Blue Core Research's "NO BULL" buyers guide to Database Auditing products - Part 13: Application user IdentificationSubmitted by tduong on Mon, 2010-11-08 22:23
There is a common misconception about the value of application user identification. The reason for the misconception is the marketing of this feature by some companies, but we'll get into all that later. First lets examine the idea.
Most applications have a single database user that they use to access the data. To enforce security, these applications maintain an internal list of users and roles that they enforce. In other words – instead of using the database security features, that functionality is performed by the application. The result is that when you look at the database activity you see everything coming from a single user. An obvious requirement is to map the database activity to the application user as it is seen by the application.
Simple introduction to Oracle Database 11g Rules Manager using good old EMP table.
This Article introduces Oracle Rules Manager in a series of simple examples with imaginary cases on the EMP table. This article is an overview of the possibilities of Oracle Rule Manager for a traditional Oracle Architect who has never thought of a Rule based approach. It will also be informative to communities working actively with other Rule Engines, who never considered the Oracle Rule Manager.
Blue Core Research's "NO BULL" buyers guide to Database Auditing products - Part 14: Oracle and MS SQL ServerSubmitted by tduong on Fri, 2010-10-29 00:59
Most companies have more than one database vendor. Oracle, SQL Server, DB2, MySQL and Sybase are all common depending on the company, and some use less common databases such as TeraData. There are, however, some important questions to ask before you dive into your cross platform heterogeneous requirements:
* Which databases do you actually need to audit? Is all your SOX, PCI, HIPAA or other sensitive data scattered across all these databases, or is your SQL Server just used for small home-grown apps that do not have any auditing requirements?
* Do you have the same DBA or team managing all these databases, or are they different teams that will end up managing auditing solutions independently? In the later case you are better off choosing the best solution for each database rather than mandating a single solution no one is too happy with.
Information about Oracle licensing is not abundantly available. Most of us might not be familiar with Oracle licensing. This article provides information about Oracle Licensing Rules and Definitions. This is Part 1 – License Metric (Oracle Technology). Please look at the disclaimer and agree before reading.
You can choose between a license based on a ‘User’ or based on server-specifications which is ’Processor’. A user-based license is called Named User Plus. So, two common license metrics are Named User Plus and Processor. I will explain a little more about the definitions.
During my experiences with different environments, I have been tasked with maintaining passwords for different information systems. This includes operating system accounts (root, oracle, administrator) and Database accounts (sys, system, dbsnmp).
It can be sometimes difficult to remember many different passwords. I have seen some people overcome this by documenting the passwords, sometimes just in a plaintext file, sometimes encrypted, sometimes just on a ‘Post-It’ Note under the keyboard.
I try and retain the passwords in memory.
Part of my job is teaching for Oracle University, and I'm often asked about OCP exam technique. Here are a few hints. The OCM exam is very different, and the confidentiality rules forbid me from discussing it, so please don't ask.
Everyday most of us deal with multiple string functions in Sql. May it be for truncating a string, searching for a substring or locating the presence of special characters.
The regexp functions available in Oracle 10g can help us achieve the above tasks in a simpler and faster way.
Working with LDAP has made me appreciate the maturity of the Oracle RDBMS. That said, LDAP is pretty popular it seems. To that end my cohort in crime Dave Smith and I (Kevin Meade) have been tasked with many a work request to update LDAP entries related to database data. In integrating our databases and LDAP via the DBMS_LDAP package we came across this error. A quick Internet search revealed lots of people with the same error but no answers. It turns out that the error is exactly what it says it is, but that finding the reason for it is another matter. Here we discuss what we think the error means and the three most likely ways to get it.
What is Recycle Bin
Oracle has introduced "Recycle Bin" Feature Oracle 10g to store all the dropped objects.
If any table in Oracle 10g is dropped then any associated objects to this table such as indexes,
constraints and other dependant objects are simply renamed with a prefix of BIN$$.
Why Recycle Bin
A user drops a very important table--accidentally, of course--and it needs to be revived as soon as possible.
Sometime is necessary to move all database objects from one tablespace to another.
Basically are tables, indexes and lobs.
This script permit move database objects from one user and/or tablespace to another:
set echo off
set heading off
var tbs_source varchar2;
var tbs_dest varchar2;
var schema_user varchar2;
-- '' if it isn't relevant.
exec :tbs_source := 'SOURCE_TBS';
-- '' if it isn't relevant.
exec :schema_user := 'SOURCE_USER';
exec :tbs_dest := 'DEST_TBS';
select 'Transporting tablespace ' || :tbs_source || ' or user ' || :schema_user || ' to tables