1.3 Oracle Database Security
This topic describes about Oracle Database security.
Refer to the Oracle Database Security specification document to make the environment more safe and secured.
Oracle Banking Corporate Lending Process Management Recommended Configuration
The security recommendations for Oracle Banking Corporate Lending Process Management database is described below.
Table 1-1 Security Recommendations
| File Name | Property | Feature |
|---|---|---|
| Init.ora | REMOTE_OS_AUTHENT=FALSE | Authentication |
| Init.ora | TRACE_FILES_PUBLIC=FALSE | Authorization |
| Init.ora | REMOTE_OS_ROLES=FALSE | Authorization |
| Init.ora | O7_DICTIONARY_ACCESSIBILITY = FALSE | Authorization |
| Init.ora | AUDIT_TRAIL = OS | Audit |
| Init.ora | AUDIT_FILE_DEST = E:\logs\db\audit | Audit |
| To audit sessions | SQL> audit session; | Audit |
| To audit schema changes | SQL> audit user; | Audit |
| To audit other events |
SQL> AUDIT DATABASE LINK; -- Audit create or drop database links SQL> AUDIT PUBLIC DATABASE LINK; -- Audit create or drop public database links SQL> AUDIT SYSTEM AUDIT; -- Audit statements themselves SQL> AUDIT ALTER ANY ROLE by ACCESS; -- Audit alter any role statements SQL> AUDIT ALTER DATABASE by ACCESS; -- Audit alter database statements SQL> AUDIT ALTER SYSTEM by ACCESS; -- Audit alter system statements SQL> AUDIT CREATE ROLE by ACCESS; -- Audit create role statements SQL> AUDIT DROP ANY ROLE by ACCESS; -- Audit drop any role statements SQL> AUDIT PROFILE by ACCESS; -- Audit changes to profiles SQL> AUDIT PUBLIC SYNONYM by ACCESS; -- Audit public synonyms statements SQL> AUDIT SYSDBA by ACCESS; -- Audit SYSDBA privileges SQL> AUDIT SYSOPER by ACCESS; -- Audit SYSOPER privileges SQL> AUDIT SYSTEM GRANT by ACCESS; -- Audit System grant privileges |
Audit |
Note:
To audit the events, login through sqlplus as SYSTEM and issue the commands.Parent topic: Prerequisites