This year I have the opportunity to take part in the UKOUG TechFest for the first time. I am represented with two lectures. Have a look at the UKOUG Webpage for a detailed agenda of the event and the venue.
Titel Oracle PDB protection and isolation
Scheduled Tuesday, 3rd Dec., 9:00 AM for 45 minutes
Abstract The same principles and measures of database security can be implemented in container databases as in normal single-tenant environments. However, if the container databases are to be used securely by various tenants with more or less high system privileges, additional security measures are required. Especially if access to the operating system is granted directly or indirectly with JVM, external tables, scheduler jobs or directories. The aim of this presentation is to evaluate database security in the focus of container databases and to discuss appropriate measures. This includes the use of lockdown profiles, PDB_OS_CREDENTIALS and various other measures and features. Where useful, the presentation is complemented by appropriate examples and demos. As far as possible, it is also shown how Oracle handles these problems in its cloud solutions (e.g. Autonomous Database).
Titel Central user administration of Oracle databases
Scheduled Wednesday 4th Dec., 2:45 PM for 45 minutes.
Abstract Security is one of the key challenges for on-premises and cloud based databases nowadays. However, the appropriate security and hardening measures generally only make sense if authentication and authorization have already been implemented with appropriate care. Instead of the decentralised administration of users, privileges and roles in each database, it is easier and more secure to manage them centrally. The latest version of Oracle offers different possibilities to implement this requirement. With focus on the current versions of Oracle Database the following topics are discussed among others:
- Password verifier and strong authentication like Kerberos and SSL.
- Options for central user administration of Oracle databases.
- Oracle EUS versus CMU
- Integration of Oracle Database 19c with Active Directory Services
- Sample setup of an Oracle database with Active Directory Integration via Centrally Managed User (CMU)
The presentation is complemented by appropriate examples and live demos.
See you at the UKOUG TechFest 2019.