|Oracle® Database 2 Day + Security Guide
12c Release 1 (12.1)
|PDF · Mobi · ePub|
This preface contains:
The following are changes in Oracle Database 2 Day + Security Guide for Oracle Database 12c Release 1 (12.1):
The following features are new in this release:
Oracle Database 12c Release 1 (12.1) introduces a unified key management infrastructure for Transparent Data Encryption (TDE) and other database components. This eases key administration tasks, provides for better compliance and tracking, and also leads to better separation of duty between the database administrator and security administrator. For better security and separation of duty, users who are responsible for configuring TDE must have the
SYSKM system privilege.
Easier and quicker way to enable Database Vault.
Full inclusion of Database Vault functionality in the Enterprise Manager Cloud Control pages. This feature replaces the Database Vault Administrator utility that was used in previous releases.
Oracle Data Redaction disguises (redacts) data from low-privileged users or applications. For example, you can redact the credit card number
5105 1051 0510 5100 to appear as
5105 **** **** ****. The redaction occurs in real time, when the user accesses the data and it preserves the back-end referential integrity and constraints for the data. In addition to a partial redaction (as shown with the credit card example here), you can replace the entire data set with a fixed value or with randomized values. You also can easily apply Oracle Data Redaction policies throughout the databases in your enterprise.
Unified audit trail, which encompasses audit events from the default database installation, Oracle Database Vault, Oracle Label Security, Oracle Database Real Application Security, Oracle Recovery Manager, Oracle Data Pump, and Oracle SQL*Loader Direct Load Path. These events are available in a uniform format in a set of data dictionary views.
Faster audit performance
Ability to create named unified audit policies. The audit configuration is simplified by grouping a set of actions to be audited on specific conditions as named policies that you can enable and disable as needed. These policies define set of events to be captured.
AUDIT_VIEWER, for better security and separation of duty. (This guide only discusses the
Database Vault Administrator (DVA) has been deprecated. Its functionality is now part of the of Oracle Enterprise Manager Cloud Control interface.
Oracle Enterprise Manager Database Control is no longer supported by Oracle. See Oracle Database Upgrade Guide for a complete list of desupported features in this release.
This section contains:
In previous releases of Oracle Database, you used Oracle Enterprise Manager Database Control (Database Control) to administer database security from a graphical user interface. In this release, you can use the Cloud Control graphical user interface. Cloud Control provides more functionality than Database Control.
You must install Cloud Control separately from Oracle Database.
See Also:Oracle Enterprise Manager Cloud Control Basic Installation Guide for information about installing Cloud Control