Scribd
Upload
269 views26 pages

Oracle Database Application Security Guide

Oracle databases use a multi-tier architecture with clients connecting to listeners that route requests to database servers. Authentication is typically username and password stored as a hashed value. Security is provided through granting privileges on database objects to users or roles. Integration between applications is commonly achieved through shared database schemas or stored procedures with controlled access. A key challenge is effective management of database accounts and passwords.

Uploaded by

Utkarsh Sethi
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
269 views26 pages

Oracle Database Application Security Guide

Oracle databases use a multi-tier architecture with clients connecting to listeners that route requests to database servers. Authentication is typically username and password stored as a hashed value. Security is provided through granting privileges on database objects to users or roles. Integration between applications is commonly achieved through shared database schemas or stored procedures with controlled access. A key challenge is effective management of database accounts and passwords.

Uploaded by

Utkarsh Sethi
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
  • Oracle Database Security Overview
  • Purpose and Scope
  • Agenda
  • Oracle Architecture
  • Authentication and Credentials
  • Common Oracle Objects
  • Oracle Object Security
  • Java Security in Oracle
  • Access Beyond the Database
  • Auditing
  • Common Integration Techniques
  • Current Challenges

Oracle Database

Security
…from the application perspective

Martin Nystrom
September 2003
Purpose
 In scope: application security of Oracle
databases

 Out of scope: system security of Oracle


databases
Agenda
 Oracle architecture
 System architecture
 Network architecture
 Common Oracle objects
 Schema/object security
 Java security
 Application integration techniques
 Current challenges at Cisco
Grossly oversimplified Oracle
network architecture
Client host ONS server
Oracle ONS query Oracle
client 1526 Names
software service

SQL*Net (Net8)

1521
Database server TNS
(ADDRESS=(PROTOCOL=TCP) Listener
(HOST=[Link])
(PORT=1521))

Database

Oracle architecture
Oracle networking example

fields-sj-1 ons-sj
Oracle ONS query Oracle
client 1526 Names
software service

1521
cmrsdb TNS
(ADDRESS=(PROTOCOL=TCP) Listener
(HOST=[Link])
(PORT=1521))

cmrs

Oracle architecture
Simplified Oracle
Network Architecture w/OCM
Host #1
Oracle
client OCM Server
Allowed
software 1521
TNS
Listener Host #1
Host #2

Host #2 rejected
Oracle
client rejected 1521
software Database server TNS
Listener

Host #3
Database
Oracle
client
software
Oracle architecture
SQL*Net
 Introduced in Oracle V5
 Renamed “Net8” in Oracle8
 Supports multiple protocols (TCP/IP,
DECnet, SPX/IPX, etc.)

Oracle architecture
Authentication & credentials
 Can be…
 OS authentication
 Userid/password
 X.509 certificates
 Smart card
 Etc.
 Stored in Oracle
 As MD5 hash
 …not so for dblinks or FND_USERS

Oracle architecture
Authentication & credentials (cont.)
 Transport encryption
 DES encryption of db-selected random number
w/user’s password hash
 OS-integrated authentication available too
 Password changes travel unencrypted
 Password management features available
 Aging & expiration
 History (e.g., can prohibit reuse of last 3 passwords)
 Composition & complexity (e.g., require letters +
numbers)
 Account lockout
Common Oracle objects
Database instance

schema stored
schema
procedure
view

function
table
table
trigger

index

Public area
synonym
Oracle object security
grant select on
EMPLOYEES to ASOK;

orders candidates
customers
employees

asok’s schema alice’s schema

all_users

Public objects
Oracle role-based security
hr_steward grant all privileges
on EMPLOYEES to role
HR_STEWARD;

grant HR_STEWARD to
CATBERT;
DBA

candidates

employees

hrdata schema
Database links
Create database link EMPLINK
connect to DOGBERT identified
by CISCO123 using HR_DB;

ECOMMERCE_DB HR_DB

orders
employees

EMPLINK

dogbert’s schema dogbert’s schema


Java security in Oracle
• System classes loaded by default, accessible & shared by all sessions

[Link].* [Link]

wally session dilbert session

java.* [Link].* [Link].*

Java server classes (common, read-only)


Java security in Oracle
 System classes loaded in shared area
 Users can load classes
 Into their own schema/session
 Can grant execution rights to other users
 Permissions
 Stored in Oracle objects, not files
 Stored in PolicyTable table
 Granted by DBA or JAVA_ADMIN roles
• “call dbms_java.grant_permission(
“mnystrom”,
“[Link]”,
“localhost:1024-”,
“connect”)
 2 privilege models
 Invoker’s rights
 Definer’s rights (setuid)
Invoker’s rights

[Link]
[Link].*

salary salary

dogbert’s schema alice’s schema


Definer’s rights

[Link]
[Link].*

salary salary

dogbert’s schema alice’s schema


Access beyond the database
 Languages: PL/SQL or Java
 Techniques: Stored procs or functions
 Examples
 Execute, read, write local files
 Make and receive network calls (HTTP, MMX, etc.)
 Access data in remote databases
 Send mail

Database server

Database

/oracle/apps/
Auditing
 Obviously impacts database performance
 Writes high-level info to a common table
 Database user
 Object (table, role, etc.)
 Action (select, insert, etc.)
 Date/time
 Currently enabled on-request to DBA team
 Difficult to trace actions to a live human
 Can correlate with IP address
Common integration techniques
 Shared database schemas
 Separate schemas/dbs
 Grant direct access to each other’s schemas
 Grant only stored proc access
Typical modern application

application

orders customers

application schema
Shared schemas

Application Application
#1 #2

insert
update
select
select delete
insert
select
update
grant
orders
customers

application #2’s schema


Shared objects

Application Application
#1 #2

insert
update
select delete
select
insert select
update grant

orders
customers

Application #1’s schema Application #2’s schema


Shared, protected objects

Application Application
#1 #2

insert
update
select delete
execute
insert select
update grant

orders
stored customers
procedure

Application #1’s schema Application #2’s schema


Application-level integration
•Shared libraries
Application •MMX Application
#1 •Web services #2
•IIOP

insert
update
select delete
insert select
update grant

orders
customers

Application #1’s schema Application #2’s schema


Current problems in industry
 Account management
 Passwords never changed
 Accounts/passwords widely known
• All developers
• cgi-bin trees
• CVS source repositories
 Privileges too broad
 No data stewardship
 No segregation/special protection for sensitive
data

You might also like