Oracle Privilege Analysis in action

As Oracle has quite recently announced that Privilege Analysis is now included with the Oracle Database Enterprise Edition licence, I played a little bit with this cool feature to solve infamous ORA-01031: Insufficient privileges error. You can read results of my investigation in the article inside new issue of UKOUG magazine called #PTK (former Oracle Scene): ORA-01031: Insufficient privileges. Enjoy!

Advertisements

Redo Transport from Oracle 11.2 to 12.2 and SYS password case-sensitivity problems

Case-sensitive passwords were introduced in Oracle Database 11g, causing some misunderstanding and introducing quite a lot of annoying problems for DBAs, even though it was really required to bring level of Oracle’s security to 21st century standards ;). Since then, even more changes were introduced, including for example deprecation of SEC_CASE_SENSITIVE_LOGON database parameter, IGNORECASE argument of ORAPWD tool or password file format change in 12c.

Continue reading “Redo Transport from Oracle 11.2 to 12.2 and SYS password case-sensitivity problems”

Oracle Database Security For Developers

The last blog post of Jeff Smith (18.1 Features: SQL Injection Detection) about little, but nice feature of SQL Developer detecting if your PL/SQL code might be vulnerable for SQL Injection, reminded me about the presentation I’ve delivered during Oracle Tutorials at CERN in 2013.

Continue reading “Oracle Database Security For Developers”

Unified Auditing performance

Originally posted on “Databases at CERN” blog

In my previous blog post (Migrating to Oracle Database 12c – what to do with auditing?) I provided you with number of reasons why unified auditing looks very promising and should be seriously considered while migrating to 12c. Nonetheless, I was not talking at all about performance – which also seems to be greatly improved.

Continue reading “Unified Auditing performance”

Migrating to Oracle Database 12c – what to do with auditing?

Originally posted on “Databases at CERN” blog

If you consider migrating to Oracle Database 12c, no matter if you think of development, testing or production environments, one of many decisions you need to take is to define what to do with the auditing. The biggest new feature in this area is so-called Unified Auditing, which captures auditing information from different sources, like for example “normal” and FGA audit records, application contexts, RMAN or DataPump plus few others and stores it in common format and place, which is read-only, partitioned table in AUDSYS schema, by default residing in SYSAUX tablespace and using Oracle SecureFiles feature.

Continue reading “Migrating to Oracle Database 12c – what to do with auditing?”