This book is about database security and auditing. You will learn many methods and techniques that will be helpful in securing, monitoring and auditing database environments. It covers diverse topics that include all aspects of database security and auditing - including network security for databases, authentication and authorization issues, links and replication, database Trojans, etc. You will also learn of vulnerabilities and attacks that exist within various database environments or that have been used to attack databases (and that have since been fixed). These will often be explained to an "internals" level. There are many sections which outline the "anatomy of an attack" - before delving into the details of how to combat such an attack. Equally important, you will learn about the database auditing landscape - both from a business and regulatory requirements perspective as well as from a technical implementation perspective.
* Useful to the database administrator and/or security administrator - regardless of the precise database vendor (or vendors) that you are using within your organization.
* Has a large number of examples - examples that pertain to Oracle, SQL Server, DB2, Sybase and even MySQL..
* Many of the techniques you will see in this book will never be described in a manual or a book that is devoted to a certain database product.
* Addressing complex issues must take into account more than just the database and focusing on capabilities that are provided only by the database vendor is not always enough. This book offers a broader view of the database environment - which is not dependent on the database platform - a view that is important to ensure gooddatabase security.

Oracle is the number one database engine in use today. The fact that it is the choice of military organizations and agencies around the world is part of the company s legacy and is evident in the product. Oracle has more security-related functions, products, and tools than almost any other database engine. Unfortunately, the fact that these capabilities exist does not mean that they are used correctly or even used at all. In fact, most users are familiar with less than twenty percent of the security mechanisms within Oracle.

Written by Ron Ben Natan, one of the most respected and knowledgeable database security experts in the world, HOWTO Secure and Audit Oracle 10g and 11g shows readers how to navigate the options, select the right tools and avoid common pitfalls. The text is structured as HOWTOs addressing each security function in the context of Oracle 11g and Oracle 10g. Among a long list of HOWTOs, readers will learn to:

• Choose configuration settings that make it harder to gain unauthorized access
• Understand when and how to encrypt data-at-rest and data-in-transit and how to implement strong authentication
• Use and manage audit trails and advanced techniques for auditing
• Assess risks that may exist and determine how to address them
• Make use of advanced tools and options such as Advanced Security Options, Virtual Private Database, Audit Vault, and Database Vault

The text also provides an overview of cryptography, covering encryption and digital signatures and shows readers how Oracle Wallet Manager and orapki can be used to generate and manage certificates and other secrets. While the book s seventeen chapters follow a logical order of implementation, each HOWTO can be referenced independently to meet a user s immediate needs. Providing authoritative and succinct instructions highlighted by examples, this ultimate guide to security best practices for Oracle bridges the gap between those who install and configure security features and those who secure and audit them.