Changes in Oracle Database Security 18c
Changes in Oracle Database Security 18c
Oracle Database Security Guide for Oracle Database 18c has new security features.
Ability to Create Schema Only Accounts
a. You now can create schema only accounts, for object ownership without allowing clients to log in to the schema.
b. Integration of Active Directory Services with Oracle Database
c. Starting with this release, you can authenticate and authorize users directly with Microsoft Active Directory.
d. Ability to Encrypt Sensitive Credential Data in the Data Dictionary
e. Starting with this release, you can encrypt sensitive credential data that is stored in the data dictionary SYS.LINK$ and SYS.SCHEDULER$_CREDENTIAL system tables.
f. This release introduces several enhancements for PDB lockdown profiles.
g. New Authentication and Certification Parameters
i. The ADD_SSLV3_TO_DEFAULT sqlnet.ora parameter controls the use of the Secure Sockets Layer version 3, which can be vulnerable to Padding Oracle On Downgraded Legacy Encryption (POODLE) attacks
ii. The ADG_ACCOUNT_INFO_TRACKING initialization parameter controls login attempts on Oracle Data Guard standby databases by enabling you to maintain a single global copy of user account information across all Data Guard primary and standby databases.
iii. The ACCEPT_MD5_CERTS sqlnet.ora parameter enables or disables the MD5 algorithm.
iv. The ACCEPT_SHA1_CERTS sqlnet.ora parameter enables or disables the SHA-1 algorithm.
This release introduces four new parameters that can be used to strengthen security on the database.Ability to Write Unified Audit Trail Records to SYSLOG or the Windows Event Views. Starting with this release you can write unified audit trail records to SYSLOG on UNIX or the Windows Event Viewer on Microsoft Windows.
Ability to Use Oracle Data Pump to Export and Import the Unified Audit Trail
Starting with this release, you can include the unified audit trail in either full or partial export and import operations using Oracle Data Pump.