9 Database Security

This chapter describes integrations that support database security. Topics include:

• Oracle Database Net Services LDAP Naming

• Oracle Database Enterprise User Security with LDAP

See Also:

• http://www.oracle.com/technology/deploy/security/database-security/enterprise-user-security/index.html

• http://www.oracle.com/technology/products/id_mgmt/odsee/ovd-dsee-eus.html

Note:

DB aliases are not supported.

9.1 Oracle Database Net Services LDAP Naming

To manage large networking environments, administrators must be able to easily access a centralized repository to specify and modify the network configuration. To support this requirement, the Oracle Net Services configuration can be stored in an LDAP-compliant directory server.

Supporting LDAP-compliant directory servers provides the enterprise with a vehicle for centrally managing and configuring a distributed Oracle network. The directory can act as a central repository of information about database network components, user and corporate policies, and user authentication and security, thus replacing localized client-side and server-side configuration files.

Table 9-1 shows the supported integrations:

Table 9-1 Oracle Database Net Services LDAP Naming

Oracle Database Net Services for	Additional Information
Directory Naming with Oracle Internet Directory	Centralized Configuration and Management in the Oracle Database Net Services Administrator's Guide. Using a Directory Server for Centralized Management in the Oracle Database Net Services Administrator's Guide.
Directory Naming with Oracle Virtual Directory
Directory Naming with Microsoft Active Directory using Oracle Virtual Directory	Managing Network Address Information in the Oracle Database Net Services Administrator's Guide. Using a Directory Server for Centralized Management in the Oracle Database Net Services Administrator's Guide.
Directory Naming with Oracle Directory Service Enterprise Edition (formerly Sun Java System Directory Server) using Oracle Virtual Directory	How to set up Enterprise User Security with Oracle Virtual Directory and Oracle Directory Server Enterprise Edition at: http://www.oracle.com/technology/products/id_mgmt/odsee/ovd-dsee-eus.html

9.2 Oracle Database Enterprise User Security with LDAP

Enterprise User Security (EUS), a feature of Oracle Database Enterprise Edition, leverages Oracle Directory Services (ODS) to centrally manage database users and role memberships in an enterprise LDAP directory. This provides a way to address the security and management problems posed by maintaining database users and privileges in individual databases.

Table 9-2 shows the supported integrations:

Table 9-2 Oracle Database Enterprise User Security with LDAP

Enterprise User Security Integration for	Additional Information
Oracle Internet Directory	http://www.oracle.com/technology/products/aid/pdf/dirsrv_eus_integration.pdf
Microsoft Active Directory using Oracle Virtual Directory	http://www.oracle.com/technology/products/oid/pdf/dirsrv_eus_integration.pdf
Oracle Directory Service Enterprise Edition (formerly Sun Java System Directory Server) using Oracle Virtual Directory	http://www.oracle.com/technology/products/oid/pdf/dirsrv_eus_integration.pdf