Download Myth: Encryption makes your data secure.

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
page
25
page
26
page
27
page
28
page
29
page
30
page
31
page
32
page
33
page
34
page
35
page
36
page
37
page
38
page
39
page
40
page
41
page
42
page
43
page
44
page
45
page
46
page
47
page
48
page
49
page
50
page
51
page
52
page
53
page
54
page
55
page
56
page
57
page
58
page
59
page
60
page
61
page
62
page
63
page
64
page
65
page
66
page
67
page
68
page
69
Document related concepts

Database model wikipedia , lookup

Open Database Connectivity wikipedia , lookup

Clusterpoint wikipedia , lookup

Microsoft Access wikipedia , lookup

Microsoft Jet Database Engine wikipedia , lookup

PL/SQL wikipedia , lookup

Oracle Database wikipedia , lookup

Transcript 
Introduction to Oracle Security
中原大學應用數學系
劉立民
Know your threats




Erasing your data
Changing your data in an undetectable
manner
Reading your data to compromise your
organization’s position
Destroying your data
Internal and External threats

Internal threats



Behind your firewall
Can access your network
External threats



Hacker (white hat)
Cracker (black hat)
Gray hat
Top security myths

Myth: Hackers cause most security breaches.


Myth: Encryption makes your data secure.


In fact, 80% of data loss is to caused by insiders.
In fact, encryption is only one approach to
securing data. Security also requires access
control, data integrity, system availability, and
auditing.
Myth: Firewalls make your data secure.

In fact, 40% of Internet break-ins occur in spite of
a firewall being in place.
Who can do what

Authentication


The process used to determine that a user
is who he or she claims to be
Authorization

Authorization is based on matching an
identity with a list of rights, priviliges, or
areas of access
Typical E-Commerce Architecture
Dimensions of Data Security
Fundamental Data Security
Requirements

Confidentiality

Integrity

Availability
Confidentiality




Privacy of Communications
Secure Storage of Sensitive Data
Authenticated Users
Granular Access Control
Integrity




System and object privileges control access to
application tables and system commands, so
that only authorized users can change data.
Referential integrity is the ability to maintain
valid relationships between values in the
database, according to rules that have been
defined.
A database must be protected against viruses
designed to corrupt the data.
The network traffic must be protected from
deletion, corruption, and eavesdropping.
Availability
Security Requirements in the
Internet Environment





Promises and Problems of the Internet
Increased Data Access
Much More Valuable Data
Larger User Communities
Hosted Systems and Exchanges
Data Security Risks








Data Tampering
Eavesdropping and Data Theft
Falsifying User Identities
Password-Related Threats
Unauthorized Access to Tables and Columns
Unauthorized Access to Data Rows
Lack of Accountability
Complex User Management Requirements
A Matrix of Security Risks and
Solutions
A Matrix of Security Risks and
Solutions (Con’t)
A Matrix of Security Risks and
Solutions (Con’t)
The System Security Team
Security Oracle on UNIX

How the Oracle database runs


PMON, SMON, DBWR, DBW0, LGWR, RECO,
CKPT, ARCH
Installing Oracle on UNIX


Create a group named oinstall for
installation
Create an account called oracle to
install/own the software
Oracle’s recommended groups





ORA_ALL: all users allowed to access the
ORACLE_HOME directory
ORADBA: users to map to the OSDBA role.
ORAOPER: users to map to OSOPER role.
ORASTARTUP: users who will need to start up
an instance.
ORAOWNER: users who will have full access
to the operating system file.
Oracle’s group hierarchy
ORA_ALL
ORASTARTUP
ORAOPER
ORAOWNER
ORADBA
Set file permissions




Change the group of the ORACLE_HOME directory to
ORA_ALL and set the permission to 750 to restricts
anyone who has not explicitly been added to the
ORA_ALL group.
Change the group of all files and directories under
ORACLE_HOME to ORAOWNER and set permission to
775.
For the ORACLE_HOME/rdbms/log and audit
directories, set the permission to 750.
For the oracle executable file change the group to
ORASTARTUP and set the permissions to 6710.
Advantages gained from the
architecture




Denies access to all users, yet allows you to
grant limited access to SQL*PLUS users
Provides the ability to name OSDBA and
OSOPER users who do not have free reign
over the file system.
Provides the ability to grant control of files in
ORACLE_HOME to individual Unix users.
Prevents users with full control of the
ORACLE_HOME from deleting audit logs and
manipulating or viewing the data files.
Security of raw device



A raw device is a partition on the hard drive that is
not mounted or controlled via the UNIX file system.
Use ls on /dev/rdsk directory to locate your raw
devices.
Change permissions on raw devices
#chown oracle /dev/rdsk/dks2d2s3
#chgrp oinstall /dev/rdsk/dks2d2s3
#chmod 700 /dev/rdsk/dks2d2s3

Use the raw device
create database TESTDB
logfile ‘/oracle/dbs/logfile1.f’ size 100k
‘/oracle/dbs/logfile2.f’ size 100k
datafile ‘/dev/rdsk/dks2d2s3’ size 10000k reuse;
Firewalls and Oracle



A firewall is a single point of control on a
network, used to prevent unauthorized clients
from reaching the server.
It acts as a filter, screening out unauthorized
network users from using the intranet.
Firewalls are rule-based. They have a list of
rules that define which clients can connect,
and which cannot.
Firewall Approaches – Approach I
Approach I – Pros and Cons

Pros




Cons


The setup is simple
Your internet computers are totally isolated from the
external computers
You only require the user of a single firewall
Both web server and database are open to any attach
How to make this model work



Updating patches and service packs
Disabling unnecessary services
Implementing strong passwords
Firewall Approaches – Approach II
Approach II – Pros and Cons

Pros




The setup is simple
Low cost of the configuration
Compare to approach I, the security is
much tighter
Cons

Allowing packets through the firewall into
the internal network weakens the security
Firewall Approaches – Approach III
Approach III – Pros and Cons

Pros


Cons


Compare to approach II, the security is much
tighter
Web server remains exposed to attach
How to make this model work


Must harden the OS that the web server runs on
Many security holes are discovered every day
Firewall Approaches – Approach IV
Approach IV

Pros



Compare to approach III, the model is more
robust
It limits the ability to spoof and separated external
machines from internal machines
Even if the machines in the DMZ
(demilitarized zone, area between firewalls)
are compromised, the setup continues to
protect the internal network from servers in
the DMZ.
What a firewall does not prevent




Firewalls cannot protect you from internal
attacks
Firewalls cannot stop a hacker who can get
around your firewall. For instance, by calling
into a modem on a computer that is
connected to your internal network
Firewalls cannot stop a hacker attacking your
laptop when it is connected to a cable
modem at employee’s home
Firewalls cannot stop virus like Trojan horse
inside an email.
Using Oracle through a firewall

Firewalls can be implemented in two
ways


Firewalls using Oracle Connection Manager
in an intranet environment
Firewalls using Oracle Net Firewall Proxy in
an internet environment
Oracle Connection Manager in
an intranet environment

It can be configured to grant or deny client
access to a particular database service or a
computer, based on the following criteria:




Source host names or IP addresses for clients
Destination host names or IP addresses for
servers
Destination database service names
Client use of Oracle Advanced Security
Intranet Network Access Control
with Oracle Connection Manager
For this configuration to work, clients require the JDBC Thin driver.
Oracle Net Firewall Proxy in an
internet environment


Oracle Connection Manager
functionality is offered by some firewall
vendors through a software component
called Oracle Net Firewall Proxy.
A host computer, called an application
gateway, runs the Oracle Connection
Manager software.
Internet Network Access Control
with an Application Gateway
Ensuring Security in Three-Tier
Systems

Proxy Authentication to Ensure Three-Tier
Security


An important security feature for three-tier systems is the
ability to proxy authenticated user identity from a middle tier
to the database.
Java Database Connectivity (JDBC)



JDBC allows Java programs to send SQL statements to an
object-relational database such as Oracle. JDBC enables a
middle tier server to access a database on behalf of a client
user by establishing a lightweight session for the user.
Java applets can thus transmit data over secure channels.
You can have secure connections from middle tier servers
with Java Server Pages (JSPs) to the database.
Overview of Oracle HTTP
Server Security

Oracle HTTP Server




It comes standard on the Oracle8i and Oracle9i
database CDs.
It is a valuable tool for developing CGI or Java
applications.
Most of the configuration options required for the
Oracle HTTP Server are built during the Oracle
install.
Oracle HTTP server user Apache as its engine
Oracle HTTP server components

Oracle HTTP Server 1.3.12.0.3a

Oracle HTTP Server Extensions 9.0.1.0.0

Oracle Mod PL/SQL Gateway 3.0.9.0.7

Apache Module for Oracle Servlet Engine 9.0.1.0.0

BC4J Runtime 5.0.0.417.1

Apache Configuration for Oracle XML Developer's Kit

Oracle eBusiness Management Extensions 9.0.1.0.0

Oracle HTTP Server Extensions 9.0.1.0.0
Steps for Handling URL Requests
in Oracle HTTP Server
Oracle web server security

Ensure the data stream cannot be viewed or
tampered with by a third party


You can use SSL protocol to encrypt
Consider and address authentication and
authorization to ensure valid users access and
manipulate the data within the stream

Host-based access control

User authentication
Oracle HTTP server SSL
configuration


ssl.conf includes the SSL definitions and
virtual host container.
It is located at:


UNIX: ORACLE_HOME/Apache/Apache/conf
Windows: ORACLE_HOME\Apache\Apache\conf
Understanding Host-Based
Access Control

You use the deny, allow, and order directives
to set this type of access control.
<Directory /internalonly/>
order deny, allow
deny from all
allow from 192.168.1 us.oracle.com
</Directory>

requests originating from any IP address in
the 192.168.1.* range or with the host name
us.oracle.com are allowed access to files in
the directory /internalonly/
Access Control for Virtual Hosts


IP-based, Name-based
place the AccessConfig directive inside a
virtual host container in the server
configuration file, httpd.conf
...
<VirtualHost ip.address.of.host.some_domain.com>
... virtual host directives ...
AccessConfig conf/access.conf
</VirtualHost>
Overview of Host-Based Access
Control Schemes




Controlling
Controlling
Controlling
Netmask
Controlling
Variables
Access by IP Address
Access by Domain Name
Access by Network or
Access with Environment
Controlling Access by IP Address

To configure IP address-based access control,
use the syntax shown in the following
example:
<Directory /secure_only/>
order deny,allow
deny from all allow from 207.175.42.154 192.220.208.9
</Directory>

In this example, requests originating from all
IP addresses except 207.175.42.154 and
192.220.208.9 are denied access to the
/secure_only/ directory.
Controlling Access by Domain Name

To combine domain name-based with IP addressbased access control, use the syntax shown in the
following example:
<Directory /co_backgr/>
order allow,deny
allow from all
# 141.217.24.179 is the IP for malicious.cracker.com
deny from malicious.cracker.com 141.217.24.179
</Directory>

In this example all requests for directory /co_backgr/
are accepted except those that originate from the
domain name malicious.cracker.com or the IP address
141.217.24.179.
Controlling Access by Network or
Netmask

You can control access based on
subsets of networks, specified by IP
address.
<Directory /payroll/>
order deny,allow
deny from all allow from 10.1.0.0/255.255.0.0
</Directory>

In this example, access is allowed from
a network/netmask pair.
Controlling Access with Environment
Variables

You can use arbitrary environment
variables for access control
BrowserMatch ^Mozilla netscape_browser
<Directory /mozilla-area/>
order deny,allow
deny from all allow from env=netscape_browser
</Directory>

In this example, allow access only to
requests that come from Netscape
browsers
Overview of User Authentication



Basic authentication that is based on user
name and password pairs.
For Internet communications, SSL, (X.509) is
usually used for transmitting sensitive
information such as passwords and
authenticating users to Web applications and
databases.
Oracle HTTP Server also supports single signon, which allows users to log in to multiple
Web applications using a single user name
and password.
Basic Authentication and
Authorization with mod_auth

Authentication Configuration Directives
Using Secure Sockets Layer (SSL) to
Authenticate Users



mod_ossl is the Oracle Secure Sockets Layer
(SSL) implementation in use with the Oracle
database
mod_ossl replaces mod_ssl in the Oracle
HTTP Server distribution.
A tool is provided to enable you to migrate
from mod_ssl to mod_ossl, and convert your
text certificates to Oracle wallets.
Differences between mod_ossl
and mod_ssl
The mod_ssl directives







SSLRandomSeed
SSLCertificateFile
SSLCertificateKeyFile
SSLCertificateChainFile
SSLCACertificateFile
SSLCACertificatePath
SSLVerifyDepth
SSL Secures Internet and
Oracle Communications
PKI Implementation in Oracle
Advanced Security

Public Key Infrastructure (PKI) approach
is an emerging means of achieving
security and single sign-on, adding
extra value to the Oracle Advanced
Security option.


Components of Oracle Public Key
Infrastructure-Based Authentication
PKI Integration and Interoperability
Components of Oracle Public Key
Infrastructure-Based Authentication









Secure Sockets Layer
Oracle Call Interface
Trusted Certificates
X.509 Version 3 Certificates
Oracle Wallets
Oracle Wallet Manager
Oracle Enterprise Login Assistant
Oracle Internet Directory
Oracle Enterprise Security Manager
Oracle Wallets



An Oracle wallet is a container in which
certificates and trusted certificates are
stored and managed
There is no need for real time checking
with the certificate authority.
These data structures securely store a
user private key, a user certificate, and
a set of trusted certificates.
Proxy Authentication in a
Multi-tier Environment
PKI Integration and Interoperability

PKCS #12 Support

Wallets Stored in Oracle Internet
Ditrcotry

Multiple Certificate Support

Strong Wallet Encryption
Oracle PKI Implementation
Summary



PKI provides an important security
infrastructure to a network.
SSL secures not only Oracle Net, but also
other protocols such as IIOP (Internet InterORB Protocol), giving Oracle the ability to
work with thin clients and Enterprise
JavaBeans (EJB).
Certificates not only authenticate clients to
servers, but they also authenticate servers to
other servers.
Public-Key Encryption


Also called asymmetric encryption
involves a pair of keys




a public key
a private key
Each public key is published, and the
corresponding private key is kept secret.
Based on modular arithmetic
How PKI works

Knapsack problem
How PKI works (Con’t)

Create a new Knapsack values(642, 2311, 18)




X: 1 4 6 12 25 51 105 210 421 850
Yi = (Xi * 642) % 2311
Y: 642 257 1541 771 2184 388 391 782 2206 304 [public
key]
Encode and encrypt message with the public key

An encrypted value 4895 can be derived very quickly
( 4895 * 18 ) % 2311 => 292
292 =
1 4
6 12 25
51 105 210 421 850
4895 = 642 257 1541 771 2184 388 391 782 2206 304
0 0
1
0
1
1
0
1
0
0
Certificate Authorities


A certificate authority (CA) is a trusted
third party which certifies that other
entities--users, databases,
administrators, clients, servers--are who
they say they are.
A certificate authority might be an
external company that offers certificate
services, or an internal organization
Certificates



A certificate is like an electronic passport
which proves the identity of a user or device
that seeks to access the network.
The certificate ensures that the entity's
information is correct and that the public key
actually belongs to that entity.
A certificate is created when an entity's public
key is signed by a trusted identity (a
certificate authority).
Information kept in a
certificate








the certificate user’s name
an expiration date
a unique serial number assigned to the certificate by
the CA
the user’s public key
information about the rights and uses associated with
the certificate
the name of the certificate authority that issued the
certificate
the CA’s signature
an algorithm identifier that identifies which algorithm
was used to sign the certificate
Related documents
Big Data Gives Artificial Intelligence Something to Think About
Big Data Gives Artificial Intelligence Something to Think About
Slide 1
Slide 1
Course flyer
Course flyer
Exam preparation session
Exam preparation session
Lab PowerPoint - Personal Web Pages
Lab PowerPoint - Personal Web Pages
Why A Distributed Database?
Why A Distributed Database?
JO US! IN
JO US! IN
Database Administrator
Database Administrator
Info
Info
post conditional offer contingencies
post conditional offer contingencies
Oracle Application Express
Oracle Application Express