
OEM_MONITOR role, 4.4.2
OLAP_DBA role, 4.4.2
OLAP_USER role, 4.4.2
OLAP_XS_ADMIN role, 4.4.2
One Big Application User authentication
See nondatabase users
operating system audit trail
age, controlling, 9.8.3.3
audited actions in common with database audit trail, 9.3.3
size, controlling, 9.8.3.2
operating systems
accounts, 4.9.2
authentication
about, 3.5
advantages, 3.5
disadvantages, 3.5
roles, using, 4.9
authentication, external, 3.8.4
default permissions, 10.6
enabling and disabling roles, 4.9.5
operating system account privileges, limiting, 10.6
role identification, 4.9.2
roles and, 4.4.1.7
roles, granting using, 4.9
users, limiting number of, 10.6
OPW-00005 error, 2.3.4
ORA-01720 error, 4.5.5.2
ORA-06512 error, 9.5.10.6
ORA-1536 error, 2.2.5.1
ORA-24247 error, 4.11.3, 9.5.10.6
ORA-28002 error, 3.2.3.8
ORA-28009 error, 4.3.2.1
ORA-28031 error, 4.10.2
ORA-28040 error, 3.4.1
ORA-28132 error, Preface
Oracle Advanced Security
network authentication services, 10.5
network traffic encryption, 10.9.2
user access to application schemas, 5.7.2
Oracle Call Interface (OCI)
application contexts, client session-based, 6.5.1
proxy authentication, 3.10.1.1
Oracle Virtual Private Database, how it works with, 7.5.9
proxy authentication with real user, 3.10.1.6
security-related initialization parameters, 5.9
Oracle Connection Manager
securing client networks with, 10.9.2
Oracle Data Pump
exported data from VPD policies, 7.5.8
Oracle Database Enterprise User Security
password security threats, 3.2.4
Oracle Enterprise Security Manager
role management with, 3.6.2
Oracle home
default permissions, disallowing modification, 10.6
Oracle Internet Directory (OID)
authenticating with directory-based service, 3.6.2
SYSDBA and SYSOPER access, controlling, 3.3.1
Oracle Java Virtual Machine (OJVM)
permissions, restricting, 10.3
Oracle Label Security (OLS)
Oracle Virtual Private Database, using with, 7.5.7.1
Oracle Net
firewall support, 10.9.2
Oracle Real Application Clusters
archive timestamp for audit records, 9.9.3.4
global contexts, 6.4.1
Oracle Technology Network
security alerts, 10.2.1
Oracle Virtual Private Database
edition-based redefinitions, 7.5.1
exporting data using Data Pump Export, 7.5.8
Oracle Virtual Private Database (VPD)
about, 7.1.1
ANSI operations, 7.5.3
application contexts
tutorial, 7.4.2.1
used with, 7.1.4
applications
how it works with, 7.5.4
users who are database users, how it works with, 7.5.9
applications using for security, 5.2.2
automatic reparsing, how it works with, 7.5.5
benefits, 7.1.2
column level, 7.3.4.1
column masking behavior
enabling, 7.3.4.3
restrictions, 7.3.4.3
column-level display, 7.3.4.1
components, 7.2
configuring, 7.3
cursors, shared, 7.1.4
editions, results in, 6.4.3.2
Enterprise User Security proxy authentication, how it works with, 7.5.9
exporting data, 7.5.7.2
finding information about, 7.6
flashback query, how it works with, 7.5.6
function
auditing, 9.3.10.2
components, 7.2.1
how it is executed, 7.1.3
JDBC proxy authentication, how it works with, 7.5.9
MERGE INTO, ORA-28132 error, Preface
nondatabase user applications, how works with, 7.5.9
OCI proxy authentication, how it works with, 7.5.9
Oracle Label Security
exceptions in behavior, 7.5.7.2
using with, 7.5.7.1
outer join operations, 7.5.3
performance benefit, 7.1.2.2
policies, Oracle Virtual Private Database
about, 7.3.1
applications, validating, 7.3.5.5
attaching to database object, 7.3.2
column display, 7.3.4.1
column-level display, default, 7.3.4.2
dynamic, 7.3.6.2
multiple, 7.3.5.4
optimizing performance, 7.3.6.1
privileges used to run, 7.1.3
SQL statements, specifying, 7.3.3
policy groups
about, 7.3.5.1
benefits, 7.3.5.1
creating, 7.3.5.2
default, 7.3.5.3
tutorial, implementation, 7.4.3.1
policy types
context sensitive, about, 7.3.6.6
context sensitive, when to use, 7.3.6.8
context-sensitive, audited, 9.3.12.1
DYNAMIC, 7.3.6.2
dynamic, audited, 9.3.12.1
shared context sensitive, about, 7.3.6.7
shared context sensitive, when to use, 7.3.6.8
shared static, about, 7.3.6.4
shared static, when to use, 7.3.6.5
static, about, 7.3.6.3
static, audited, 9.3.12.1
static, when to use, 7.3.6.5
summary of features, 7.3.6.9
SELECT FOR UPDATE statements in policies, 7.5.2
tutorial, simple, 7.4.1.1
user models, 7.5.9
Web-based applications, how it works with, 7.5.9
Oracle Wallet Manager
X.509 Version 3 certificates, 3.6.2
Oracle wallets
authentication method, 3.6.2
Oracle Warehouse Builder
roles, predefined, 4.4.2
ORACLE_DATAPUMP access driver
guidelines for security, 10.7
OracleMetaLink
See My Oracle Support
ORAPWD password utility
case sensitivity in passwords, 3.2.3.10
password file authentication, 3.3.3
permissions to run, 3.3.3
ORAPWD utility
changing SYS password with, 2.3.4
ORDADMIN role, 4.4.2
OS_ROLES initialization parameter
operating system role grants, 4.9.5
operating-system authorization and, 4.4.4.3.1
REMOTE_OS_ROLES and, 4.9.6
using, 4.9.2
outer join operations
Oracle Virtual Private Database affect on, 7.5.3
OWB$CLIENT role, 4.4.2
OWB_DESIGNCENTER_VIEW role, 4.4.2
OWB_USER role, 4.4.2

P

packages
auditing, 9.3.12.1
examples, 4.5.6.7
examples of privilege use, 4.5.6.7
privileges
divided by construct, 4.5.6.7
executing, 4.5.6.1, 4.5.6.7
parallel execution servers, 6.3.3.4
parallel query, and SYS_CONTEXT, 6.3.3.4
pass phrase
read and parse server.key file, 10.9.3
password files
case sensitivity, effect on SEC_CASE_SENSITIVE_LOGON parameter, 3.2.3.10
how used to authenticate administrators, 3.3.3
PASSWORD statement
about, 2.3.3
PASSWORD_LIFE_TIME profile parameter, 3.2.3.7
PASSWORD_LOCK_TIME profile parameter, 3.2.3.5
PASSWORD_REUSE_MAX profile parameter, 3.2.3.6
PASSWORD_REUSE_TIME profile parameter, 3.2.3.6
passwords
about managing, 3.2.3.1
account locking, 3.2.3.5, 3.2.3.5
administrator
authenticating with, 3.3.3
guidelines for securing, 10.5
aging and expiration, 3.2.3.7
ALTER PROFILE statement, 3.2.3.1
altering, 2.3.3
application design guidelines, 5.3.1.2
applications, strategies for protecting passwords, 5.3
brute force attacks, 3.2.1
case sensitivity setting, SEC_CASE_SENSITIVE_LOGIN, 3.2.3.10
case sensitivity, configuring, 3.2.3.10
changing for roles, 4.4.3
complexity verification
about, 3.2.3.9
guidelines for security, 10.5
complexity, guidelines for enforcing, 10.5
connecting without, 3.5
CREATE PROFILE statement, 3.2.3.1
danger in storing as clear text, 10.5
database user authentication, 3.4.1
default profile settings
about, 3.2.3.3
default user account, 10.5
default, finding, 3.2.3.2
delays for incorrect passwords, 3.2.1
duration, 10.5
encrypting, 3.2.1, 10.5
examples of creating, 3.2.2
expiring
explicitly, 3.2.3.7
procedure for, 3.2.3.7
proxy account passwords, 3.10.1.4
with grace period, 3.2.3.7
failed logins, resetting, 3.2.3.5
finding version of, 3.2.3.10
grace period, example, 3.2.3.7
guidelines for security, 10.5
history, 3.2.3.6, 3.2.3.6, 10.5
Java code example to read passwords, 5.3.4
length, 10.5
life time set too low, 3.2.3.8
lifetime for, 3.2.3.7
lock time, 3.2.3.5
management rules, 10.5
managing, 3.2.3
maximum reuse time, 3.2.3.6
ORAPWD password utility, 3.2.3.10
password complexity verification, 3.2.3.9
password file risks, 3.3.3
PASSWORD_LOCK_TIME profile parameter, 3.2.3.5
PASSWORD_REUSE_MAX profile parameter, 3.2.3.6
PASSWORD_REUSE_TIME profile parameter, 3.2.3.6
policies, 3.2.3
privileges for changing for roles, 4.4.3
privileges to alter, 2.3.1
protections, built-in, 3.2.1
proxy authentication, 3.10.1.10.1
requirements
additional, 10.5
minimum, 3.2.2
reusing, 3.2.3.6, 10.5
reusing passwords, 3.2.3.6
roles authenticated by passwords, 4.4.3
roles enabled by SET ROLE statement, 4.4.4.1
secure external password store, 3.2.5.1
security risks, 3.3.3
SYS account, 2.3.4
SYS and SYSTEM, 10.5, 10.5
used in roles, 4.4.1.2
UTLPWDMG.SQL password script
password management, 3.2.3.9
verified using SHA-1 hashing algorithm, 3.2.4, 3.2.4
See also authentication, and access control list (ACL), wallet access
performance
application contexts, 6.1.3
auditing, 9.1.7
database audit trail, moving to different tablespace, 9.8.2.3
Oracle Virtual Private Database policies, 7.1.2.2
Oracle Virtual Private Database policy types, 7.3.6.1
resource limits and, 2.4.1
permissions
default, 10.6
run-time facilities, 10.3
PKI
See public key infrastructure (PKI)
PL/SQL
auditing of statements within, 9.3.1.3
roles in procedures, 4.4.1.5
PL/SQL functions
auditing, 9.3.12.2
PL/SQL packages
auditing, 9.3.12.1, 9.3.12.2
PL/SQL procedures
auditing, 9.3.12.2
setting application context, 6.3.3.1
PMON background process
application contexts, cleaning up, 6.3.1
positional parameters
security risks, 5.3.1.4
principle of least privilege, 10.3
about, 10.3
granting user privileges, 10.3
middle-tier privileges, 3.10.1.7
privileges
about, 4.1
access control lists, checking for external network services, 4.11.10
altering
passwords, 2.3.3
users, 2.3.1
altering role authentication method, 4.4.3
applications, managing, 5.4
audited when default auditing is enabled, 9.4.2
auditing use of, 9.3.8.1, 9.3.8.3
auditing, recommended settings for, 10.10.5
cascading revokes, 4.7.3
column, 4.6.2.3
compiling procedures, 4.5.6.6
creating or replacing procedures, 4.5.6.5
creating users, 2.2.1
dropping profiles, 2.4.4.2
finding information about, 4.12
granting
about, 4.3.3, 4.6
examples, 4.5.6.7, 4.5.6.7
object privileges, 4.5.3.1, 4.6.2
system, 4.6.1
system privileges, 4.6
grants, listing, 4.12.1
grouping with roles, 4.4
managing, 5.8
middle tier, 3.10.1.7
object, 4.5.1, 4.5.2, 5.8.2
granting and revoking, 4.5.3.1
on selected columns, 4.7.2.2
procedures, 4.5.6.1
creating and replacing, 4.5.6.5
executing, 4.5.6.1
in packages, 4.5.6.7
reasons to grant, 4.2
revoking privileges
about, 4.3.3
object, 4.7.2
object privileges, cascading effect, 4.7.3.2
object privileges, requirements for, 4.7.2
schema object, 4.5.3.1
revoking system privileges, 4.7.1
roles
creating, 4.4.3
dropping, 4.4.6
restrictions on, 4.4.1.6
roles, why better to grant, 4.2
schema object, 4.5.3
DML and DDL operations, 4.5.4
packages, 4.5.6.7
procedures, 4.5.6.1
SQL statements permitted, 5.8.2
synonyms and underlying objects, 4.5.3.3
system
granting and revoking, 4.3.3
SELECT ANY DICTIONARY, 10.6
SYSTEM and OBJECT, 10.3
system privileges
about, 4.3.1
trigger privileges, 4.5.6.3
used for Oracle Virtual Private Database policy functions, 7.1.3
view privileges
creating a view, 4.5.5.2
using a view, 4.5.5.3
views, 4.5.5.1
See also access control list (ACL) and system privileges.
procedures
auditing, 9.3.10.4, 9.3.12.1
compiling, 4.5.6.6
definer's rights
about, 4.5.6.3
roles disabled, 4.4.1.5.1
examples of, 4.5.6.7
examples of privilege use, 4.5.6.7
invoker's rights
about, 4.5.6.4
roles used, 4.4.1.5.2
privileges for procedures
create or replace, 4.5.6.5
executing, 4.5.6.1
executing in packages, 4.5.6.7
privileges required for, 4.5.6.5
security enhanced by, 4.5.6.3
process monitor process (PMON)
cleans up timed-out sessions, 2.4.2.5
PRODUCT_USER_PROFILE table, 4.4.7.2
SQL commands, disabling with, 4.4.7.2
products and options
install only as necessary, 10.8
profile parameters
FAILED_LOGIN_ATTEMPTS, 3.2.3.3
PASSWORD_GRACE_TIME, 3.2.3.3, 3.2.3.7
PASSWORD_LIFE_TIME, 3.2.3.3, 3.2.3.7, 3.2.3.8
PASSWORD_LOCK_TIME, 3.2.3.3, 3.2.3.5
PASSWORD_REUSE_MAX, 3.2.3.3, 3.2.3.6
PASSWORD_REUSE_TIME, 3.2.3.3, 3.2.3.6
profiles, 2.4.4
about, 2.4.4
creating, 2.4.4.1
dropping, 2.4.4.2, 2.4.4.2
finding information about, 2.6.1
finding settings for default profile, 2.6.4
managing, 2.4.4
password management, 3.2.3.1
privileges for dropping, 2.4.4.2
specifying for user, 2.2.7
viewing, 2.6.4
proxy authentication
about, 3.10.1.1, 3.10.1.1
advantages, 3.10.1.2
auditing actions on behalf of real user, 3.10.1.11
auditing operations, 3.9.1
auditing users, 9.3.9
client-to-middle tier sequence, 3.10.1.6
creating proxy user accounts, 3.10.1.3
middle-tier
authorizing but not authenticating users, 3.10.1.9
authorizing to proxy and authenticate users, 3.10.1.8
limiting privileges, 3.10.1.7
reauthenticating users, 3.10.1.10
passwords, expired, 3.10.1.4
privileges required for creating users, 3.10.1.3
secure external password store, used with, 3.10.1.5
security benefits, 3.10.1.2
users, passing real identity of, 3.10.1.6
proxy user accounts
privileges required for creation, 3.10.1.3
PROXY_USER attribute, 6.3.6.3
PROXY_USERS view, 3.10.1.4
pseudo columns
USER, 4.5.5.3
PUBLIC
procedures and, 4.8
role, 4.8
public key infrastructure (PKI)
about, 3.6.2
PUBLIC role
about, 4.3.5
granting and revoking privileges to, 4.8
security domain of users, 4.4.1.4
security risk in privileges granted to, 4.3.5
PUBLIC_DEFAULT profile
profiles, dropping, 2.4.4.2

Q

quotas
tablespace, 2.2.5
temporary segments and, 2.2.5
unlimited, 2.2.5.2
viewing, 2.6.3

R

RADIUS authentication, 3.6.2
read-only mode, affect on AUDIT_TRAIL parameter, 9.3.2.2
reads
limits on data blocks, 2.4.2.4
RECOVERY_CATALOG_OWNER role
about, 4.4.2
redo log files
auditing committed and rolled back transactions, 10.10.3
REFERENCES privilege
CASCADE CONSTRAINTS option, 4.7.2.3
revoking, 4.7.2.2, 4.7.2.3
SQL statements permitted, 5.8.2
remote authentication, 10.9.1, 10.9.1
REMOTE_OS_AUTHENT initialization parameter
guideline for securing, 10.9.1
setting, 3.8.4
remote_os_authentication, 10.9.1
REMOTE_OS_ROLES initialization parameter
OS role management risk on network, 4.9.6
setting, 4.4.4.3.2
resource limits
about, 2.4.1
call level, limiting, 2.4.2.2
connection time for each session, 2.4.2.5
CPU time, limiting, 2.4.2.3
determining values for, 2.4.3
idle time in each session, 2.4.2.5
logical reads, limiting, 2.4.2.4
private SGA space for each session, 2.4.2.5
profiles, 2.4.4, 2.4.4
session level, limiting, 2.4.2.1
sessions
concurrent for user, 2.4.2.5
elapsed connection time, 2.4.2.5
idle time, 2.4.2.5
SGA space, 2.4.2.5
types, 2.4.2
RESOURCE privilege
CREATE SCHEMA statement, needed for, 5.7.1
RESOURCE role, 4.5.7.1
about, 4.4.2
REVOKE CONNECT THROUGH clause
revoking proxy authorization, 3.10.1.4
REVOKE statement
system privileges and roles, 4.7.1
when takes effect, 4.10
revoking privileges and roles
cascading effects, 4.7.3
on selected columns, 4.7.2.2
REVOKE statement, 4.7.1
specifying ALL, 4.5.2
when using operating-system roles, 4.9.4
role identification
operating system accounts, 4.9.2
ROLE_SYS_PRIVS view
application privileges, 5.4
ROLE_TAB_PRIVS view
application privileges, finding, 5.4
roles
about, 4.1, 4.4.1
ADM_PARALLEL_EXECUTE_TASK role, 4.4.2
ADMIN OPTION and, 4.6.1.1
advantages in application use, 5.4
application, 4.4.1.3.1, 4.4.7, 5.6, 5.6, 5.8
application privileges, 5.4
applications, for user, 5.6
AQ_ADMINISTRATOR_ROLE role, 4.4.2
AQ_USER_ROLE role, 4.4.2
AUTHENTICATEDUSER role, 4.4.2
authorization, 4.4.4
authorized by enterprise directory service, 4.4.4.4
CAPI_USER_ROLE role, 4.4.2
changing authorization for, 4.4.3
changing passwords, 4.4.3
CONNECT, 4.4.1.1
CONNECT role
about, 4.4.2
create your own, 10.4
CSW_USR_ROLE role, 4.4.2
CTXAPP role, 4.4.2
CWM_USER role, 4.4.2
database role, users, 5.6.1
DATAPUMP_EXP_FULL_DATABASE role, 4.4.2
DATAPUMP_IMP_FULL_DATABASE role, 4.4.2
DBA role, 4.4.2
DDL statements and, 4.4.1.6
default, 4.10.2
default, setting for user, 2.2.8
definer's rights procedures disable, 4.4.1.5.1
DELETE_CATALOG_ROLE role, 4.4.2
dependency management in, 4.4.1.6
disabling, 4.10.1
dropping, 4.4.6
EJBCLIENT role, 4.4.2
enabled or disabled, 4.4.1.1, 4.4.5
enabling, 4.10.1, 5.6
enterprise, 3.7, 4.4.4.4
EXECUTE_CATALOG_ROLE role, 4.4.2
EXP_FULL_DATABASE role, 4.4.2
finding information about, 4.12
functionality, 4.2, 4.4.1.1
functionality of, 4.4.1.1
GATHER_SYSTEM_STATISTICS role, 4.4.2
global authorization, 4.4.4.4
about, 4.4.4.4
global roles
about, 3.7
creating, 4.4.4.4
external sources, and, 4.4.4.3
GLOBAL_AQ_USER_ROLE role, 4.4.2
GRANT statement, 4.9.5
granted to other roles, 4.4.1.1
granting roles
about, 4.6
methods for, 4.4.5
system, 4.6.1
system privileges, 4.3.3
guidelines for security, 10.4
HS_ADMIN_EXECUTE_ROLE role, 4.4.2
HS_ADMIN_ROLE role, 4.4.2
HS_ADMIN_SELECT_ROLE role, 4.4.2
IMP_FULL_DATABASE role, 4.4.2
in applications, 4.4.1.2
indirectly granted, 4.4.1.1
invoker's rights procedures use, 4.4.1.5.2
JAVA_ADMIN role, 4.4.2
JAVA_DEPLOY role, 4.4.2
JAVADEBUGPRIV role, 4.4.2
JAVAIDPRIV role, 4.4.2
JAVASYSPRIV role, 4.4.2
JAVAUSERPRIV role, 4.4.2
JMXSERVER role, 4.4.2
job responsibility privileges only, 10.4
LBAC_DBA role, 4.4.2
listing grants, 4.12.2
listing privileges and roles in, 4.12.6
listing roles, 4.12.5
LOGSTDBY_ADMINISTRATOR role, 4.4.2
management using the operating system, 4.9
managing roles
about, 4.4
categorizing users, 5.8
managing through operating system, 4.4.1.7
maximum number a user can enable, 4.10.3
MGMT_USER role, 4.4.2
multibyte characters in names, 4.4.3
multibyte characters in passwords, 4.4.4.1
naming, 4.4.1
network authorization, 4.4.4.3.2
network client authorization, 4.4.4.3.2
OEM_ADVISOR role, 4.4.2
OEM_MONITOR role, 4.4.2
OLAP_DBA role, 4.4.2
OLAP_USER role, 4.4.2
OLAP_XS_ADMIN role, 4.4.2
One Big Application User, compromised by, 5.2.1
operating system, 4.9.2
operating system authorization, 4.4.4.3.1
operating system granting of, 4.9.5
operating system identification of, 4.9.2
operating system management and the shared server, 4.9.6
operating system-managed, 4.9.3, 4.9.4
operating-system authorization, 4.4.4.3
ORDADMIN role, 4.4.2
OWB$CLIENT role, 4.4.2
OWB_DESIGNCENTER_VIEW role, 4.4.2
OWB_USER role, 4.4.2
predefined, 4.4.2
privileges for creating, 4.4.3
privileges for dropping, 4.4.6
privileges, changing authorization method for, 4.4.3
privileges, changing passwords, 4.4.3
RECOVERY_CATALOG_OWNER role, 4.4.2
RESOURCE role, 4.4.2
restricting from tool users, 4.4.7
restrictions on privileges of, 4.4.1.6
REVOKE statement, 4.9.5
revoking, 4.4.5, 4.7.1
revoking ADMIN option, 4.7.1
SCHEDULER_ADMIN role, 4.4.2
schemas do not contain, 4.4.1
security domains of, 4.4.1.4
SELECT_CATALOG_ROLE role, 4.4.2
SET ROLE statement, 4.9.5
setting in PL/SQL blocks, 4.4.1.5.2
SNMPAGENT role, 4.4.2
SPATIAL_CSW_ADMIN role, 4.4.2
SPATIAL_WFS_ADMIN role, 4.4.2
unique names for, 4.4.3
use of passwords with, 4.4.1.2
user, 4.4.1.3.2, 5.8
users capable of granting, 4.4.5.1
uses of, 4.4.1.1, 4.4.1.3
WFS_USR_ROLE role, 4.4.2
WITH GRANT OPTION and, 4.6.2.1
without authorization, 4.4.3
WKUSER role, Preface
WM_ADMIN_ROLE role, 4.4.2
XDB_SET_INVOKER roles, 4.4.2
XDB_WEBSERVICES role, 4.4.2
XDB_WEBSERVICES_OVER_HTTP role, 4.4.2
XDB_WEBSERVICES_WITH_PUBLIC role, 4.4.2
XDBADMIN role, 4.4.2
See also secure application roles
root file paths
for files and packages outside the database, 10.3
row-level security
See fine-grained access control, Oracle Virtual Private Database (VPD)
RSA private key, 10.9.3
run-time facilities, 10.3
restriction permissions, 10.3

S

sample schemas, 10.8
Sample Schemas
remove or relock for production, 10.8
test database, 10.8
Sarbanes-Oxley Act
auditing to meet compliance, 9.1.1
SCHEDULER_ADMIN role
about, 4.4.2
schema object auditing
enabling, 9.3.10.5
removing, 9.3.10.6
schema object privileges, 4.5.3
schema objects
audit options, removing, 9.3.10.6
auditing, 9.3.10.1
auditing procedures or functions, 9.3.10.5
cascading effects on revoking, 4.7.3.2
default audit options, 9.3.10.5
default tablespace for, 2.2.4
dropped users, owned by, 2.5
enabling audit options on, 9.3.10.5
granting privileges, 4.6.2
privileges
DML and DDL operations, 4.5.4
granting and revoking, 4.5.3.1
view privileges, 4.5.5.1
privileges on, 4.5.3
privileges to access, 4.5.2
privileges with, 4.5.2
removing audit options, 9.3.8.4
revoking privileges, 4.7.2
schema-independent users, 5.7.2
schemas
auditing, recommended settings for, 10.10.5
private, 3.7.1.1
shared among enterprise users, 3.7.1.2
shared, protecting objects in, 5.7.2
unique, 5.7
unique, protecting objects in, 5.7.1
SCOTT user account
restricting privileges of, 10.4
script files
audit trail views, removing, 9.10.3
CATNOAUD.SQL, 9.10.3
scripts, authenticating users in, 3.2.5.1
SEC_CASE_SENSITIVE_LOGON initialization parameter
about, 3.2.3.10
conflict with SQLNET.ALLOWED_LOGON_VERSION setting, 3.2.3.10
SEC_MAX_FAILED_LOGIN_ATTEMPTS initialization parameter, 5.9.3
SEC_PROTOCOL_ERROR_FURTHER_ACTION initialization parameter, 5.9.2
SEC_PROTOCOL_ERROR_TRACE_ACTION initialization parameter, 5.9.1
sec_relevant_cols_opt parameter, 7.3.4.3
SEC_RETURN_SERVER_RELEASE_BANNER initialization parameter, 5.9.4
SEC_USER_AUDIT_ACTION_BANNER initialization parameter, 5.9.5
SEC_USER_UNAUTHORIZED_ACCESS_BANNER initialization parameter, 5.9.5
secconf.sql script
audit settings, 9.4.3
password settings, 3.2.3.4
secure application roles
about, 4.4.8
creating, 5.5.1
creating PL/SQL package, 5.5.2
finding with DBA_ROLES view, 4.12
invoker's rights, 5.5.2
invoker's rights requirement, 5.5.2
package for, 5.5.2
SET ROLE statement, 5.5.2
user environment information from SYS_CONTEXT SQL function, 5.5.2, 5.5.2
using to ensure database connection, 4.4.8
secure external password store
about, 3.2.5.1
client configuration, 3.2.5.3
examples, 3.2.5.2
how it works, 3.2.5.2
proxy authentication, used with, 3.10.1.5
Secure Sockets Layer (SSL)
about, 3.6.1
certificate key algorithm, 10.9.3
cipher suites, 10.9.3
configuration files, securing, 10.9.3
configuring for SYSDBA or SYSOPER access, 3.3.1.3
global users with private schemas, 3.7.1.1
guidelines for security, 10.9.3, 10.9.3
listener, administering, 10.9.2
mode, 10.9.3
pass phrase, 10.9.3
RSA private key, 10.9.3
securing SSL connection, 10.9.3
server.key file, 10.9.3
TCPS, 10.9.3
version support, Preface
security
application enforcement of, 4.4.1.2
default user accounts
locked and expired automatically, 10.3
locking and expiring, 10.3
domains, enabled roles and, 4.4.5
enforcement in application, 5.2.2
enforcement in database, 5.2.2
multibyte characters in role names, 4.4.3
multibyte characters in role passwords, 4.4.4.1
passwords, 3.4.1
policies
applications, 5.1
SQL*Plus users, restricting, 4.4.7
tables or views, 7.1.2.1
procedures enhance, 4.5.6.3
resources, additional, 1.2
roles, advantages in application use, 5.4
See also security risks
security alerts, 10.2.1
security attacks
access to server after protocol errors, preventing, 5.9.2
application context values, attempts to change, 6.3.2
application design to prevent attacks, 5.3
command line recall attacks, 5.3.1.1, 5.3.1.4
denial of service, 10.9.2
denial-of-service
bad packets, addressing, 5.9.1
denial-of-service attacks through listener, 10.9.2
disk flooding, preventing, 5.9.1
eavesdropping, 10.9.1
encryption, problems not solved by, 8.1.2
falsified IP addresses, 10.9.1
falsified or stolen client system identities, 10.9.1
hacked operating systems or applications, 10.9.1
intruders, 8.1.2
non-SYS activities audited, 9.1.4
password cracking, 3.2.1
password protections against, 3.2.1
preventing malicious attacks from clients, 5.9
preventing password theft with proxy authentication and secure external password store, 3.10.1.5
session ID, need for encryption, 6.4.4.3
shoulder surfing, 5.3.1.4
SQL injection attacks, 5.3.1.2
unlimited authenticated requests, preventing, 5.9.3
user session output, hiding from intruders, 6.3.4
See also security risks
security domains
enabled roles and, 4.4.1.1
security patches
about, 10.2.1
downloading, 10.2.1
security policies
See Oracle Virtual Private Database, policies
security risks
ad hoc tools, 4.4.7.1, 4.4.7.1
application users not being database users, 5.2.1
applications enforcing rather than database, 5.2.2
audit records being tampered with, 9.3.5.1
bad packets to server, 5.9.1
database audit trail, protecting, 9.1.3
database version displaying, 5.9.4
encryption keys, users managing, 8.2.4.3
password files, 3.3.3
passwords exposed in large deployments, 3.2.5.1
passwords, exposing in programs or scripts, 5.3.1.4
positional parameters in SQL scripts, 5.3.1.4
privileges carelessly granted, 4.3.5
privileges granted to PUBLIC role, 4.3.5
remote user impersonating another user, 4.4.4.3.2
sensitive data in audit trail, 10.10.1
server falsifying identities, 10.9.3
users with multiple roles, 5.6.1
See also security attacks
security settings scripts
audit settings
secconf.sql, 9.4.3
password settings
secconf.sql, 3.2.3.4
undoaud.sql, 9.4.3
undopwd.sql, 3.2.3.4
SELECT ANY DICTIONARY privilege
data dictionary, accessing, 10.6
exclusion from GRANT ALL PRIVILEGES privilege, 10.6
SELECT FOR UPDATE statement in Virtual Private Database policies, 7.5.2
SELECT privilege
SQL statements permitted, 5.8.2
SELECT_CATALOG_ROLE role
about, 4.4.2
SYS schema objects, enabling access to, 4.3.2.2
separation of duty concepts, Glossary
sequences
auditing, 9.3.10.2
server.key file
pass phrase to read and parse, 10.9.3
service-oriented architecture (SOA)
security enhancements for Oracle XML DB, Preface
SESSION_ROLES data dictionary view
PUBLIC role, 4.3.5
SESSION_ROLES view
queried from PL/SQL block, 4.4.1.5.1
sessions
listing privilege domain of, 4.12.4
memory use, viewing, 2.6.5
time limits on, 2.4.2.5
when auditing options take effect, 9.3.1.3
SET ROLE statement
application code, including in, 5.6.2
associating privileges with role, 5.6.1
disabling roles with, 4.10.1
enabling roles with, 4.10.1
secure application roles, 5.5.2
when using operating-system roles, 4.9.5
SGA
See System Global Area (SGA)
SHA-1 hashing algorithm
about, 3.2.4
enabling exclusive mode, 3.2.4
how it increases password safety, 3.2.4
recommended by Oracle, 3.2.4
Shared Global Area (SGA)
See System Global Area (SGA)
shared server
limiting private SQL areas, 2.4.2.5
operating system role management restrictions, 4.9.6
shoulder surfing, 5.3.1.4
SHOW PARAMETER command, 9.3.2.1
smart cards
guidelines for security, 10.5
SNMPAGENT role
about, 4.4.2
SOA
See service-oriented architecture
SPATIAL_CSW_ADMIN role, 4.4.2
SPATIAL_WFS_ADMIN role, 4.4.2
SQL injection attacks, 5.3.1.2
SQL statements
audited when default auditing is enabled, 9.4.2
auditing
about, 9.3.7.1
configuring, 9.3.7.3
removing, 9.3.7.4
when records generated, 9.3.1.3
dynamic, 6.3.3.3
object privileges permitting in applications, 5.8.2
privileges required for, 4.5.3, 5.8.2
resource limits and, 2.4.2.2
restricting ad hoc use, 4.4.7.1, 4.4.7.1
SQL*Net
See Oracle Net
SQL*Plus
connecting with, 3.5
restricting ad hoc use, 4.4.7.1, 4.4.7.1
statistics monitor, 2.4.3
SQLNET.ALLOWED_LOGON_VERSION parameter
conflict with SEC_CASE_SENSITIVE_LOGON FALSE setting, 3.2.3.10
SSL
See Secure Sockets Layer
standard audit trail
activities always recorded, 9.1.5
AUDIT SQL statement, 9.3.6.1
auditing standard audit trail, 9.8.2.4
controlling size of, 9.8.2.2
disabling, 9.3.2.1
enabling, 9.3.2.1
maximum size of, 9.8.2.2
NOAUDIT SQL statement, 9.3.6.7
records, purging, 9.8.3.4
size, reducing, 9.9.5
transaction independence, 9.3.1.3
when created, 9.3.1.3
standard auditing
about, 9.3.1.1
administrative users on all platforms, 9.6.2
affected by editions, 9.3.10.3
archiving audit trail, 9.8.2.5
audit option levels, 9.3.6.1
audit trails
database, 9.8.2.1
auditing
default auditing, enabling, 9.4.1
cursors, affect on auditing, 9.3.6.4
database audit trail records, 9.8.2.1
DDL statement auditing, 9.3.7.2
default options, 9.3.10.5
default options, disabling, 9.3.10.6
directory object auditing
about, 9.3.11.1
configuring, 9.3.11.2
removing, 9.3.11.3
disabling options versus auditing, 9.3.6.7
DML statements, 9.3.7.2
information stored in operating system file, 9.3.4.1
mandatory auditing, 9.1.5
network auditing
about, 9.3.13.1
configuring, 9.3.13.2
error types recorded, 9.3.13.1
removing, 9.3.13.3
non-SYS activities audited, 9.1.4
object auditing
See standard auditing, schema object
operating system audit trail, 9.3.4.1
file location, 9.3.4.5
operating system audit trail using, 9.3.4.3
privilege auditing
about, 9.3.8.1
configuring, 9.3.8.3
multitier environment, 9.3.9
options, 9.3.8.3
removing, 9.3.8.4
types, 9.3.8.2
privileges needed, 9.3.1.2
procedures or functions, 9.3.10.5
range of focus, 9.3.6
records
archiving, 9.8.2.5
removing, 9.3.6.7
schema object
objects created in the future, 9.3.10.7
schema object auditing
about, 9.3.10.1
enabling, 9.3.10.5
example, 9.3.10.5
options, 9.3.10.4
removing, 9.3.10.6
types, 9.3.10.2
SQL statement
See standard auditing, statement auditing
statement auditing
about, 9.3.7.1
all statements for individual users, 9.3.7.3
all statements for the current session, 9.3.7.3
configuring, 9.3.7.3
multitier environment, 9.3.9
removing, 9.3.7.4
SQL statement shortcuts by individual users, 9.3.7.3
statement level, 9.3.7.3
types you can audit, 9.3.7.2
statement executions, number of, 9.3.6.3
successful or unsuccessful, 9.3.6.2
setting, 9.3.6.2
SYS users, 9.6.2, 9.6.2
syslog audit trail on UNIX systems, 9.3.5
user, 9.3.6.6
See also auditing, standard audit trail, SYS.AUD$ table
statement_types parameter of DBMS_RLS.ADD_POLICY procedure, 7.3.3
STMT_AUDIT_OPTION_MAP table, 9.3.3
storage
quotas and, 2.2.5
unlimited quotas, 2.2.5.2
stored procedures
using privileges granted to PUBLIC, 4.8
strong authentication
centrally controlling SYSDBA and SYSOPER access to multiple databases, 3.3.1
guideline, 10.5
symbolic links
restricting, 10.6
synonyms
object privileges, 4.5.3.3
SYS account
changing password, 2.3.4
policy enforcement, 7.5.7.2
SYS and SYSTEM
passwords, 10.5, 10.5
SYS schema
objects, access to, 4.3.2.2
SYS_CONTEXT function
about, 6.3.3.1
auditing current session, 9.3.7.3
auditing nondatabase users with, 9.5.11.3
database links, 6.3.3.5
dynamic SQL statements, 6.3.3.3
example, 6.3.3.6
parallel query, 6.3.3.4
STATIC policies, 7.3.6.5
syntax, 6.3.3.2, 6.3.3.2
validating users, 5.5.2
SYS_DEFAULT Oracle Virtual Private Database policy group, 7.3.5.3
SYSASM privilege, Preface
SYS.AUD$ table
about, 9.8.2.1
archiving, 9.8.2.5
audit records, writing to, 9.3.2.2
contents, 9.8.2.1
data values in audited statement, 9.8.2.1
location in Oracle Database Vault environment, 9.1.3
modifying manually, dangers of, 9.7
non-SYS actions audited, 9.1.4
purging, 9.8.2.5
too full or unavailable, 9.8.2.1
See also standard auditing
SYSAUX tablespace
moving database audit trail tables to, 9.8.2.3
SYS.FGA_LOG$
fine-grained auditing, 9.5.5
SYS.FGA_LOG$ table
about, 9.8.2.1
archiving, 9.8.2.5
contents, 9.8.2.1
data values in audited statement, 9.8.2.1
non-SYS actions audited, 9.1.4
purging, 9.8.2.5
too full or unavailable, 9.8.2.1
SYS.FGA_LOGS$ table
See also fine-grained auditing
syslog audit trail
about, 9.3.5.1
appearance, 9.3.5.3
configuring, 9.3.5.4
format, 9.3.5.2
format when AUDIT_TRAIL is set to XML, 9.3.2.2
mandatory audit records written to, 9.1.5
SYSMAN user account, 10.5, 10.5
SYS-privileged connections, 10.3
System Global Area (SGA)
application contexts, storing in, 6.1.3
global application context information location, 6.4.1
limiting private SQL areas, 2.4.2.5
system privileges, 10.3
about, 4.3.1
ADMIN OPTION, 4.3.4
ANY
guidelines for security, 10.6
ANY system privileges, 4.3.2
GRANT ANY OBJECT PRIVILEGE, 4.6.2.2, 4.7.2.1
GRANT ANY PRIVILEGE, 4.3.4
granting, 4.6.1
granting and revoking, 4.3.3
power of, 4.3.1
restriction needs, 4.3.2
revoking, cascading effect of, 4.7.3.1
SELECT ANY DICTIONARY, 10.6
SYSASM privilege, Preface
SYSTEM_PRIVILEGE_MAP table, 9.3.3

T

tables
auditing, 9.3.10.2
privileges on, 4.5.4
tablespaces
assigning defaults for users, 2.2.4
default quota, 2.2.5
quotas for users, 2.2.5
quotas, viewing, 2.6.3
temporary
assigning to users, 2.2.6
unlimited quotas, 2.2.5.2
TCPS protocol
Secure Sockets Layer, used with, 10.9.2
tnsnames.ora file, used in, 10.9.3
TELNET service, 10.9.2
TFTP service, 10.9.2
time measurement for statement execution, 7.3.6.2
token cards, 10.5
top-level SQL statements, 9.2
trace files
access to, importance of restricting, 10.6
bad packets, 5.9.1
location of, finding, 6.6
transparent data encryption, 8.2.4.4
transparent tablespace encryption, 8.2.4.4
triggers
audit data, recording, 9.7
auditing, 9.3.10.4, 9.3.12.1, 9.3.12.2
CREATE TRIGGER ON, 5.8.2
logon
examples, 6.3.4
externally initialized application contexts, 6.3.4
privileges for executing, 4.5.6.3
roles, 4.4.1.5
WHEN OTHERS exception, 6.3.4
troubleshooting
finding errors by checking trace files, 6.6
trusted procedure
database session-based application contexts, 6.1.2
tsnames.ora configuration file, 10.9.3
tutorials
application context, database session-based, 6.3.5.1
auditing
creating policy to audit nondatabase users, 9.5.11.1
creating policy using email alert, 9.5.10.1
external network services, using email alert, 9.5.10.1
global application context with client session ID, 6.4.5.1
nondatabase users
creating Oracle Virtual Private Database policy group, 7.4.3.1
global application context, 6.4.5.1
Oracle Virtual Private Database
policy groups, 7.4.3.1
policy implementing, 7.4.2.1
simple example, 7.4.1.1
See also examples
types
creating, 4.5.7.5
privileges on, 4.5.7
user defined
creation requirements, 4.5.7.4

U

UDP and TCP ports
close for ALL disabled services, 10.9.2
UGA
See User Global Area (UGA)
Ultra Search
deprecated role and schemas, Preface
undoaud.sql script, 9.4.3
undopwd.sql script, 3.2.3.4
UNIX systems
audit data written to syslog, 9.1.5
UNIX systems, auditing users on, 9.3.5
UNLIMITED TABLESPACE privilege, 2.2.5.2, 2.2.5.2
UPDATE privilege
revoking, 4.7.2.2
user accounts
administrative user passwords, 10.5
default user account, 10.5
password guidelines, 10.5
passwords, encrypted, 10.5
proxy users, 3.10.1.3
USER function
global application contexts, 6.4.3.3
User Global Area (UGA)
application contexts, storing in, 6.1.3
user names
schemas, 5.7
USER pseudo column, 4.5.5.3
user sessions, multiple within single database connection, 3.10.1.6
user-defined columns
auditing, 9.5.3
USERENV function, 6.3.3.2, 8.3
USERENV namespace
about, 6.3.3.2
client identifiers, 3.10.2.1
See also CLIENT_IDENTIFIER USERENV attribute
users
administrative option (ADMIN OPTION), 4.6.1.1
altering, 2.3.2
application users not known to database, 3.10.2.1
assigning unlimited quotas for, 2.2.5.2
auditing, 9.3.6.6
database role, current, 5.6.1
default roles, changing, 2.2.8
default tablespaces, 2.2.4
dropping, 2.5, 2.5
dropping profiles and, 2.4.4.2
dropping roles and, 4.4.6
enabling roles for, 5.6
enterprise, 3.7, 4.4.4.4
enterprise, shared schema protection, 5.7.2
external authentication
about, 3.8.1
advantages, 3.8.2
operating system, 3.8.4
user creation, 3.8.3
finding information about, 2.6.1
finding information about authentication, 3.11
global, 3.7
hosts, connecting to multiple
See external network services, fine-grained access to
information about, viewing, 2.6.2
listing roles granted to, 4.12.2
memory use, viewing, 2.6.5
network authentication, external, 3.8.5
nondatabase, 6.4.1, 6.4.3.6
objects after dropping, 2.5
operating system external authentication, 3.8.4
password encryption, 3.2.1
privileges
for changing passwords, 2.3.1
for creating, 2.2.1
granted to, listing, 4.12.1
of current database role, 5.6.1
profiles
creating, 2.4.4.1
specifying, 2.2.7
proxy authentication, 3.10.1.1
proxy users, connecting as, 3.10.1.1
PUBLIC role, 4.4.1.4, 4.8
quota limits for tablespace, 2.2.5.1
restricting application roles, 4.4.7
roles and, 4.4.1.2
for types of users, 4.4.1.3.2
schema-independent, 5.7.2
schemas, private, 3.7.1.1
security domains of, 4.4.1.4
security, about, 2.1
tablespace quotas, 2.2.5
tablespace quotas, viewing, 2.6.3
user accounts, creating, 2.2.1
user models and Oracle Virtual Private Database, 7.5.9
user name, specifying with CREATE USER statement, 2.2.2
views for finding information about, 2.6
UTLPWDMG.SQL
about, 3.2.3.9
guidelines for security, 10.5

V

V$LOGMNR_CONTENTS data dictionary view, 9.8.2.1
valid node checking, 10.9.2
views
about, 4.5.5.1
access control list data
external network services, 4.11.12
wallet access, 4.11.12
application contexts, 6.6
audit trail, 9.10.1, 9.10.1
auditing, 9.3.10.2, 9.3.10.4
authentication, 3.11
DBA_COL_PRIVS, 4.12.3
DBA_NETWORK_ACL_PRIVILEGES, 4.11.10, 4.11.12
DBA_NETWORK_ACLS, 4.11.12
DBA_ROLE_PRIVS, 4.12.2
DBA_ROLES, 4.12.5
DBA_SYS_PRIVS, 4.12.1
DBA_TAB_PRIVS, 4.12.3
DBA_USERS_WITH_DEFPWD, 3.2.3.2
DBA_WALLET_ACLS, 4.11.12
encrypted data, 8.6
Oracle Virtual Private Database policies, 7.6
privileges, 4.5.5.1, 4.12
profiles, 2.6.1
ROLE_ROLE_PRIVS, 4.12.6
ROLE_SYS_PRIVS, 4.12.6
ROLE_TAB_PRIVS, 4.12.6
roles, 4.12
security applications of, 4.5.5.3
SESSION_PRIVS, 4.12.4
SESSION_ROLES, 4.12.4
USER_NETWORK_ACL_PRIVILEGES, 4.11.12
users, 2.6.1
Virtual Private Database
See Oracle Virtual Private Database
VPD
See Oracle Virtual Private Database
vulnerable run-time call, 10.3
made more secure, 10.3

W

Wallet Manager
See Oracle Wallet Manager
wallets
authentication method, 3.6.2
See also access control lists (ACL), wallet access
Web applications
user connections, 6.4.1, 6.4.3.6
Web services
security enhancements for Oracle XML DB, Preface
Web-based applications
Oracle Virtual Private Database, how it works with, 7.5.9
WFS_USR_ROLE role, 4.4.2
WHEN OTHERS exceptions
logon triggers, used in, 6.3.4
WHERE clause, dynamic SQL, 7.2.1
Windows native authentication, 3.3.2
WKUSER role, Preface
WM_ADMIN_ROLE role, 4.4.2

X

X.509 certificates
guidelines for security, 10.5
XDB_SET_INVOKER role, 4.4.2
XDB_WEBSERVICES role, 4.4.2
XDB_WEBSERVICES_OVER_HTTP role
about, 4.4.2
XDB_WEBSERVICES_WITH_PUBLIC role, 4.4.2
XDBADMIN role, 4.4.2
XML
AUDIT_TRAIL XML setting, 9.3.2.2
AUDIT_TRAIL XML, EXTENDED setting, 9.3.2.2
XML, EXTENDED AUDIT_TRAIL setting
used with DB in AUDIT_TRAIL, 9.3.2.2
used with XML in AUDIT_TRAIL, 9.3.2.2