What's New in Oracle Database Security?

The Oracle Database 10g Release 1 (10.1) security features and enhancements described in this section comprise the overall effort to provide superior access control and accountability (privacy) with this release of the database.

The following sections describe new security features of Oracle Database 10g Release 1 (10.1) and provide pointers to additional information:

• New Features in Virtual Private Database
• New Features in Auditing
• New PL/SQL Encryption Package: DBMS_CRYPTO

New Features in Virtual Private Database

To provide enhanced access control, privacy, and performance, the following enhancements have been added to Virtual Private Database (VPD), a feature of the Enterprise Edition:

• Column-level VPD and Column Masking

  Column-level VPD policies provides more fine-grained access controls on data. With column-level VPD, security policies can be applied only where a particular column or columns are accessed in the user's query. This means that when a user has rights to access the object itself, VPD can limit the individual rows returned only if the columns the user accesses contain sensitive information, such as salaries, or national identity numbers.

  The default behavior of column-level VPD restricts the number of rows returned when a query addresses columns containing sensitive data. In contrast, column masking behavior allows all rows to be returned for a query against data protected by column-level VPD, but the columns that contain sensitive information are returned as NULL values. With column masking, users see all the data they are supposed to see, but privacy is not compromised.

  See Also: "Column-level VPD" for conceptual information about these new features "Adding Policies for Column-Level VPD" for information about how to add column-level VPD to your applications

• Static, Context-Sensitive, and Shared VPD Policy Types

  Static and context-sensitive policy types optimize VPD for significant performance improvements because the policy function does not execute for every SQL query. Static policies maintain the same predicate for queries, updates, inserts, and deletes throughout a session. (However application context or attributes such as SYSDATE can change the value returned by the predicate.) They are particularly useful for hosting environments where you always need to apply the same predicate. With context-sensitive policies, the predicate can change after statement parse time, but VPD re-executes the policy function only if the application context changes. This ensures that any changes to the predicate since the initial parsing are captured. Context-sensitive policies are useful when VPD policies must enforce two or more different predicates for different users or groups.

  Both static and context-sensitive policies can be shared across multiple database objects, so that queries on another database object can use the same cached predicate. Shared policies enable you to further decrease the overhead of re-executing policy functions for every query, reducing any performance impact.

  See Also: "DBMS_RLS.ADD_POLICY Procedure Policy Types" for more information about these new policy types and how to use them in applications.

• Application context support for parallel queries

  In this release, if you use SYS_CONTEXT inside a SQL function which is embedded in a parallel query, the function picks up the application context.

  See Also: "Using SYS_CONTEXT in a Parallel Query" for information about using this enhancement.

New Features in Auditing

Oracle Database 10g Release 1 (10.1) expands upon standard and fine-grained auditing for enhanced user accountability, providing the following new features:

• Fine-grained Auditing Support for DML

  In the previous release, fine-grained auditing support was only available for SELECT statements. In this release, fine-grained auditing support is expanded to include DMLs (INSERT, UPDATE, DELETE).

  See Also: "Fine-Grained Auditing" for more information about this new feature

• Uniform Audit Trail

  In this release the DBA_COMMON_AUDIT_TRAIL view has been added, which presents both the standard and the fine-grained audit log records in a single view.

  See Also: "Database Audit Trail Contents" for more information about this new view.

• Extensions to Standard Audit and Fine-Grained Auditing

  Fields have been added to the standard and the fine-grained audit trails in this release. New fields capture the exact SQL text of audited statements, the date and time stamp in UTC (Coordinated Universal Time) format, and enhanced auditing for enterprise users. Enterprise users are global database users, who are stored in and LDAP directory. In this release, the audit trail includes enterprise users' full distinguished names (DNs) and global user identifiers (GUIDs).

  See Also: "What Information is Contained in the Audit Trail?" for more information about the extensions to standard and fine-grained audit trails

New PL/SQL Encryption Package: DBMS_CRYPTO

In this release, a new flexible interface, DBMS_CRYPTO, is provided to encrypt especially sensitive stored data, or it can also be used in conjunction with PL/SQL programs running network communications. This new interface provides support for the following features:

• Encryption algorithms as follows:
  • AES (Advanced Encryption Standard)
  • Triple DES (112- and 168-bits)
  • DES
  • RC4
• Cryptographic hash algorithms (SHA-1, MD5, and MD4)
• Keyed hash (MAC, or Message Authentication Code) algorithms (SHA-1, MD5)
• Padding forms (PKCS #5, zeroes)
• Block cipher chaining mode modifiers (CBC, CFB, ECB, OFB)

DBMS_CRYPTO is intended to replace the DBMS_OBFUSCATION_TOOLKIT, providing greater ease of use and support for a range of algorithms to accommodate new and existing systems.

See Also: Chapter 16, "Developing Applications Using Data Encryption" for information about how to use this package