TOC课件教学.pptVIP

Preface I Introduction to Database Security Course Objectives I-2 Agenda I-3 Prerequisites I-5 1 Security Requirements Objectives 1-2 Industry-Security Requirements 1-3 Security Standards 1-5 Fundamental Data-Security Requirements 1-6 Components for Enforcing Security 1-8 Security Risks 1-9 Risk Analysis 1-11 Principle of Least Privilege 1-12 Defining a Security Policy 1-13 Developing Your Security Policy 1-15 Examining All Aspects of Security 1-16 Implementing a Security Policy 1-17 Defense in Depth 1-18 Hardening the Operating System 1-19 Easing Administration 1-21 Using a Firewall to Restrict Network Access 1-23 Hardening Oracle Services 1-24 Summary 1-25 2 Security Solutions Objectives 2-2 Preventing Exploits 2-3 Maintaining Data Integrity 2-4 Data Protection 2-5 Access Control 2-6 Middle-Tier Authentication and Authorization 2-7 Network-wide Authentication 2-8 Summary 2-9 3 Internal Database Security Objectives 3-2 Database Security: Checklist 3-3 Reducing Administration Effort 3-4 Contents iii Installing Only What Is Required 3-5 Applying Security Patches 3-6 SYS and SYSTEM Accounts 3-7 SYSOPER and SYSDBA 3-8 Locking and Expiring Default User Accounts 3-9 Changing Default Account Passwords 3-11 Enforcing Password Management 3-13 Protecting the Data Dictionary 3-15 System and Object Privileges 3-16 Restricting the Directories Accessible by the User 3-17 Limiting Users with Administrative Privileges 3-18 Separation of Responsibilities 3-19 Using Other Database Security Features 3-21 Summary 3-22 4 Database Auditing Objectives 4-2 Monitoring for Suspicious Activity 4-3 Audit Tool Comparisons 4-5 Standard Database Auditing 4-6 Specifying Audit Options 4-7 Auditing Sessions 4-9 Viewing Auditing Options 4-11 Standard Database Auditing 4-12 Viewing Auditing Results 4-13 Auditing the SYSDBA and SYSOPER Users 4-14 Viewing the SYSDBA Audit Trails 4-15 Valu