Oracle Database Security

1.1 Oracle Database Security

The security recommendations are provided for the database used for Oracle Banking Branch products.

Refer to the Oracle Database Security specification document for making the environment more safe and secure.

Table 1-2 Recommended Configuration

Configuration	Value	Purpose
`Init.ora`	`REMOTE_OS_AUTHENT=FALSE`	Authentication
`Init.ora`	`TRACE_FILES_PUBLIC=FALSE`	Authorization
`Init.ora`	`REMOTE_OS_ROLES=FALSE`	Authorization
`Init.ora`	`O7_DICTIONARY_ACCESSIBILITY = FALSE`	Authorization
`Init.ora`	`AUDIT_TRAIL = OS`	Audit
`Init.ora`	`AUDIT_FILE_DEST = E:\logs\db\audit`	Audit
To audit sessions	`SQL> audit session;`	Audit
To audit schema changes	`SQL> audit user;`	Audit
To audit other events	`SQL> AUDIT DATABASE LINK; -- Audit create or drop database links` `SQL> AUDIT PUBLIC DATABASE LINK; -- Audit create or drop public database links` `SQL> AUDIT SYSTEM AUDIT; -- Audit statements themselves` `SQL> AUDIT ALTER ANY ROLE by ACCESS; -- Audit alter any role statements` `SQL> AUDIT ALTER DATABASE by ACCESS; -- Audit alter database statements` `SQL> AUDIT ALTER SYSTEM by ACCESS; -- Audit alter system statements` `SQL> AUDIT CREATE ROLE by ACCESS; -- Audit create role statements` `SQL> AUDIT DROP ANY ROLE by ACCESS; -- Audit drop any role statements` `SQL> AUDIT PROFILE by ACCESS; -- Audit changes to profiles` `SQL> AUDIT PUBLIC SYNONYM by ACCESS; -- Audit public synonyms statements` `SQL> AUDIT SYSDBA by ACCESS; -- Audit SYSDBA privileges` `SQL> AUDIT SYSOPER by ACCESS; -- Audit SYSOPER privileges` `SQL> AUDIT SYSTEM GRANT by ACCESS; -- Audit System grant privileges`	Audit

Note:

To audit the events, log in through sqlplus as SYSTEM and issue the commands

Parent topic: Prerequisite