Index

A B C D E F G H I J L M N O P Q R S T U V W X

A

access control policy
- reports
  - Core Database Vault Audit Report 27.5.5
Access to Sensitive Objects Report 27.6.3.2
accounts
- See: database accounts
Accounts With DBA Roles Report 27.6.5.2
Accounts with SYSDBA/SYSOPER Privilege Report 27.6.3.4
ad hoc tools
- preventing use of 8.7.1
administrators
- DBA operations in Oracle Database Vault 13
- restricting different types 8.8.1
ADRCI utility
- Database Vault E.1.6.3
alerts
- email alert in rule set 6.10.1
- Enterprise Manager Cloud Control 13.2.2
ALTER ROLE statement
- monitoring 26.1
ALTER SESSION command rules 7.1.3.2, 17.7
- about 7.1.3.2
ALTER SESSION event command rules
- creating 17.3
- updating 17.11
ALTER SESSION privilege
- enabling trace files E.1.5
- reports, ALTER SYSTEM or ALTER SESSION Report 27.6.5.5
ALTER SESSION statement
- guidelines on managing privileges D.6.6.1
ALTER SYSTEM command rules
- deleting system event command rules 17.8
ALTER SYSTEM event command rules
- creating 17.4
- updating 17.12
ALTER SYSTEM or ALTER SESSION Report 27.6.5.5
ALTER SYSTEM privilege
- reports, ALTER SYSTEM or ALTER SESSION Report 27.6.5.5
ALTER SYSTEM statement
- guidelines on managing privileges D.6.6.1
ALTER USER statement
- monitoring 26.1
ANY System Privileges for Database Accounts Report 27.6.2.4
application security
- finding privilege use by users 4.1.5.1
AUDIT_SYS_OPERATIONS initialization parameter 2.1
AUDIT_TRAIL$ system table
- affected by AUDIT_TRAIL initialization parameter A.3.2
- archiving A.4.2
- format A.3.2
- purging A.4.3
auditing
- about A.1
- archiving Database Vault audit trail A.4.2
  - about A.4.1
- Core Database Audit Report 27.6.8
- DBMS_MACUTL fields 21.1.1
- factors
  - options 8.3.4.3
- intruders
  - using factors 8.3.4.2
- Oracle Database audit settings A.5
- purging Database Vault audit trail A.4.3
  - about A.4.1
- realms
  - DBMS_MACUTL fields 21.1.1
  - options 5.3
- reports 27.5
- rule sets
  - DBMS_MACUTL fields 21.1.1
  - options 6.5
- secure application roles
  - audit records 9.9
auditing policies
- about A
- audit events
  - about A.3.1
- custom events
  - audit trail A.3.2
- events that are tracked A.3.1
- monitoring changes to 26.1
audit policy change
- monitoring 26.1
AUDIT privilege 27.6.5.10
AUDIT Privileges Report 27.6.5.10
authentication
- Authentication_Method default factor 8.2
- command rules 7.1.1
- method, finding with DVF.F$AUTHENTICATION_METHOD 18.3.2
- realm procedures 15.1
authorizations
- Oracle Data Pump activities 13.3.1
- realms 5.5
- scheduling database jobs 13.4.1
AUTHORIZE_MAINTENANCE_USER procedure 22.1.5

B

backup accounts 14.4
BECOME USER Report 27.6.5.4
BECOME USER system privilege
- about 27.6.5.4
break-glass accounts
- See: backup accounts

C

catalog-based roles 27.6.5.9
CDB_DV_STATUS view 25.2
CDBs
- functionality in Oracle Database Vault 1.8
- privilege profiles 4.1.6
- realms 5.1.3
  - authorizations 5.5
- rule sets 6.2
clients
- finding IP address with DVF.F$CLIENT_IP 18.3.3
code groups
- retrieving value with DBMS_MACUTL functions 21.2
Command Rule Audit Report 27.5.2
Command Rule Configuration Issues Report 27.4.1
command rules 7.1.1, 7.3, 7.4
- See also: rule sets
- about 7.1.1
- creating 7.4
- data dictionary view 7.11
- data masking 13.11.4
- default command rules 7.2
- deleting 7.6
- editing 7.4
- functions
  - DBMS_MACUTL (utility) 21
- guidelines 7.9
- how command rules work 7.7
- modifying enablement status 7.5
- objects
  - name 7.4
  - owner 7.4
- performance effect 7.10
- procedures
  - DBMS_MACADM (configuration) 17
- process flow 7.7
- propagating configuration to other databases 13.2.1
- reports 7.11
- rule sets
  - selecting 7.4
  - used with 7.1.1
- simulation mode 11.1
- troubleshooting
  - with auditing report 27.5.2
- tutorial 7.8
- views 7.11, 25.4
- with PDBs 7.1.2
compliance
- Oracle Database Vault addressing 1.4
computer name
- finding with DVF.F$MACHINE 18.3.14
- Machine default factor 8.2
configuration
- monitoring changes 26.1
- views
  - DVSYS.DV$CONFIGURATION_AUDIT 25.37
  - DVSYS.DV$ENFORCEMENT_AUDIT 25.38
  - SYS.DV$CONFIGURATION_AUDIT 25.48
CONFIGURE_DV procedure
- about 22.2
- registering Database Vault with 3.2.2, 3.2.4
CONNECT command rules
- about 7.1.3.1
- example 7.1.3.1
CONNECT events, controlling with command rules 7.1.1
connection pooling
- finding unnecessarily granted privileges 4.1.5.1
context profiles
- privilege analysis 4.1.4
core database
- troubleshooting with Core Database Vault Audit Report 27.5.5
Core Database Audit Report 27.6.8
Core Database Vault Audit Trail Report 27.5.5
CPU_PER_SESSION resource profile 27.6.6.2
CREATE ANY JOB privilege D.6.3
CREATE ANY JOB statement
- guidelines on managing privileges D.6.3
CREATE EXTERNAL JOB privilege D.6.4
CREATE JOB privilege D.6.3
CREATE JOB statement
- guidelines on managing privileges D.6.3
CREATE ROLE statement
- monitoring 26.1
CREATE USER statement
- monitoring 26.1
CTXSYS schema realm protection 5.2.4

D

Database Account Default Password Report 27.6.7.1
database accounts
- backup DV_OWNER and DV_ACCTMGR 14.4
- configuring Database Vault accounts as enterprise users 12.1.3
- counting privileges of 27.6.4.1
- DBSNMP
  - changing password 13.2.4
  - granted DV_MONITOR role 14.2.6
- DVSYS 14.3
- LBACSYS 14.3
- monitoring 26.1
- reports
  - Accounts With DBA Roles Report 27.6.5.2
  - ALTER SYSTEM or ALTER SESSION Report 27.6.5.5
  - ANY System Privileges for Database Accounts Report 27.6.2.4
  - AUDIT Privileges Report 27.6.5.10
  - BECOME USER Report 27.6.5.4
  - Database Account Default Password Report 27.6.7.1
  - Database Account Status Report 27.6.7.2
  - Database Accounts With Catalog Roles Report 27.6.5.9
  - Direct and Indirect System Privileges By Database Account Report 27.6.2.2
  - Direct Object Privileges Report 27.6.1.3
  - Direct System Privileges By Database Account Report 27.6.2.1
  - Hierarchical System Privileges by Database Account Report 27.6.2.3
  - Object Access By PUBLIC Report 27.6.1.1
  - Object Access Not By PUBLIC Report 27.6.1.2
  - OS Security Vulnerability Privileges 27.6.5.11
  - Password History Access Report 27.6.5.6
  - Privileges Distribution By Grantee, Owner, Privilege Report 27.6.4.3
  - Privileges Distribution By Grantee, Owner Report 27.6.4.2
  - Privileges Distribution By Grantee Report 27.6.4.1
  - Roles/Accounts That Have a Given Role Report 27.6.5.8
  - Security Policy Exemption Report 27.6.5.3
  - WITH ADMIN Privilege Grants Report 27.6.5.1
  - WITH GRANT Privileges Report 27.6.5.7
- solution for lockouts B.1
- suggested 14.3
Database Account Status Report 27.6.7.2
Database Accounts With Catalog Roles Report 27.6.5.9
database administrative operations 13
database domains, Database_Domain default factor 8.2
database objects 14.1
- See also: objects
- Oracle Database Vault 14
- reports
  - Object Dependencies Report 27.6.1.4
database options, installing B.1
database roles
- about 14.2.1
- counting privileges of 27.6.4.1
- default Oracle Database Vault 14.2.1
- DV_ACCTMGR
  - about 14.2.15
- DV_ADMIN 14.2.5
- DV_AUDIT_CLEANUP 14.2.8
- DV_DATAPUMP_NETWORK_LINK 14.2.9
- DV_GOLDENGATE_ADMIN 14.2.12
- DV_GOLDENGATE_REDO_ACCESS 14.2.13
- DV_MONITOR 14.2.6
- DV_OWNER 14.2.4
- DV_PATCH_ADMIN 14.2.14
- DV_POLICY_OWNER 14.2.18
- DV_PUBLIC 14.2.19
- DV_REALM_OWNER 14.2.16
- DV_REALM_RESOURCE 14.2.17
- DV_SECANALYST 14.2.7
- DV_STREAMS_ADMIN 14.2.10
- DV_XSTREAM_ADMIN 14.2.11
- enabled, determining with ROLE_IS_ENABLED 18.2.7
- granting Database Vault roles to users 14.2.3
- monitoring 26.1
- Oracle Database Vault, default 14.2.1
- reports
  - Accounts With DBA Roles Report 27.6.5.2
  - ALTER SYSTEM or ALTER SESSION Report 27.6.5.5
  - AUDIT Privileges Report 27.6.5.10
  - BECOME USER Report 27.6.5.4
  - Database Accounts With Catalog Roles Report 27.6.5.9
  - OS Security Vulnerability Privileges 27.6.5.11
  - Privileges Distribution By Grantee Report 27.6.4.1
  - Roles/Accounts That Have a Given Role Report 27.6.5.8
  - Security Policy Exemption Report 27.6.5.3
  - WITH ADMIN Privilege Grants Report 27.6.5.1
- separation of duty enforcement 2.3
databases
- defined with factors 8.1
- domain, Domain default factor 8.2
- event monitoring E.1.1
- grouped schemas
  - See realms 5.1.1
- host names, Database_Hostname default factor 8.2
- instance, retrieving information with functions 18.1
- instances
  - Database_Instance default factor 8.2
  - names, finding with DVF.F$DATABASE_INSTANCE 18.3.6
  - number, finding with DV_INSTANCE_NUM 16.2.3
- IP addresses
  - Database_IP default factor 8.2
  - retrieving with DVF.F$DATABASE_IP 18.3.7
- monitoring events E.1.1
- names
  - Database_Name default factor 8.2
  - retrieving with DV_DATABASE_NAME 16.2.4
  - retrieving with DVF.F$DATABASE_NAME 18.3.8
- parameters
  - Security Related Database Parameters Report 27.6.6.1
- roles that do not exist 27.4.7
- schema creation, finding with DVF.F$IDENTIFICATION_TYPE 18.3.11
- schema creation, Identification_Type default factor 8.2
- user name, Session_User default factor 8.2
database sessions 8.3.3.2
- controlling with Allow Sessions default rule set 6.4
- factor evaluation 8.6.1
- session user name, Proxy_User default factor 8.2
Database Vault
- See: Oracle Database Vault
Database Vault Account Management realm 5.2.2
Database Vault command rule protections 7.1.1
Database Vault realm protection 5.1.1
Database Vault realm protections 5.1.1
data definition language (DDL)
- statement
  - controlling with command rules 7.1.1
Data Definition Language (DDL) statements
- Database Vault authorization
  - DBA_DV_DDL_AUTH view 25.6
  - granting 22.1.3
  - revoking 22.1.10
Data Dictionary realm
- data masking 13.11.2
data manipulation language (DML)
- statement
  - checking with DBMS_MACUTL.CHECK_DVSYS_DML_ALLOWED function 21.2
  - controlling with command rules 7.1.1
data masking
- about 13.11.1
- adding users to realms for 13.11.3
- creating command rule for 13.11.4
- errors that can appear 13.11.1
data Oracle Database Vault recognizes
- See: factors
DBA_DV_CODE view 25.3
DBA_DV_COMMAND_RULE view 7.11, 25.4
DBA_DV_DATAPUMP_AUTH view 25.5
DBA_DV_DDL_AUTH view 25.6
DBA_DV_DICTIONARY_ACCTS view 25.7
DBA_DV_FACTOR_LINK 25.10
DBA_DV_FACTOR_LINK view 25.10
DBA_DV_FACTOR_TYPE view 25.9
DBA_DV_FACTOR view 25.8
DBA_DV_IDENTITY_MAP view 25.12
DBA_DV_IDENTITY view 25.11
DBA_DV_JOB_AUTH view 25.13
DBA_DV_MAC_POLICY_FACTOR view 25.15
DBA_DV_MAC_POLICY view 25.14
DBA_DV_MAINTENANCE_AUTH view 25.16
DBA_DV_ORADEBUG view 25.17
DBA_DV_PATCH_ADMIN_AUDIT view 25.18
DBA_DV_POLICY_LABEL view 25.20
DBA_DV_POLICY_OBJECT view 25.21
DBA_DV_POLICY_OWNER view 25.22
DBA_DV_POLICY view 25.19
DBA_DV_PROXY_AUTH view 25.23
DBA_DV_PUB_PRIVS view 25.24
DBA_DV_REALM_AUTH view 25.26
DBA_DV_REALM_OBJECT view 25.27
DBA_DV_REALM view 25.25
DBA_DV_ROLE view 25.28
DBA_DV_RULE_SET_RULE view 25.31
DBA_DV_RULE_SET view 25.30
DBA_DV_RULE view 25.29
DBA_DV_SIMULATION_LOG view 25.33
DBA_DV_STATUS view 25.32
DBA_DV_TTS_AUTH view 25.34
DBA_DV_USER_PRIVS_ALL view 25.36
DBA_DV_USER_PRIVS view 25.35
DBA_USERS_WITH_DEFPWD data dictionary view
- access to in Oracle Database Vault 2.4
DBA role
- impact of Oracle Database Vault installation 2.4
DBMS_FILE_TRANSFER package, guidelines on managing D.6.2.1
DBMS_MACADM.ADD_AUTH_TO_REALM procedure 15.1
DBMS_MACADM.ADD_CMD_RULE_TO_POLICY procedure 23.1, 23.5
DBMS_MACADM.ADD_FACTOR_LINK procedure 18.1.1
DBMS_MACADM.ADD_NLS_DATA
- procedure C.2
DBMS_MACADM.ADD_NLS_DATA procedure 22.1.1
DBMS_MACADM.ADD_OBJECT_TO_REALM procedure 15.2
DBMS_MACADM.ADD_OWNER_TO_POLICY procedure 23.2
DBMS_MACADM.ADD_POLICY_FACTOR procedure 18.1.2
DBMS_MACADM.ADD_REALM_TO_POLICY procedure 23.3
DBMS_MACADM.ADD_RULE_TO_RULE_SET procedure 16.1.1
DBMS_MACADM.AUTHORIZE_DATAPUMP_USER procedure 22.1.2, 22.1.9
DBMS_MACADM.AUTHORIZE_DDL procedure 22.1.3
DBMS_MACADM.AUTHORIZE_DIAGNOSTIC_ADMIN procedure 22.1.4
DBMS_MACADM.AUTHORIZE_PROXY_USER procedure 22.1.6
DBMS_MACADM.AUTHORIZE_SCHEDULER_USER procedure 22.1.7
DBMS_MACADM.AUTHORIZE_TTS_USER procedure 22.1.8
DBMS_MACADM.CHANGE_IDENTITY_FACTOR procedure 18.1.3
DBMS_MACADM.CHANGE_IDENTITY_VALUE procedure 18.1.4
DBMS_MACADM.CREATE_COMMAND_RULE procedure 17.1
DBMS_MACADM.CREATE_CONNECT_COMMAND_RULE procedure 17.2
DBMS_MACADM.CREATE_DOMAIN_IDENTITY procedure 18.1.5
DBMS_MACADM.CREATE_FACTOR_TYPE procedure 18.1.7
DBMS_MACADM.CREATE_FACTOR procedure 18.1.6
DBMS_MACADM.CREATE_IDENTITY_MAP procedure 18.1.9
DBMS_MACADM.CREATE_IDENTITY procedure 18.1.8
DBMS_MACADM.CREATE_MAC_POLICY procedure 20.1
DBMS_MACADM.CREATE_POLICY_LABEL procedure 20.2
DBMS_MACADM.CREATE_POLICY procedure 23.4
DBMS_MACADM.CREATE_REALM procedure 15.3
DBMS_MACADM.CREATE_ROLE procedure 19.1.1
DBMS_MACADM.CREATE_RULE_SET procedure 16.1.3
DBMS_MACADM.CREATE_RULE procedure 16.1.2
DBMS_MACADM.CREATE_SESSION_EVENT_CMD_RULE procedure 17.3
DBMS_MACADM.CREATE_SYSTEM_EVENT_CMD_RULE procedure 17.4
DBMS_MACADM.DELETE_AUTH_FROM_REALM procedure 15.4
DBMS_MACADM.DELETE_COMMAND_RULE procedure 17.5
DBMS_MACADM.DELETE_CONNECT_COMMAND_RULE procedure 17.6
DBMS_MACADM.DELETE_FACTOR_LINK procedure 18.1.11
DBMS_MACADM.DELETE_FACTOR_TYPE procedure 18.1.12
DBMS_MACADM.DELETE_FACTOR procedure 18.1.10
DBMS_MACADM.DELETE_IDENTITY_MAP procedure 18.1.14
DBMS_MACADM.DELETE_IDENTITY procedure 18.1.13
DBMS_MACADM.DELETE_MAC_POLICY_CASCADE procedure 20.3
DBMS_MACADM.DELETE_OBJECT_FROM_REALM procedure 15.5
DBMS_MACADM.DELETE_OWNER_FROM_POLICY procedure 23.6
DBMS_MACADM.DELETE_POLICY_FACTOR procedure 20.4
DBMS_MACADM.DELETE_POLICY_LABEL procedure 20.5
DBMS_MACADM.DELETE_REALM_CASCADE procedure 15.7
DBMS_MACADM.DELETE_REALM_FROM_POLICY procedure 23.7
DBMS_MACADM.DELETE_REALM procedure 15.6
DBMS_MACADM.DELETE_ROLE procedure 19.1.2
DBMS_MACADM.DELETE_RULE_FROM_RULE_SET procedure 16.1.5
DBMS_MACADM.DELETE_RULE_SET procedure 16.1.6
DBMS_MACADM.DELETE_RULE procedure 16.1.4
DBMS_MACADM.DELETE_SESSION_EVENT_CMD_RULE procedure 17.7
DBMS_MACADM.DELETE_SYSTEM_EVENT_CMD_RULE procedure 17.8
DBMS_MACADM.DISABLE_DV_DICTIONARY_ACCTS procedure 22.1.17
DBMS_MACADM.DISABLE_DV_PATCH_ADMIN_AUDIT procedure 22.1.18
DBMS_MACADM.DISABLE_DV procedure 22.1.16
DBMS_MACADM.DISABLE_ORADEBUG procedure 22.1.19
DBMS_MACADM.DROP_DOMAIN_IDENTITY procedure 18.1.15
DBMS_MACADM.DROP_POLICY procedure 23.8
DBMS_MACADM.ENABLE_DV_DICTIONARY_ACCTS procedure 22.1.22
DBMS_MACADM.ENABLE_DV procedure
- about 22.1.20
- registering Database Vault with 3.2.2, 3.2.3, 3.2.4
DBMS_MACADM.ENABLE_ORADEBUG procedure 22.1.23
DBMS_MACADM.ENSABLE_DV_PATCH_ADMIN_AUDIT procedure 22.1.21
DBMS_MACADM.GET_INSTANCE_INFO function 18.1.17
DBMS_MACADM.GET_SESSION_INFO function 18.1.16
DBMS_MACADM.RENAME_FACTOR_TYPE procedure 18.1.19
DBMS_MACADM.RENAME_FACTOR procedure 18.1.18
DBMS_MACADM.RENAME_POLICY procedure 23.9
DBMS_MACADM.RENAME_REALM procedure 15.8
DBMS_MACADM.RENAME_ROLE procedure 19.1.3
DBMS_MACADM.RENAME_RULE_SET procedure 16.1.8
DBMS_MACADM.RENAME_RULE procedure 16.1.7
DBMS_MACADM.UNAUTHORIZE_DDL procedure 22.1.10
DBMS_MACADM.UNAUTHORIZE_DIAGNOSTIC_ADMIN procedure 22.1.11
DBMS_MACADM.UNAUTHORIZE_PROXY_USER procedure 22.1.13
DBMS_MACADM.UNAUTHORIZE_SCHEDULER_USER procedure 22.1.14
DBMS_MACADM.UNAUTHORIZE_TTS_USER procedure 22.1.15
DBMS_MACADM.UPDATE_COMMAND_RULE procedure 17.9
DBMS_MACADM.UPDATE_CONNECT_COMMAND_RULE procedure 17.10
DBMS_MACADM.UPDATE_FACTOR_TYPE procedure 18.1.21
DBMS_MACADM.UPDATE_FACTOR procedure 18.1.20
DBMS_MACADM.UPDATE_IDENTITY procedure 18.1.22
DBMS_MACADM.UPDATE_MAC_POLICY procedure 20.6
DBMS_MACADM.UPDATE_POLICY_DESCRIPTION procedure 23.10
DBMS_MACADM.UPDATE_POLICY_STATE procedure 23.11
DBMS_MACADM.UPDATE_REALM_AUTH procedure 15.10
DBMS_MACADM.UPDATE_REALM procedure 15.9
DBMS_MACADM.UPDATE_ROLE procedure 19.1.4
DBMS_MACADM.UPDATE_RULE_SET procedure 16.1.10
DBMS_MACADM.UPDATE_RULE procedure 16.1.9
DBMS_MACADM.UPDATE_SESSION_EVENT_CMD_RULE procedure 17.11
DBMS_MACADM.UPDATE_SYSTEM_EVENT_CMD_RULE procedure 17.12
DBMS_MACADM package
- about 24.1
- command rule procedures, listed 17
- factor procedures, listed 18.1
- Oracle Label Security policy procedures, listed 20
- realm procedures, listed 15
- rule set procedures, listed 16.1
- secure application role procedures, listed 19.1
DBMS_MACADM PL/SQL package contents 24.1
DBMS_MACSEC_ROLES.CAN_SET_ROLE function 19.2.1
DBMS_MACSEC_ROLES.SET_ROLE procedure 19.2.2
DBMS_MACSEC_ROLES package
- about 19.2
- functions, listed 19.2
DBMS_MACUTL.CHECK_DVSYS_DML_ALLOWED procedure 21.2.1
DBMS_MACUTL.GET_CODE_VALUE function 21.2.2
DBMS_MACUTL.GET_DAY function 21.2.6
DBMS_MACUTL.GET_HOUR function 21.2.5
DBMS_MACUTL.GET_MINUTE function 21.2.4
DBMS_MACUTL.GET_MONTH function 21.2.7
DBMS_MACUTL.GET_SECOND function 21.2.3
DBMS_MACUTL.GET_YEAR function 21.2.8
DBMS_MACUTL.IS_ALPHA function 21.2.9
DBMS_MACUTL.IS_DIGIT function 21.2.10
DBMS_MACUTL.IS_DVSYS_OWNER function 21.2.11
DBMS_MACUTL.IS_OLS_INSTALLED_VARCHAR function 21.2.13
DBMS_MACUTL.IS_OLS_INSTALLED function 21.2.12
DBMS_MACUTL.ROLE_GRANTED_ENABLED_VARCHAR function 21.2.18
DBMS_MACUTL.USER_HAS_OBJECT_PRIVILEGE function 21.2.14
DBMS_MACUTL.USER_HAS_ROLE_VARCHAR function 21.2.16
DBMS_MACUTL.USER_HAS_ROLE function 21.2.15
DBMS_MACUTL.USER_HAS_SYSTEM_PRIVILEGE function 21.2.17
DBMS_MACUTL package
- about 21
- constants (fields)
  - examples 21.1.2
  - listed 21.1.1
- procedures and functions, listed 21.2
DBMS_MACUTL PL/SQL package contents 24.3
DBMS_PRIVILEGE_CAPTURE PL/SQL package 4.2.1
DBSNMP schema realm protection 5.2.3
DBSNMP user account
- changing password 13.2.4
- granted DV_MONITOR role 14.2.6
DDL operations
- DV_PATCH_ADMIN impact 13.1.2
- performing in Oracle Database Vault 13.1
- restrictions 13.1.1
deinstallation B
deinstalling Oracle Database Vault C.3
DELETE_CATALOG_ROLE role 27.6.5.9
deleting event command rules 17.7
Denial of Service (DoS) attacks
- reports
  - System Resource Limits Report 27.6.6.3
  - Tablespace Quotas Report 27.6.9.6
diagnostic view and table queries
- MACADM procedure for authorization 22.1.4
- MACADM procedure for revoking authorization 22.1.11
Direct and Indirect System Privileges By Database Account Report 27.6.2.2
Direct Object Privileges Report 27.6.1.3
direct system privileges 27.6.2.3
Direct System Privileges By Database Account Report 27.6.2.1
disabling system features with Disabled default rule set 6.4
domains
- defined with factors 8.1
- finding database domain with DVF.F$DATABASE_DOMAIN 18.3.4
- finding with DVF.F$DOMAIN 18.3.9
DROP ROLE statement
- monitoring 26.1
DROP USER statement
- monitoring 26.1
dual key connection, dual key security
- See: two-person integrity (TPI)
DV_ACCTMGR role E.4.2
- about 14.2.15
- backup account 14.4
- creating profile to protect user granted this role 3.2.6
- Database Vault disabled 14.2.15
- GRANT and REVOKE operations affected by 14.2.15
- privileges associated with 14.2.15
- realm protection 5.2.2
- system privileges of 14.2.2
DV_ADMIN role
- about 14.2.5
- changing password for user granted DV_ADMIN 14.2.5
- Database Vault disabled 14.2.4, 14.2.5
- GRANT and REVOKE operations affected by 14.2.5
- privileges associated with 14.2.5
DV_AUDIT_CLEANUP role
- about 14.2.8
- Database Vault disabled 14.2.6, 14.2.7, 14.2.8
- GRANT and REVOKE operations affected by 14.2.8
- privileges associated with 14.2.8
- system privileges of 14.2.2
DV_DATAPUMP_NETWORK_LINK role
- about 14.2.9
- Database Vault disabled 14.2.9
- GRANT and REVOKE operations affected by 14.2.9
- privileges associated with 14.2.9
DV_GOLDENDATE_REDO role
- privileges associated with 14.2.13
DV_GOLDENDGATE_ADMIN role
- Database Vault disabled 14.2.12
DV_GOLDENGATE_ADMIN role 14.2.12
- GRANT and REVOKE operations affected by 14.2.12
- privileges associated with 14.2.12
DV_GOLDENGATE_REDO_ACCESS role 14.2.13
- Database Vault disabled 14.2.13
- GRANT and REVOKE operations affected by 14.2.13
DV_MONITOR role
- about 14.2.6
- Database Vault disabled 14.2.6
- GRANT and REVOKE operations affected by 14.2.6
- privileges associated with 14.2.6
- system privileges of 14.2.2
DV_OWNER role E.4.1
- about 14.2.4
- backup account 14.4
- changing password for user granted DV_OWNER 14.2.4
- creating profile to protect user granted this role 3.2.6
- Database Vault disabled 14.2.4
- GRANT and REVOKE operations affected by 14.2.4
- privileges associated with 14.2.4
- system privileges of 14.2.2
DV_PATCH_ADMIN role 14.2.14
- Database Vault disabled 14.2.14
- DDL operations impact 13.1.2
- GRANT and REVOKE operations affected by 14.2.14
- privileges associated with 14.2.14
- SYS user 13.14
DV_POLICY_OWNER role
- about 14.2.18
- GRANT and REVOKE operations affected by 14.2.18
- privileges associated with 14.2.18
- system privileges of 14.2.2
DV_PUBLIC role 14.2.19
- system privileges of 14.2.2
DV_REALM_OWNER role 14.2.16
- Database Vault disabled 14.2.16
- GRANT and REVOKE operations affected by 14.2.16
- privileges associated with 14.2.16
- system privileges of 14.2.2
DV_REALM_RESOURCE role 14.2.17
- Database Vault disabled 14.2.17
- GRANT and REVOKE operations affected by 14.2.17
- privileges associated with 14.2.17
- system privileges of 14.2.2
DV_SECANALYST role
- about 14.2.7
- Database Vault disabled 14.2.7
- GRANT and REVOKE operations affected by 14.2.7
- privileges associated with 14.2.7
- system privileges of 14.2.2
DV_STREAMS_ADMIN role 14.2.10
- Database Vault disabled 14.2.10
- GRANT and REVOKE operations affected by 14.2.10
- privileges associated with 14.2.10
DV_XSTREAM_ADMIN role 14.2.11
- Database Vault disabled 14.2.11
- GRANT and REVOKE operations affected by 14.2.11
- privileges associated with 14.2.11
DVF account
- auditing policy A.5
- database accounts 14.3
DVF PL/SQL interface contents 24.5
DVF schema 18.3
- about 14.1.2
- auditing policy A.5
- DBA_DV_DICTIONARY_ACCTS view 25.7
- PDBs 14.1.2
- protecting 22.1.17
- realm protection 5.2.1
DVSYS.DBA_DV_FACTOR_LINK view 25.10
DVSYS.DV$CONFIGURATION_AUDIT view 25.37
DVSYS.DV$ENFORCEMENT_AUDIT view 25.38
DVSYS.DV$REALM view 25.39
DVSYS.POLICY_OWNER_POLICY view 25.41
DVSYS.POLICY_OWNER_REALM_AUTH view 25.43
DVSYS.POLICY_OWNER_REALM_OBJECT view 25.44
DVSYS.POLICY_OWNER_REALM view 25.42
DVSYS.POLICY_OWNER_RULE_SET_RULE view 25.47
DVSYS.POLICY_OWNER_RULE_SET view 25.46
DVSYS.POLICY_OWNER_RULE view 25.45
DVSYS account 14.3
DVSYS schema
- about 14.1.1
- auditing policy A.5
- CDBs 1.8
- DBA_DV_DICTIONARY_ACCTS view 25.7
- DV_OWNER role 14.2.4
- DV_POLICY_OWNER role 14.2.18
- PDBs 14.1.1, 14.2.1
- protecting 22.1.17
- realm protection 5.2.1

E

email alert in rule set 6.10.1
enabling system features with Enabled default rule set 6.4
encrypted information 27.6.9.5
enterprise identities, Enterprise_Identity default factor 8.2
Enterprise Manager
- See: Oracle Enterprise Manager
enterprise user security
- configuring Database Vault accounts for 12.1.3
errors
- factor error options 8.3.4.2
event handler
- rule sets 6.5
example 7.1.3.2
examples 8.6.3
- See also: tutorials
- DBMS_MACUTL constants 21.1.2
- realms 5.12
- separation of duty matrix D.1.3
- trace files E.1.7, E.1.8, E.1.9
EXECUTE_CATALOG_ROLE role 27.6.5.9
- impact of Oracle Database Vault installation 2.4
Execute Privileges to Strong SYS Packages Report 27.6.3.1
EXEMPT ACCESS POLICY system privilege 27.6.5.3
exporting data
- See: Oracle Data Pump
external network services, fine-grained access to
- example using email alert 6.10.1

F

Factor Audit Report 27.5.3
Factor Configuration Issues Report 27.4.4
factors 8.3.4.1
- See also: rule sets
- about 8.1
- assignment 8.3.3.7
  - disabled rule set 27.4.4
  - incomplete rule set 27.4.4
  - validate 8.3.3.7
- assignment operation 27.5.3
- audit events, custom A.3.1
- audit options 8.3.4.3
- child factors
  - about 8.3.3.1
  - Factor Configuration Issues Report 27.4.4
  - mapping 8.4.6.1
- creating 8.3.1
- creating names 8.3.2
- data dictionary views 8.11
- DBA_DV_FACTOR view 25.8
- DBA_DV_SIMULATION_LOG view 25.33
- DBMS_MACUTL constants, example of 21.1.4
- default factors 8.2
- deleting 8.5
- domain, finding with DVF.F$DOMAIN 18.3.9
- error options 8.3.4.2
- evaluate 8.3.3.3
- evaluation operation 27.5.3
- factor-identity pair mapping 8.4.6.2
- factor type
  - about 8.3.2
  - selecting 8.3.2
- functionality 8.6
- functions
  - DBMS_MACUTL (utility) 21
  - DBMS_MACUTL constants (fields) 21.1.1
- guidelines 8.9
- identifying using child factors 8.4.6.1
- identities
  - about 8.3.3.2, 8.4.1
  - adding to factor 8.4
  - assigning 8.3.3.3
  - configuring 8.4.4
  - creating 8.4.4
  - database session 8.3.3.2
  - data dictionary views 8.11
  - deleting 8.4.5
  - enterprise-wide users 18.3.9
  - how factor identities work 8.3.3.2
  - labels 8.3.3.4
  - mapping, about 8.4.6.1
  - mapping, identified 8.3.3.1
  - mapping, procedure 8.4.6.2
  - mapping, tutorial 8.8.1
  - Oracle Label Security labels 8.3.3.4
  - reports 8.11
  - resolving 8.3.3.1
  - retrieval methods 8.3.3.5
  - setting dynamically 18.2.2
  - trust levels 8.3.3.2, 8.4.4
  - with Oracle Label Security 8.3.3.2
- initialization, command rules 7.1.1
- invalid audit options 27.4.4
- label 27.4.4
- naming conventions 8.3.2
- Oracle Virtual Private Database, attaching factors to 12.3
- parent factors 8.3.3.1
- performance effect 8.10
- procedures
  - DBMS_MACADM (configuration) 18.1
- process flow 8.6
- reports 8.11
- retrieving 8.6.2
- retrieving with GET_FACTOR 18.2.3
- rule sets
  - selecting 8.3.4.1
- setting 8.6.3
- setting with SET_FACTOR 18.2.2
- troubleshooting
  - auditing report 27.5.3
  - configuration problems E.3
  - tips E.2
- type (category of factor) 8.3.2
- validating 8.3.3.7
- values (identities) 8.1
- views
  - DBA_DV_FACTOR_LINK 25.10
  - DBA_DV_FACTOR_TYPE 25.9
  - DBA_DV_IDENTITY 25.11
  - DBA_DV_IDENTITY_MAP 25.12
  - DBA_DV_MAC_POLICY_FACTOR 25.15
- ways to assign 8.3.3.2
Factor Without Identities Report 27.4.5
FLASHBACK TABLE SQL statement 5.1.1
functions
- command rules
  - DBMS_MACUTL (utility) 21
- DVSYS schema enabling 18.2
- factors
  - DBMS_MACUTL (utility) 21
- Oracle Label Security policy
  - DBMS_MACADM (configuration) 20
- realms
  - DBMS_MACUTL (utility) 21
- rule sets
  - DBMS_MACADM (configuration) 16.1
  - DBMS_MACUTL (utility) 21
  - PL/SQL functions for inspecting SQL 16.2
- secure application roles
  - DBMS_MACADM (configuration) 19.1
  - DBMS_MACSEC_ROLES (configuration) 19.2
  - DBMS_MACUTL (utility) 21

G

general security reports 27.6
GRANT statement
- monitoring 26.1
guidelines
- ALTER SESSION privilege D.6.6.1
- ALTER SYSTEM privilege D.6.6.1
- backup DV_OWNER and DV_ACCTMGR accounts 14.4
- command rules 7.9
- CREATE ANY JOB privilege D.6.3
- CREATE EXTERNAL JOB privilege D.6.4
- CREATE JOB privilege D.6.3
- DBMS_FILE_TRANSFER package D.6.2.1
- factors 8.9
- general security D
- LogMiner packages D.6.5
- managing DV_OWNER and DV_ACCTMGR accounts 14.3
- operating system access D.2.4
- Oracle software owner D.4.2
- performance effect 8.10
- realms 5.14
- root access D.2.4
- root user access D.4.1
- rule sets 6.12
- secure application roles 9.4
- SYSDBA access D.4.3
- SYSDBA privilege, limiting D.2.3
- SYSOPER access D.4.4
- SYSTEM schema and application tables D.2.2
- SYSTEM user account D.2.1
- trusted accounts and roles D.3
- using Database Vault in a production environment D.5
- UTL_FILE package D.6.2.1

H

hackers
- See: security attacks
Hierarchical System Privileges by Database Account Report 27.6.2.3
host names
- finding with DVF.F$DATABASE_HOSTNAME 18.3.5

I

identities
- See: factors, identities
Identity Configuration Issues Report 27.4.6
IDLE_TIME resource profile 27.6.6.2
IMP_FULL_DATABASE role
- impact of Oracle Database Vault installation 2.4
importing data
- See: Oracle Data Pump
incomplete rule set 27.4.4
- role enablement 27.4.7
Information Lifecycle Management 5.1.1
- authorizations, about 13.5.1
- granting users authorization for 13.5.2
- revoking authorization from users 13.5.3
initialization parameters
- Allow System Parameters default rule set 6.4
- modified after installation 2.1
- modified by Oracle Database Vault 2.1
- reports 27.6.6
insider threats
- See: intruders
installations
- Database Vault and Label Security in a multitenant environment 3.1
- security considerations D.6
intruders
- See: security attacks
- compromising privileged accounts 1.5
IP addresses
- Client_IP default factor 8.2
- defined with factors 8.1

J

Java Policy Grants Report 27.6.9.1
jobs, scheduling
- See: Oracle Scheduler

L

labels 8.4.3
- See also: Oracle Label Security
- about 8.4.3
Label Security Integration Audit Report 27.5.4
languages
- adding to Oracle Database Vault C.2
- finding with DVF.F$LANG 18.3.12
- finding with DVF.F$LANGUAGE 18.3.13
- name
  - Lang default factor 8.2
  - Language default factor 8.2
LBACSYS account 14.3
- See also: Oracle Label Security
- about 14.3
- auditing policy A.5
LBACSYS schema
- auditing policy A.5
- realm protection 5.2.1
locked out accounts, solution for B.1
log files
- Database Vault log files A.3.2
logging on
- reports, Core Database Audit Report 27.6.8
LogMiner packages
- guidelines D.6.5

M

managing user accounts and profiles
- Can Maintain Accounts/Profiles default rule set 6.4
managing user accounts and profiles on own account, Can Maintain Own Accounts default rule set 6.4
mandatory realms
- about 5.1.2
mapping identities 8.4.6.2
MDDATA schema realm protection 5.2.4
MDSYS schema realm protection 5.2.4
monitoring
- activities 26
multitenant container databases
- See: CDBs

N

naming conventions
- factors 8.3.2
- realms 5.3
- rules 6.6.3
- rule sets 6.5
network protocol
- finding with DVF.F$NETWORK_PROTOCOL 18.3.15
network protocol, Network_Protocol default factor 8.2
NOAUDIT statement
- monitoring 26.1
Non-Owner Object Trigger Report 27.6.9.7
nonsystem database accounts 27.6.1.3

O

Object Access By PUBLIC Report 27.6.1.1
Object Access Not By PUBLIC Report 27.6.1.2
Object Dependencies Report 27.6.1.4
object owners
- nonexistent 27.4.1
- reports
  - Command Rule Configuration Issues Report 27.4.1
object privilege reports 27.6.1
objects 25.27
- See also: database objects
- command rule objects
  - name 7.4
  - owner 7.4
  - processing 7.7
- dynamic SQL use 27.6.9.3
- mandatory realms 5.1.2
- monitoring 26.1
- object names
  - finding with DV_DICT_OBJ_NAME 16.2.7
- object owners
  - finding with DV_DICT_OBJ_OWNER 16.2.6
- realms
  - object name 5.3
  - object owner 5.3
  - object type 5.3
  - procedures for registering 15.2
- reports
  - Access to Sensitive Objects Report 27.6.3.2
  - Accounts with SYSDBA/SYSOPER Privilege Report 27.6.3.4
  - Direct Object Privileges Report 27.6.1.3
  - Execute Privileges to Strong SYS Packages Report 27.6.3.1
  - Non-Owner Object Trigger Report 27.6.9.7
  - Object Access By PUBLIC Report 27.6.1.1
  - Object Access Not By PUBLIC Report 27.6.1.2
  - Object Dependencies Report 27.6.1.4
  - Objects Dependent on Dynamic SQL Report 27.6.9.3
  - OS Directory Objects Report 27.6.9.2
  - privilege 27.6.1
  - Public Execute Privilege To SYS PL/SQL Procedures Report 27.6.3.3
  - sensitive 27.6.3
  - System Privileges By Privilege Report 27.6.2.5
- restricting user access to using mandatory realms 5.1.2
- types
  - finding with DV_DICT_OBJ_TYPE 16.2.5
- views, DBA_DV_REALM_OBJECT 25.27
Objects Dependent on Dynamic SQL Report 27.6.9.3
object types
- supported for Database Vault realm protection 5.1.4
OEM
- See: Oracle Enterprise Manager (OEM)
OEM_MONITOR schema realm protection 5.2.3
OLS
- See: Oracle Label Security
operating system access
- guideline for using with Database Vault D.2.4
operating systems
- reports
  - OS Directory Objects Report 27.6.9.2
  - OS Security Vulnerability Privileges Report 27.6.5.11
- vulnerabilities 27.6.5.11
ORA$DEPENDENCY profile 4.1.2
ORA-00942 error 9.7.7
ORA-01301 error 13.11.1
ORA-06512 error 6.10.4, 21.2.1
ORA-24247 error 6.10.4
ORA-47305 error 9.7.7
ORA-47400 error 6.10.6, 13.11.1
ORA-47401 error 5.10.2.1, 13.11.1
ORA-47408 error 13.11.1
ORA-47409 error 13.11.1
ORA-47500 error 22.2
ORA-47503 error 3.2.4
ORA-47920 error 21.2.1
Oracle Database Vault
- about 1.1.1
- components 1.3, 1.3.1
- deinstalling C.3
- disabling
  - procedures for B
  - reasons for B.1
- enabling
  - procedures for B
- integrating with other Oracle products 12
- Oracle Database installation, affect on 2
- post-installation procedures C
- privileges to use 1.2
- registering
  - using DBCA 3.2.1
- reinstalling C.4
- roles
  - system privileges of 14.2.2
Oracle Database Vault Administrator (DVA)
- logging on from Oracle Enterprise Manager Cloud Control 3.3
Oracle Database Vault Administrator pages 1.3.2
Oracle Database Vault policies
- about 10.1.1
- creating 10.3
- data dictionary views 10.6
- default 10.2
- deleting 10.5
- in multitenant environment 10.1.2
- modifying 10.4
Oracle Database Vault realm 5.2.1
Oracle Database Vault registration
- about 3.2.1
- common users to manage specific PDBs 3.2.4
- common user to manage CDB root 3.2.3
- creating profile to protect DV_OWNER and DV_ACCTMGR users 3.2.6
- non-multitenant environment 3.2.2
- plugging in a Database Vault-enabled database 3.2.5
- verifying configuration and enablement 3.2.7
Oracle Data Guard
- disabaling Oracle Database Vault 12.5.4
- how auditing is affected after intergration with Database Vault 12.5.3
- integrating Database Vault with 12.5
Oracle Data Pump
- archiving the Oracle Database Vault audit trail with A.4.2
- authorizing transportable tablespace operations for Database Vault 13.3.3.3
- DBA_DV_DATAPUMP_AUTH view 25.5
- DBA_DV_TTS_AUTH view 25.34
- DBMS_MACADM.AUTHORIZE_TTS_USER 22.1.8
- DBMS_MACADM.UNAUTHORIZE_TTS_USER 22.1.15
- granting authorization to use with Database Vault 13.3.2.3
- guidelines before performing an export or import 13.3.4
- levels of authorization required
  - Oracle Data Pump only 13.3.2.2
  - transportable tablespaces 13.3.3.2
- MACADM procedures for authorization 22.1.2
- realm protection 5.2.5
- revoking standard authorization 13.3.2.4
- revoking transportable tablespace authorization 13.3.3.4
- using with Oracle Database Vault 13.3.1
Oracle Default Component Protection Realm 5.2.6
Oracle Default Schema Protection Realm 5.2.4
Oracle Enterprise Manager
- DBSNMP account
  - changing password 13.2.4
  - granted DV_MONITOR role 14.2.6
- using Oracle Database Vault with 13.2
Oracle Enterprise Manager Cloud Control
- monitoring Database Vault for attempted violations 14.2.6
- propagating Database Vault configurations to other databases 13.2.1
- starting Oracle Database Vault from 3.3
Oracle Enterprise Manager realm 5.2.3
Oracle Enterprise User Security, integrating with Oracle Database Vault 12.1
Oracle Flashback Technology 5.1.1, 7.1.1
Oracle GoldenGate
- Database Vault role used for
  - DV_GOLDENGATE_ADMIN 14.2.12
  - DV_GOLDENGATE_REDO_ACCESS 14.2.13
- in an Oracle Database Vault environment 13.10
Oracle Internet Directory, registering with DBCA 12.6
Oracle Internet Directory Distinguished Name, Proxy_Enterprise_Identity default factor 8.2
Oracle Label Security
- using OLS_LABEL_DOMINATES function in rule expressions 16.1.2
Oracle Label Security (OLS) 14.3
- See also: LBACSYS account
- audit events, custom A.3.1
- checking if installed using DBMS_MACUTL functions 21.2
- data dictionary views 12.4.5
- functions
  - DBMS_MACUTL (utility) 21.1.1
- how Database Vault integrates with 12.4.1
- initialization, command rules 7.1.1
- integration with Oracle Database Vault
  - example 12.4.4.1
  - Label Security Integration Audit Report 27.5.4
  - procedure 12.4.3.1
  - requirements 12.4.2
- labels
  - about 8.4.3
  - determining with GET_FACTOR_LABEL 18.2.4
  - invalid label identities 27.4.6
- policies
  - accounts that bypass 27.6.5.3
  - monitoring policy changes 26.1
  - nonexistent 27.4.4
- procedures
  - DBMS_MACADM (configuration) 20
- reports 12.4.5
- views
  - DBA_DV_MAC_POLICY 25.14
  - DBA_DV_MAC_POLICY_FACTOR 25.15
  - DBA_DV_POLICY_LABEL 25.20
Oracle OLAP realm protection 5.2.4
Oracle Real Application Clusters
- configuring Database Vault on RAC nodes C.1
- deinstalling Oracle Database Vault from C.3
- multiple factor identities 8.3.3.2
Oracle Recovery Manager (RMAN)
- in an Oracle Database Vault environment 13.7
Oracle Scheduler
- DBA_DV_JOB_AUTH view 25.13
- granting Oracle Database Vault authorization 13.4.2
- realm protection 5.2.5
- revoking Oracle Database Vault authorization 13.4.3
- SCHEDULER_ADMIN role, impact of Oracle Database Vault installation 2.4
- using with Oracle Database Vault 13.4.1
Oracle software owner, guidelines on managing D.4.2
Oracle Spatial realm protection 5.2.4
Oracle Streams
- Database Vault role used for 14.2.10
Oracle System Privilege and Role Management Realm 5.2.5
Oracle Text realm protection 5.2.4
Oracle Virtual Private Database (VPD)
- accounts that bypass 27.6.5.3
- factors, attaching to 12.3
- GRANT EXECUTE privileges with Grant VPD Administration default rule set 6.4
- using Database Vault factors with Oracle Label Security 12.4.4.1
ORADEBUG utility
- about 13.13
- DBA_DV_ORADEBUG view 25.17
- PL/SQL procedure for disabling in Database Vault 22.1.19
- PL/SQL procedure for enabling in Database Vault 22.1.23
- using with Database Vault 13.13
OS_ROLES initialization parameter 2.1
OS Directory Objects Report 27.6.9.2
OS Security Vulnerability Privileges Report 27.6.5.11
OUTlN schema realm protection 5.2.6

P

parameters
- modified after installation 2.1
- reports
  - Security Related Database Parameters Report 27.6.6.1
parent factors
- See: factors
Password History Access Report 27.6.5.6
passwords
- forgotten, solution for B.1
- reports 27.6.7
  - Database Account Default Password Report 27.6.7.1
  - Password History Access Report 27.6.5.6
  - Username/Password Tables Report 27.6.9.5
- resetting for DV_ACCTMGR user E.4.2
- resetting for DV_OWNER user E.4.1
patches
- auditing DV_PATCH_ADMIN user 14.2.14
- DBMS_MACADM.DISABLE_DV_PATCH_ADMIN_AUDIT procedure 22.1.18
- DBMS_MACADM.ENSABLE_DV_PATCH_ADMIN_AUDIT procedure 22.1.21
- DV_PATCH_ADMIN requirement for 14.2.14
- security consideration D.6
- two-person integrity used for 6.11.1
patch operations in Database Vault environment 13.14
PDBs
- command rules in 7.1.2
- disabling tracing
  - all database sessions E.1.10.3
  - current database session E.1.10.3
- DVF schema 14.1.2
- DVSYS schema 14.1.1, 14.2.1
- enabling tracing
  - all database sessions E.1.5.3
  - current database session E.1.5.1
- plugging Database Vault-enabled PDB to CDB 13.12
- privilege analysis 4.1.6
performance effect
- command rules 7.10
- realms 5.15
- reports
  - Resource Profiles Report 27.6.6.2
  - System Resource Limits Report 27.6.6.3
- rule sets 6.13
- secure application roles 9.8
- static evaluation for rule sets 6.13
performance tools
- Automatic Workload Repository (AWR)
  - command rules 7.10
  - factors 8.10
  - Oracle Enterprise Manager
    - performance tools 5.15
  - performance tools
    - Cloud Control, realms 5.15
    - Oracle Enterprise Manager
      - realms 5.15
  - realms 5.15
  - rule sets 6.13
  - secure application roles 9.8
- Oracle Enterprise Manager
  - command rules 7.10
  - factors 8.10
  - performance tools
    - Oracle Enterprise Manager Cloud Control
      - command rules 7.10
  - rule sets 6.13
  - secure application roles 9.8
- Oracle Enterprise Manager Cloud Control
  - factors 8.10
  - rule sets 6.13
  - secure application roles 9.8
- TKPROF utility
  - command rules 7.10
  - factors 8.10
  - realms 5.15
  - rule sets 6.13
  - secure application roles 9.8
PL/SQL
- packages
  - unwrapped bodies 27.6.9.4
  - Unwrapped PL/SQL Package Bodies Report 27.6.9.4
PL/SQL factor functions 18.3
pluggable databases
- See: PDBs
policies
- See: Oracle Database Vault policies
POLICY_OWNER_COMMAND_RULE view 25.40
policy changes, monitoring 26.1
post-installation procedures C
preprocessor programs
- about executing in Database Vault environment 13.6.1
- authorizing users in Database Vault environment 13.6.2
- revoking authorization from Database Vault users 13.6.3
privilege analysis
- about 4.1.1
- accessing reports in Cloud Control 4.2.7.3
- benefits 4.1.5
- CDBs 4.1.6
- creating
  - about 4.2.3.1
  - in Cloud Control 4.2.3.2
  - usingDBMS_PRIVILEGE_CAPTURE.CREATE_CAPTURE 4.2.3.3
- creating role in Cloud Control 4.3.1
- data dictionary views 4.6
- DBMS_PRIVILEGE_CAPTURE PL/SQL package 4.2.1
- disabling
  - about 4.2.6.1
  - in Cloud Control 4.2.6.2
  - using DBMS_PRIVILEGE_CAPTURE.DISABLE_CAPTURE 4.2.6.3
- dropping
  - about 4.2.8.1
  - in Cloud Control 4.2.8.2
  - using DBMS_PRIVILEGE_CAPTURE.DROP_CAPTURE 4.2.8.3
- enabling
  - about 4.2.5.1
  - in Cloud Control 4.2.5.2
  - using DBMS_PRIVILEGE_CAPTURE.ENABLE_CAPTURE 4.2.5.3
- examples of creating and enabling 4.2.4.1
- general steps for managing 4.2.2
- generating regrant scripts 4.3.3.3
- generating reports
  - about 4.2.7.1
  - in Cloud Control 4.2.7.2
  - using DBMS_PRIVILEGE_CAPTURE.GENERATE_REPORT 4.2.7.4
- generating revoke scripts 4.3.3.2
- logon users 4.1.4
- pre-compiled database objects 4.1.2
- privilege uses captured 4.1.4
- requirements for using 4.1.3
- restrictions 4.1.4
- revoking and re-granting in Cloud Control 4.3.2
- revoking and regranting using scripts 4.3.3.1
- tutorial 4.5
- tutorial for ANY privileges 4.4
- use cases 4.1.5
  - finding application pool privileges 4.1.5.1
  - finding overly privileged users 4.1.5.2
privileges
- checking with DBMS_MACUTL.USER_HAS_OBJECT_PRIVILEGE function 21.2
- existing users and roles, Database Vault affect on 2.4
- least privilege principle
  - violations to 27.6.9.1
- monitoring
  - GRANT statement 26.1
  - REVOKE statement 26.1
- Oracle Database Vault restricting 2.2
- prevented from existing users and roles 2.5
- reports
  - Accounts With DBA Roles Report 27.6.5.2
  - ALTER SYSTEM or ALTER SESSION Report 27.6.5.5
  - ANY System Privileges for Database Accounts Report 27.6.2.4
  - AUDIT Privileges Report 27.6.5.10
  - Database Accounts With Catalog Roles Report 27.6.5.9
  - Direct and Indirect System Privileges By Database Account Report 27.6.2.2
  - Direct System Privileges By Database Account Report 27.6.2.1
  - Hierarchical System Privileges By Database Account Report 27.6.2.3
  - listed 27.6.4
  - OS Directory Objects Report 27.6.9.2
  - Privileges Distribution By Grantee, Owner, Privilege Report 27.6.4.3
  - Privileges Distribution By Grantee, Owner Report 27.6.4.2
  - Privileges Distribution By Grantee Report 27.6.4.1
  - WITH GRANT Privileges Report 27.6.5.7
- restricting access using mandatory realms 5.1.2
- roles
  - checking with DBMS_MACUTL.USER_HAS_ROLE_VARCHAR function 21.2
- system
  - checking with DBMS_MACUTL.USER_HAS_SYSTEM_PRIVILEGE function 21.2
- views
  - DBA_DV_PUB_PRIVS 25.24
  - DBA_DV_USER_PRIVS 25.35
  - DBA_DV_USER_PRIVS_ALL 25.36
Privileges Distribution By Grantee, Owner, Privilege Report 27.6.4.3
Privileges Distribution By Grantee, Owner Report 27.6.4.2
Privileges Distribution By Grantee Report 27.6.4.1
privileges using external password 27.6.3.4
problems, diagnosing E.1.1
procedures
- command rules
  - .DBMS_MACADM (configuration) 17
- factors
  - DBMS_MACADM (configuration) 18.1
- realms
  - DBMS_MACADM (configuration) 15
production environments
- guidelines for securing D.5
profiles 27.6.6
proxy user authorization
- Database Vault authorization
  - DBA_DV_PROXY_AUTH view 25.23
  - granting 22.1.6
  - revoking 22.1.13
PUBLIC access to realms 5.9
Public Execute Privilege To SYS PL/SQL Procedures Report 27.6.3.3
PUBLIC user account
- impact of Oracle Database Vault installation 2.4

Q

quotas
- tablespace 27.6.9.6

R

Realm Audit Report 27.5.1
Realm Authorization Configuration Issues Report 27.4.3
realm authorizations:multitenant environment 5.5
realms 5.3
- See also: rule sets
- about 5.1.1
- adding roles to as grantees 5.14
- audit events, custom A.3.1
- authentication-related procedures 15.1
- authorization
  - enabling access to realm-protected objects 5.11
  - how realm authorizations work 5.10
  - process flow 5.10
  - troubleshooting E.2
- authorizations
  - grantee 5.3
  - rule set 5.3
- authorizations in multitenant environment 5.6
- creating 5.3
- creating names 5.3
- Database Vault Account Management realm 5.2.2
- data dictionary views 5.16
- data masking 13.11.3
- DBMS_MACUTL constants, example of 21.1.2
- default realms
  - listed 5.2
- deleting 5.8
- disabling 5.7
- DV_REALM_OWNER role 14.2.16
- DV_REALM_RESOURCE role 14.2.17
- effect on other Oracle Database Vault components 5.13
- enabling 5.7
- enabling access to realm-protected objects 5.11
- example 5.12
- functions
  - DBMS_MACUTL (utility) 21
  - DBMS_MACUTL constants (fields) 21.1.1
- guidelines 5.14
- how realms work 5.9
- mandatory realms 5.1.2
- multitenant environment
  - about 5.1.3
- naming conventions 5.3
- object-related procedures 15.2
- object types, supported 5.1.4
- Oracle Database Vault realm 5.2.1
- Oracle Default Component Protection Realm 5.2.6
- Oracle Default Schema Protection Realm 5.2.4
- Oracle Enterprise Manager realm 5.2.3
- Oracle System Privilege and Role Management Realm 5.2.5
- performance effect 5.15
- procedures
  - DBMS_MACADM (configuration) 15
- process flow 5.9
- propagating configuration to other databases 13.2.1
- protection after object is dropped 5.14
- PUBLIC access 5.9
- realm authorizations
  - about 5.5
- realm secured objects
  - object name 5.3
  - object owner 5.3
  - object type 5.3
- realm-secured objects 5.4
- reports 5.16
- roles
  - DV_REALM_OWNER 14.2.16
  - DV_REALM_RESOURCE 14.2.17
- secured object 27.4.3
- simulation mode 11.1
- territory a realm protects 5.4
- troubleshooting E.2, E.3
- tutorial 3.4.1
- views
  - DBA_DV_CODE 25.3
  - DBA_DV_MAINTENANCE_AUTH 25.16
  - DBA_DV_POLICY 25.19
  - DBA_DV_POLICY_OBJECT 25.21
  - DBA_DV_POLICY_OWNER 25.22
  - DBA_DV_REALM 25.25
  - DBA_DV_REALM_OBJECT 25.27
  - DBS_DV_REALM_AUTH 25.26
  - DVSYS.POLICY_OWNER_COMMAND_RULE 25.40
  - DVSYS.POLICY_OWNER_POLICY 25.41
  - DVSYS.POLICY_OWNER_REALM 25.42
  - DVSYS.POLICY_OWNER_REALM_AUTH 25.43
  - DVSYS.POLICY_OWNER_REALM_OBJECT 25.44
  - DVSYS.POLICY_OWNER_RULE 25.45
  - DVSYS.POLICY_OWNER_RULE_SET 25.46
  - DVSYS.POLICY_OWNER_RULE_SET_RULE 25.47
recovering lost password E.4.1, E.4.2
RECOVERY_CATALOG_OWNER role 27.6.5.9
RECYCLEBIN initialization parameter
- default setting in Oracle Database Vault 2.1
registering Oracle Database Vault 3.2.1
reinstalling Oracle Database Vault C.4
REMOTE_LOGIN_PASSWORDFILE initialization parameter 2.1
reports
- about 27.1
- Access to Sensitive Objects Report 27.6.3.2
- Accounts With DBA Roles Report 27.6.5.2
- Accounts with SYSDBA/SYSOPER Privilege Report 27.6.3.4
- ALTER SYSTEM or ALTER SESSION Report 27.6.5.5
- ANY System Privileges for Database Accounts Report 27.6.2.4
- auditing 27.5
- AUDIT Privileges Report 27.6.5.10
- BECOME USER Report 27.6.5.4
- categories of 27.1
- Command Rule Audit Report 27.5.2
- Command Rule Configuration Issues Report 27.4.1
- Core Database Audit Report 27.6.8
- Core Database Vault Audit Trail Report 27.5.5
- Database Account Default Password Report 27.6.7.1
- Database Account Status Report 27.6.7.2
- Database Accounts With Catalog Roles Report 27.6.5.9
- Direct and Indirect System Privileges By Database Account Report 27.6.2.2
- Direct Object Privileges Report 27.6.1.3
- Direct System Privileges By Database Account Report 27.6.2.1
- Enterprise Manager Cloud Control 13.2.3
- Execute Privileges to Strong SYS Packages Report 27.6.3.1
- Factor Audit Report 27.5.3
- Factor Configuration Issues Report 27.4.4
- Factor Without Identities 27.4.5
- general security 27.6
- Hierarchical System Privileges by Database Account Report 27.6.2.3
- Identity Configuration Issues Report 27.4.6
- Java Policy Grants Report 27.6.9.1
- Label Security Integration Audit Report 27.5.4
- Non-Owner Object Trigger Report 27.6.9.7
- Object Access By PUBLIC Report 27.6.1.1
- Object Access Not By PUBLIC Report 27.6.1.2
- Object Dependencies Report 27.6.1.4
- Objects Dependent on Dynamic SQL Report 27.6.9.3
- OS Directory Objects Report 27.6.9.2
- OS Security Vulnerability Privileges 27.6.5.11
- Password History Access Report 27.6.5.6
- permissions for running 27.2
- privilege management 27.6.4
- Privileges Distribution By Grantee, Owner, Privilege Report 27.6.4.3
- Privileges Distribution By Grantee, Owner Report 27.6.4.2
- Privileges Distribution By Grantee Report 27.6.4.1
- Public Execute Privilege To SYS PL/SQL Procedures Report 27.6.3.3
- Realm Audit Report 27.5.1
- Realm Authorization Configuration Issues Report 27.4.3
- Resource Profiles Report 27.6.6.2
- Roles/Accounts That Have a Given Role Report 27.6.5.8
- Rule Set Configuration Issues Report 27.4.2
- running 27.3
- Secure Application Configuration Issues Report 27.4.7
- Secure Application Role Audit Report 27.5.6
- Security Policy Exemption Report 27.6.5.3
- Security Related Database Parameters 27.6.6.1
- security vulnerability 27.6.9
- System Privileges By Privilege Report 27.6.2.5
- System Resource Limits Report 27.6.6.3
- Tablespace Quotas Report 27.6.9.6
- Unwrapped PL/SQL Package Bodies Report 27.6.9.4
- Username /Password Tables Report 27.6.9.5
- WITH ADMIN Privileges Grants Report 27.6.5.1
- WITH GRANT Privileges Report 27.6.5.7
Resource Profiles Report 27.6.6.2
resources
- reports
  - Resource Profiles Report 27.6.6.2
  - System Resource Limits Report 27.6.6.3
REVOKE statement
- monitoring 26.1
roles 9.1
- See also: secure application roles
- adding to realms as grantees 5.14
- catalog-based 27.6.5.9
- Database Vault default roles 14.2.1
- privilege analysis 4.1.4
- privileges, checking with DBMS_MACUTL.USER_HAS_ROLE_VARCHAR function 21.2
- role-based system privileges 27.6.2.3
- role enablement in incomplete rule set 27.4.7
Roles/Accounts That Have a Given Role Report 27.6.5.8
root access
- guideline for using with Database Vault D.2.4
- guidelines on managing D.4.1
rules 6.6.1
- See also: rule sets
- about 6.6.1
- creating 6.6.3
- creating names 6.6.3
- data dictionary views 6.14
- default 6.6.2
- default, no longer supported 6.3
- deleting 6.6.5
- deleting from rule set 6.6.5
- existing rules, adding to rule set 6.6.4
- naming conventions 6.6.3
- nested within a rule set 6.9.2
- removing from rule set 6.6.5
- reports 6.14
- troubleshooting E.2
- views
  - DBA_DV_RULE 25.29
  - DBA_DV_RULE_SET_RULE 25.31
Rule Set Configuration Issues Report 27.4.2
rule sets 6.1
- See also: command rules, factors, realms, rules, secure application roles
- about 6.1
- adding existing rules 6.6.4
- auditing
  - intruders
    - using rule sets 6.5
- audit options 6.5
- command rules
  - disabled 27.4.1
  - selecting for 7.4
  - used with 7.1.1
- creating 6.5
  - rules in 6.6.3
- creating names 6.5
- data dictionary views 6.14
- DBMS_MACUTL constants, example of 21.1.3
- default, no longer supported 6.3
- default rules 6.6.2
- default rule sets 6.4
- deleting 6.8
  - rules from 6.6.5
- disabled for
  - factor assignment 27.4.4
  - realm authorization 27.4.3
- evaluation of rules 6.6.1
- event handlers 6.5
- events firing, finding with DV_SYSEVENT 16.2.1
- factors, selecting for 8.3.4.1
- fail code 6.5
- fail message 6.5
- functions
  - DBMS_MACADM (configuration) 16.1
  - DBMS_MACUTL (utility) 21
  - DBMS_MACUTL constants (fields) 21.1.1
  - PL/SQL functions for rule sets 16.2
- guidelines 6.12
- how rule sets work 6.9.1
- incomplete 27.4.1
- multitenant environment
  - about 6.2
- naming conventions 6.5
- nested rules 6.9.2
- performance effect 6.13
- procedures
  - DBMS_MACADM (configuration) 16.1
- process flow 6.9.1
- propagating configuration to other databases 13.2.1
- removing references to objects 6.7
- reports 6.14
- rule sets
  - evaluation options 6.5
- rules that exclude one user 6.9.3
- security attacks
  - tracking
    - with rule set auditing 6.5
- static evaluation 6.12
- troubleshooting E.2, E.3
- views
  - DBA_DV_RULE 25.29
  - DBA_DV_RULE_SET 25.30
  - DBA_DV_RULE_SET_RULE 25.31
rules sets
- audit event, custom A.3.1

S

SCHEDULER_ADMIN role
- impact of Oracle Database Vault installation 2.4
scheduling database jobs
- CREATE EXTERNAL JOB privilege security consideration D.6.4
scheduling jobs
- See: Oracle Scheduler
schemas
- DVF 14.1.2
- DVSYS 14.1.1
Secure Application Configuration Issues Report 27.4.7
secure application role 9.1
Secure Application Role Audit Report 27.5.6
secure application roles 9.1
- See also: roles, rule sets
- audit event, custom A.3.1
- creating 9.2
- data dictionary view 9.9
- DBMS_MACSEC_ROLES.SET_ROLE function 9.2
- deleting 9.5
- enabling Oracle Database roles to work with Oracle Database Vault 9.3
- functionality 9.6
- functions
  - DBMS_MACADM (configuration) 19.1
  - DBMS_MACSEC_ROLES (configuration) 19.2
  - DBMS_MACSEC_ROLES package 19.2
  - DBMS_MACUTL (utility) 21
  - DBMS_MACUTL constants (fields) 21.1.1
- guidelines on managing 9.4
- performance effect 9.8
- procedure
  - DBMS_MACADM (configuration) 19.1
- procedures and functions
  - DBMS_MACUTL (utility) 21.2
- propagating configuration to other databases 13.2.1
- reports 9.9
  - Rule Set Configuration Issues Report 27.4.2
- troubleshooting E.3
- troubleshooting with auditing report 27.5.6
- tutorial 9.7.1
- views
  - DBA_DV_ROLE 25.28
security attacks
- Denial of Service (DoS) attacks
  - finding system resource limits 27.6.6.3
- Denial of Service attacks
  - finding tablespace quotas 27.6.9.6
- eliminating audit trail 27.6.5.10
- monitoring security violations 26.1
- Oracle Database Vault addressing compromised privileged user accounts 1.5
- reports
  - AUDIT Privileges Report 27.6.5.10
  - Objects Dependent on Dynamic SQL Report 27.6.9.3
  - Privileges Distribution By Grantee, Owner Report 27.6.4.2
  - Unwrapped PL/SQL Package Bodies Report 27.6.9.4
- SQL injection attacks 27.6.9.3
- tracking
  - with factor auditing 8.3.4.2
security policies, Oracle Database Vault addressing 1.6
Security Policy Exemption Report 27.6.5.3
Security Related Database Parameters Report 27.6.6.1
security violations
- monitoring attempts 26.1
security vulnerabilities
- how Database Vault addresses 1.7
- operating systems 27.6.5.11
- reports 27.6.9
  - Security Related Database Parameters Report 27.6.6.1
- root operating system directory 27.6.9.2
SELECT_CATALOG_ROLE role 27.6.5.9
sensitive objects reports 27.6.3
separation of duty concept
- about D.1.1
- command rules 7.2
- database accounts 14.3
- database accounts, suggested 14.3
- database roles 2.3
- Database Vault Account Manager role 14.3
- documenting tasks D.1.4
- example matrix D.1.3
- how Oracle Database Vault addresses 2.3
- realms 1.7
- restricting privileges 2.2
- roles 14.2.1
- tasks in Oracle Database Vault environment D.1.2
session event command rule
- updating 17.11
session event command rules
- creating for events 17.3
- deleting 17.7
sessions
- audit events, custom A.3.1
- DBMS_MACUTL fields 21.1.1
- finding session user with DVF.F$SESSION_USER 18.3.17
- restricting data based on 8.8.1
- retrieving information with functions 18.1
simulation mode
- about 11.1
- use cases 11.2
SQL92_SECURITY initialization parameter 2.1
SQL injection attacks, detecting with Object Dependent on Dynamic SQL Report 27.6.9.3
SQL statements
- default command rules that protect 7.2
SQL statements protected by 7.3
SQL text, finding with DV_SQL_TEXT 16.2.8
subfactors
- See: child factors under factors topic
SYS_CONTEXT function
- Boolean expressions used in privilege analysis 4.2.3.3
SYS.DV$CONFIGURATION_AUDIT view 25.48
SYS.DV$ENFORCEMENT_AUDIT view 25.49
SYS account
- privilege analysis 4.1.4
SYSDBA access
- guidelines on managing D.4.3
SYSDBA privilege
- limiting, importance of D.2.3
SYSOPER access
- guidelines on managing D.4.4
system event command rule
- updating 17.12
system event command rules
- creating 17.4
- deleting 17.8
system features
- disabling with Disabled rule set 6.4
- enabling with Enabled rule set 6.4
system privileges
- checking with DBMS_MACUTL.USER_HAS_SYSTEM_PRIVILEGE function 21.2
- Oracle Database Vault roles 14.2.2
- reports
  - System Privileges By Privileges Report 27.6.2.5
System Privileges By Privilege Report 27.6.2.5
System Resource Limits Report 27.6.6.3
system root access, guideline on managing D.4.1
SYSTEM schema
- application tables in D.2.2
- realm protection 5.2.6
SYSTEM user account
- guidelines for using with Database Vault D.2.1
SYS user, patch operations 13.14
SYS user account
- adding to realm authorization 5.14

T

tablespace quotas 27.6.9.6
Tablespace Quotas Report 27.6.9.6
time data
- DBMS_MACUTL functions 21.2
trace files
- about E.1.1
trace files, Oracle Database Vault
- about E.1.1
- activities that can be traced E.1.2
- ADRCI utility E.1.6.3
- directory location for trace files E.1.6.1
- disabling for all sessions E.1.10.2
- disabling for current session E.1.10.1
- enabling for all sessions E.1.5.2
- enabling for current session E.1.5.1
- examples
  - highest level on realm violations E.1.9
  - high level authorization E.1.8
  - low level realm violations E.1.7
- finding trace file directory E.1.6.1
- levels of trace events E.1.3
- performance effect E.1.4
- querying
  - ADRCI utility E.1.6.3
  - Linux grep command E.1.6.2
traisimulationning mode
- tutorial 11.3
Transparent Data Encryption, used with Oracle Database Vault 12.2
transportable tablespaces
- authorizing for Oracle Data Pump operations in Database Vault 13.3.3.3
- DBA_DV_TTS_AUTH view 25.34
- DBMS_MACADM.AUTHORIZE_TTS_USER procedure 22.1.8
- DBMS_MACADM.UNAUTHORIZE_TTS_USER procedure 22.1.15
triggers
- different from object owner account 27.6.9.7
- reports, Non-Owner Object Trigger Report 27.6.9.7
troubleshooting
- access security sessions 27.5.5
- auditing reports, using 27.5
- factors E.2
- general diagnostic tips E.2
- locked out accounts B.1
- passwords, forgotten B.1
- realms E.2
- rules E.2
- rule sets E.2
- secure application roles 27.5.6
trusted users
- accounts and roles that should be limited D.4
- default for Oracle Database Vault D.3
trust levels
- about 8.4.2
- determining for identities with GET_TRUST_LEVEL_FOR_IDENTITY 18.2.6
- determining with GET_TRUST_LEVEL 18.2.5
- factor identity 8.4.2
- factors 8.4.4
- for factor and identity requested 18.2.6
- identities 8.3.3.2
- of current session identity 18.2.5
tutorials 8.6.3
- See also: examples
- access, granting with secure application roles 9.7.1
- ad hoc tool access, preventing 8.7.1
- configuring two-person integrity (TPI) 6.11.1
- Database Vault factors with Virtual Private Database and Oracle Label Security 12.4.4.1
- email alert in rule set 6.10.1
- factors, mapping identities 8.8.1
- Oracle Label Security integration with Oracle Database Vault 12.4.4.1
- privilege analysis 4.5
- privilege analysis for ANY privileges 4.4
- restricting access based on session data 8.8.1
- restricting user activities with command rules 7.8
- schema, protecting with a realm 3.4.1
- simulation mode 11.3
two-man rule security
- See: two-person integrity (TPI)
two-person integrity (TPI)
- about 6.11.1
- configuring with a rule set 6.11.1

U

UNAUTHORIZE_MAINTENANCE_USER procedure 22.1.12
unified audit trail
- how it works with Database Vault A.1
- protecting with a realm A.2
Unwrapped PL/SQL Package Bodies Report 27.6.9.4
USER_HISTORY$ table 27.6.5.6
user authorization
- Database Vault authorization for ILM
  - granting 22.1.5
  - revoking 22.1.12
- Database Vault authorization for Information Lifecycle Management
  - granting 22.1.5
  - revoking 22.1.12
Username/Password Tables Report 27.6.9.5
user names
- reports, Username/Password Tables Report 27.6.9.5
users
- enterprise identities, finding with DVF.F$PROXY_ENTERPRISE_IDENTITY 18.3.16
- enterprise-wide identities, finding with DVF.F$ENTERPRISE_IDENTITY 18.3.10
- finding session user with DVF.F$SESSION_USER 18.3.17
- login user name, finding with DV_LOGIN_USER 16.2.2
- restricting access by factor identity 8.8.1
utility functions
- See: .DBMS_MACUTL package
UTL_FILE object 27.6.1.4
UTL_FILE package, guidelines on managing D.6.2.1

V

views 25.1
- See also: names beginning with DVSYS.DBA_DV
- CDB_DV_STATUS 25.2
- DBA_DV_CODE 25.3
- DBA_DV_COMMAND_RULE 25.4
- DBA_DV_DATAPUMP_AUTH 25.5
- DBA_DV_DDL_AUTH 25.6
- DBA_DV_DICTIONARY_ACCTS 25.7
- DBA_DV_FACTOR 25.8
- DBA_DV_FACTOR_TYPE 25.9
- DBA_DV_IDENTITY 25.11
- DBA_DV_IDENTITY_MAP 25.12
- DBA_DV_JOB_AUTH 25.13
- DBA_DV_MAINTENANCE_AUTH 25.16
- DBA_DV_ORADEBUG 25.17
- DBA_DV_PATCH_ADMIN_AUDIT 25.18
- DBA_DV_POLICY 25.19
- DBA_DV_POLICY_LABEL 25.20
- DBA_DV_POLICY_OBJECT 25.21
- DBA_DV_POLICY_OWNER 25.22
- DBA_DV_PROXY_AUTH 25.23
- DBA_DV_PUB_PRIVS 25.24
- DBA_DV_REALM 25.25
- DBA_DV_REALM_AUTH 25.26
- DBA_DV_REALM_OBJECT 25.27
- DBA_DV_ROLE 25.28
- DBA_DV_RULE_SET 25.30
- DBA_DV_RULE_SET_RULE 25.31
- DBA_DV_SIMULATION_LOG 25.33
- DBA_DV_STATUS 25.32
- DBA_DV_TTS_AUTH 25.34
- DBA_DV_USER_PRIVS 25.35
- DBA_DV_USER_PRIVS_ALL 25.36
- DVSYS.DV$CONFIGURATION_AUDIT 25.37
- DVSYS.DV$ENFORCEMENT_AUDIT 25.38
- DVSYS.DV$REALM 25.39
- DVSYS.POLICY_OWNER_COMMAND_RULE 25.40
- DVSYS.POLICY_OWNER_POLICY 25.41
- DVSYS.POLICY_OWNER_REALM 25.42
- DVSYS.POLICY_OWNER_REALM_AUTH 25.43
- DVSYS.POLICY_OWNER_REALM_OBJECT 25.44
- DVSYS.POLICY_OWNER_RULE 25.45
- DVSYS.POLICY_OWNER_RULE_SET 25.46
- DVSYS.POLICY_OWNER_RULE_SET_RULE 25.47
- SYS.DV$CONFIGURATION_AUDIT 25.48
- SYS.DV$ENFORCEMENT_AUDIT 25.49
VPD
- See: Oracle Virtual Private Database (VPD)

W

WITH ADMIN Privileges Grants Report 27.6.5.1
WITH ADMIN status 27.6.2.1, 27.6.2.2
WITH GRANT clause 27.6.5.7
WITH GRANT Privileges Report 27.6.5.7

X

XStream
- Database Vault role used for 14.2.11
- in an Oracle Database Vault environment 13.9