Friday Feb 06, 2009

Complete security from database to desktop

I recently put together a presentation of how Oracle's security technologies can be combined to offer a complete solution to secure your sensitive data from its storage in the database, through manipulation and presentation in applications and onto the desktop when it resides in documents and emails. Oracle can now, mainly through it's amazing rate of acquisition, deliver a unique set of technologies to the customer. For the purpose of my presentation, security of sensitive information breaks down into three main areas;

  • Structured data created and stored in the database
  • Unstructured data presented by applications and stored in content repositories
  • Unstructured data used in documents and emails
Then to complete the security story at the enterprise level you need;
  • A centralised, audited view of all activity from all technologies to all secured information
  • Identity and access management to centralise control of rights to systems and information
My presentation discussed these areas at a high level, identifying specific products Oracle has which can all be used to provide the most complete security solution across your organization.

Database security

Oracle's database security is second to none. Since the first release of the database, security has been a core set of features. The name Oracle itself comes from the code-name of a CIA-funded project Ellison had worked on which i'm pretty sure had a heavy focus on security!
Database security

The latest release of the database, 11g, has many powerful security features.
  • Advanced security provides storage encryption either at the column level or full tablespace encryption as well as the ability to encrypt the network over which database communication occurs and ensuring its integrity.
  • Database vault which can prevent highly privileged users (DBAs) from accessing application data and enforcing separation of duty.
  • Secure backup provides performant, highly scalable data protection for the Oracle database.
And much, much, much more, but basically the story here is when it comes to database security, Oracle is your first choice.

Application/Repository security

But data only lives in the database, it goes to work in applications. Security needs to be applied as information travels across the network through applications/servers and onto the end user. There are solutions which are part of the Oracle Fusion Applications story which uses an extensive set of Middleware technologies that provide data security in use and can be used across existing (JD Edwards, PeopleSoft, Siebel etc) and customer created (JSF, ADF, C++, .Net) enterprise applications.
Application security Technology in this area is vast but the headline features are;
  • Powerful platform for securing and managing access to web applications
  • Execution of security policies in real time
  • Monitoring of all access-control events
  • Often does not require developers to modify applications or services (no programmatic security necessary)

Content security

Ultimately data ends up in some sort of structured format, a Word document, an email or a spreadsheet. Oracle continues its story of security into this area with Oracle IRM. Information that resided securely in the database, that was queried by a secure application and presented to the user can now be available in an encrypted document which you have complete and persistent control over.
Oracle IRM content security

Oracle IRM completes the security of information through its entire lifespan.
  • Persistent security controls over the access to sensitive documents and emails no matter where this information is ultimately copied, forwarded or even lost & stolen
  • Control does not stop at the firewall, database or application!
  • All access to content is audited, providing proof of compliance and a breadcrumb trail to all sensitive information
  • Corporate information protection policies can at last be applied in a meaningful manner to ALL information in your business

Complete auditing

Because there are so many different technologies that provide this complete security story, you need to have centralised services to give the enterprise the ability to view what is going on.
Audit security
Oracle's Audit Vault automates the audit collection, monitoring and reporting process, turning audit data into a key security resource for detecting unauthorized activity.
  • Simplify compliance reporting
  • Detect threats quickly
  • Lower IT costs with audit policies
  • Transparently collect and consolidate audit data
  • Provide a secure and scalable repository
Oracle's Governance, Risk, and Compliance Manager also allows the business to monitor business process risk and control performance across the enterprise, automatically highlighting areas of control weakness, and initiating corrective actions with automated loss and investigations management.

Complete identity management

Finally as data is secured from database to desktop and you implement auditing to have visibility of the entire system, you need to be able to deploy solutions that allow you to manage the users, groups and policies that have access to all this sensitive data. Oracle's Identity Management suite allows enterprises to manage end-to-end lifecycle of user identities across all enterprise resources both within and beyond the firewall.
Identity Management
  • Most Comprehensive, best-in-class solution
  • Industry's only hot-pluggable solution for heterogeneous environment
  • Proven for sustainable compliance


This is a HUGE story to go into at any depth. But the information above gives a relatively high overview on how Oracle, via clever and well planned acquisition, now has the ability to ensure your ability to identify, secure and track information from its creation in the database, thru use in the application to distribution to the desktop, is under your control at all times.


Tuesday Nov 25, 2008

Separation of duties, ensuring your adminstrators administrate

A recent debate internally was discussing how to find a solution to prevent administrators accessing sensitive documents stored in a system, yet at the same time retain their ability to perform administration. This requirement is often referred to as the need for the separation of duties.

The discussion was about Universal Content Management (UCM) using the database to store content and that database and UCM administrators could use their administrative access to get copies of sensitive documents in the system. The problem also extended beyond the database to backups and other locations the sensitive content may reside. For instance, with the browser being the main delivery mechanism for applications, it means any sensitive content is passed through a web server, possibly a web cache/proxy and finally onto the browser where it resides in the local cache. If this content is not sent via a secure channel (HTTPS) then there is the potential for a network/systems administrator to intercept this content. You could solve this problem using a multitude of technologies and techniques.

  1. Ensure all communication from application/content repository is via a secure network
  2. Configure the ECM environment in a way that limits the ECM administrator from getting access to the content
  3. Use database features like Database Vault to ensure DBA's cannot query certain database data. (Blogged by Oracle's Roxana Bradescu)
  4. Secure the backups
  5. Secure/encrypt the hard disks of the client users


All the above methods are perfectly valid for protecting data whilst it resides within the confines of the system but it poses some challenges.

  • How do you ensure all these systems reflect a single policy? You have to manage each system separately and this exposes risk.
  • Some systems just do not provide straight forward methods for separation of duties.
  • Deploying enterprise management and IdM to centralize the control over these environments can be expensive, complex and lengthy.


Oracle IRM is an excellent technology to help deliver a strong level of separation of duties in a simple and quick fashion. All the best security professionals i've spoke with iterate good security should be simple. At its most simplistic, deploying IRM with very few classifications between the IT group and the business gives one set of simple, very visible policies that ensures a business segment, such as HR, legal or finance, can be assured only authorized users have access to their sensitive content.




Administrators can then happily administrate. DBA's can maintain and ensure database performance, UCM admins can setup new metadata, add new roles to the system, database backups can be handled as usual. IRM will ensure that sensitive content, no matter where it ends up, can only be accessed by those with rights on the IRM server.

Even the IRM server itself has powerful separation of duty in it's administrative model. Here in Oracle our global IT group has the rights to create new classifications for the business upon request. Yet when these classifications are handed over to the business, GIT do not remain administrators and therefore have no ability to get access to the content secured against those classifications, unless of course they are given rights by that business owner.

IRM doesn't replace those technologies mentioned above, it simply provides a complimentary solution which can be rapidly deployed and easily audited.


Oracle IRM protects and tracks your sensitive information no matter where it goes. It combines business friendly encryption with role based usage rights and auditing.

11g quick guide


« July 2016