Professional Documents
Culture Documents
Security
…from the application perspective
Martin Nystrom
September 2003
Purpose
In scope: application security of Oracle
databases
SQL*Net (Net8)
1521
Database server TNS
(ADDRESS=(PROTOCOL=TCP) Listener
(HOST=db.company.com)
(PORT=1521))
Database
Oracle architecture
Oracle networking example
fields-sj-1 ons-sj
Oracle ONS query Oracle
client 1526 Names
software service
1521
cmrsdb TNS
(ADDRESS=(PROTOCOL=TCP) Listener
(HOST=cmrsdb.cisco.com)
(PORT=1521))
cmrs
Oracle architecture
Simplified Oracle
Network Architecture w/OCM
Host #1
Oracle
client OCM Server
Allowed
software 1521
TNS
Listener Host #1
Host #2
Host #2 rejected
Oracle
client rejected 1521
software Database server TNS
Listener
Host #3
Database
Oracle
client
software
Oracle architecture
SQL*Net
Introduced in Oracle V5
Renamed “Net8” in Oracle8
Supports multiple protocols (TCP/IP,
DECnet, SPX/IPX, etc.)
Oracle architecture
Authentication & credentials
Can be…
OS authentication
Userid/password
X.509 certificates
Smart card
Etc.
Stored in Oracle
As MD5 hash
…not so for dblinks or FND_USERS
Oracle architecture
Authentication & credentials (cont.)
Transport encryption
DES encryption of db-selected random number
w/user’s password hash
OS-integrated authentication available too
Password changes travel unencrypted
Password management features available
Aging & expiration
History (e.g., can prohibit reuse of last 3 passwords)
Composition & complexity (e.g., require letters +
numbers)
Account lockout
Common Oracle objects
Database instance
schema stored
schema
procedure
view
function
table
table
trigger
index
Public area
synonym
Oracle object security
grant select on
EMPLOYEES to ASOK;
orders candidates
customers
employees
all_users
Public objects
Oracle role-based security
hr_steward grant all privileges
on EMPLOYEES to role
HR_STEWARD;
grant HR_STEWARD to
CATBERT;
DBA
candidates
employees
hrdata schema
Database links
Create database link EMPLINK
connect to DOGBERT identified
by CISCO123 using HR_DB;
ECOMMERCE_DB HR_DB
orders
employees
EMPLINK
com.cisco.ipc.* com.cisco.myapp.calc
com.cisco.myapp.calc
com.cisco.ipc.*
salary salary
com.cisco.myapp.calc
com.cisco.ipc.*
salary salary
Database server
Database
/oracle/apps/
Auditing
Obviously impacts database performance
Writes high-level info to a common table
Database user
Object (table, role, etc.)
Action (select, insert, etc.)
Date/time
Currently enabled on-request to DBA team
Difficult to trace actions to a live human
Can correlate with IP address
Common integration techniques
Shared database schemas
Separate schemas/dbs
Grant direct access to each other’s schemas
Grant only stored proc access
Typical modern application
application
orders customers
application schema
Shared schemas
Application Application
#1 #2
insert
update
select
select delete
insert
select
update
grant
orders
customers
Application Application
#1 #2
insert
update
select delete
select
insert select
update grant
orders
customers
Application Application
#1 #2
insert
update
select delete
execute
insert select
update grant
orders
stored customers
procedure
insert
update
select delete
insert select
update grant
orders
customers