Oracle just released the documentation for Oracle 12c Release 2. It seems that most of the new security features are available as discussed in my presentation at DOAG SIG Security in Düsseldorf on the 18th of october. See docs.oracle.com for the documentation bookshelf.
Yet a short summary of new security features
Encryption
- TDE Tablespace Live Conversion
- Fully Encrypted Database
- Support for ARIA, SEED, and GOST Encryption Algorithms in TDE
- TDE Tablespace Offline Conversion
Enforcing Application Security in the Database
- RAS Session Privilege Scoping
- RAS Column Privilege Enhancements
- RAS Schema Level Policy Administration
- RAS Integration with OLS
Improving Security Manageability, Administration, and Integration
- Oracle Virtual Private Database Predicate Audit
- Oracle Database Vault Policy
- Oracle Database Vault Simulation Mode Protection
- Oracle Database Vault Common Realms and Command Rules for Oracle Multitenant
- Privilege Analysis Enhancements
- Privilege Analysis Results Comparison
- Redaction: Different Data Redaction Policy Expressions
- Redaction: New Functions Allowed in Data Redaction Policy Expressions
- Redaction: Additional Data Redaction Transformations
- Automatic KDC Discovery When Configuring OCI Clients
- Automatic Provisioning of Kerberos Keytab for Oracle Databases
- Role-Based Conditional Auditing
- Inherit Remote Privileges
Improving Security Posture of the Database
- SYSRAC – Separation of Duty for Administering Real Application Clusters
- Transparent Sensitive Data Protection Feature Integration
- Requiring Strong Password Verifiers by Default
Improving User Authentication and Management
- Automatic Locking of Inactive User Accounts
Modernizing Network Authentication and Encryption
- Kerberos-Based Authentication for Direct NFS
There is much more just on security. The full list of new features is available in the New Features Guide 12c Release 2 (12.2). In particular the new features for TDE are worth, having a closer look. So let’s discuss the good, the bad and the mad….
If you plan to take a training have a look at the Trivadis Training. We will announce a Trivadis Oracle Database 12c Release 2 Techno Circle as soon as the software for 12c Release 2 is officially released.