Skip Headers
Oracle® Database 2 Day + Security Guide
12c Release 1 (12.1)

E17609-17
Go to Documentation Home
Home
Go to Book List
Book List
Go to Table of Contents
Contents
Go to Index
Index
Go to Master Index
Master Index
Go to Feedback page
Contact Us

Go to previous page
Previous
Go to next page
Next
PDF · Mobi · ePub

Changes in This Release for Oracle Database 2 Day + Security Guide

This preface contains:

Changes in Oracle Database 12c Release 1 (12.1)

The following are changes in Oracle Database 2 Day + Security Guide for Oracle Database 12c Release 1 (12.1):

New Features

The following features are new in this release:

Key Management for Transparent Data Encryption and Other Database Components

Oracle Database 12c Release 1 (12.1) introduces a unified key management infrastructure for Transparent Data Encryption (TDE) and other database components. This eases key administration tasks, provides for better compliance and tracking, and also leads to better separation of duty between the database administrator and security administrator. For better security and separation of duty, users who are responsible for configuring TDE must have the SYSKM system privilege.

See Chapter 4, "Encrypting Data with Oracle Transparent Data Encryption."

Oracle Database Vault Enhancements

  • Easier and quicker way to enable Database Vault.

  • Full inclusion of Database Vault functionality in the Enterprise Manager Cloud Control pages. This feature replaces the Database Vault Administrator utility that was used in previous releases.

See Chapter 5, "Controlling Access with Oracle Database Vault."

Oracle Data Redaction for Limiting Access to Sensitive Data

Oracle Data Redaction disguises (redacts) data from low-privileged users or applications. For example, you can redact the credit card number 5105 1051 0510 5100 to appear as 5105 **** **** ****. The redaction occurs in real time, when the user accesses the data and it preserves the back-end referential integrity and constraints for the data. In addition to a partial redaction (as shown with the credit card example here), you can replace the entire data set with a fixed value or with randomized values. You also can easily apply Oracle Data Redaction policies throughout the databases in your enterprise.

See Chapter 7, "Limiting Access to Sensitive Data Using Oracle Data Redaction."

Easier and Quicker Way to Enable and Disable Oracle Label Security

See Chapter 8, "Enforcing Row-Level Security with Oracle Label Security."

Auditing Enhancements

  • Unified audit trail, which encompasses audit events from the default database installation, Oracle Database Vault, Oracle Label Security, Oracle Database Real Application Security, Oracle Recovery Manager, Oracle Data Pump, and Oracle SQL*Loader Direct Load Path. These events are available in a uniform format in a set of data dictionary views.

  • Faster audit performance

  • Ability to create named unified audit policies. The audit configuration is simplified by grouping a set of actions to be audited on specific conditions as named policies that you can enable and disable as needed. These policies define set of events to be captured.

  • New roles, AUDIT_ADMIN and AUDIT_VIEWER, for better security and separation of duty. (This guide only discusses the AUDIT_ADMIN role.)

See Chapter 9, "Auditing Database Activity."

Deprecated Feature

Database Vault Administrator (DVA) has been deprecated. Its functionality is now part of the of Oracle Enterprise Manager Cloud Control interface.

Desupported Features

Oracle Enterprise Manager Database Control is no longer supported by Oracle. See Oracle Database Upgrade Guide for a complete list of desupported features in this release.

Other Changes

This section contains:

Oracle Enterprise Manager Cloud Control (Cloud Control) Graphical User Interface

In previous releases of Oracle Database, you used Oracle Enterprise Manager Database Control (Database Control) to administer database security from a graphical user interface. In this release, you can use the Cloud Control graphical user interface. Cloud Control provides more functionality than Database Control.

You must install Cloud Control separately from Oracle Database.

See Also:

Oracle Enterprise Manager Cloud Control Basic Installation Guide for information about installing Cloud Control