1. Oracle Copyright 2014 Oracle and/or its affiliates. All rights reserved. | ..., , Enterprise SecurityPublic

2. ?80% ?Web ApplicationFirewallAuthentication &User SecurityCopyright 2014 Oracle and/or its affiliates. All rights reserved. |Forrester Research , ... , .SIEM Public 3Email 3. " Copyright 2014 Oracle and/or its affiliates. All rights reserved. |.. Public 4 4. Copyright 2014 Oracle and/or its affiliates. All rights reserved. | Public 5 5. Copyright 2014 Oracle and/or its affiliates. All rights reserved. | Public 6. Database Firewall . Copyright 2014 Oracle and/or its affiliates. All rights reserved. | Oracle Public 7 7. Password Root* Copyright 2014 Oracle and/or its affiliates. All rights reserved. |Public 8(3DES168, AES128, AES192, AES256) 8. Transparent Data Encryption Oracle DatabaseCopyright 2014 Oracle and/or its affiliates. All rights reserved. |Oracle Advanced Security , Oracle Exadata, Advanced Compression, ASM,Golden Gate, DataPump .Public 9 9. 3.3 ( ), .: , , .Copyright 2014 Oracle and/or its affiliates. All rights reserved. |Public 10PCI DSS v3.0 2013 10. Data Redaction Oracle Database 12c Oracle Database 11gR2 (11.2.0.4)Copyright 2014 Oracle and/or its affiliates. All rights reserved. |Oracle Advanced Security 4451-2172-9841-43685106-8395-2095-59387830-0032-0294-1827Public 11Redaction Policyxxxxxxxx--xxxxxxxx--xxxxxxxx--44336688 44445511--22117722--99884411--44336688Call Center 11. Copyright 2014 Oracle and/or its affiliates. All rights reserved. |Public 12 12. Copyright 2014 Oracle and/or its affiliates. All rights reserved. |Public 13DBMS_DDDBBBMMMSSS___RRRREEEEDDDDAAAACCCCTTTT....AAAADDDDDDDD____PPPPOOOOLLLLIIIICCCCYYYY((((oooobbbbjjjjeeeecccctttt____sssscccchhhheeeemmmmaaaa ==== ''''CCCCAAAALLLLLLLLCCCCEEEENNNNTTTTEEEERRRR'''',,,,oooobbbbjjjjeeeecccctttt____nnnnaaaammmmeeee ==== ''''CCCCUUUUSSSSTTTTOOOOMMMMEEEERRRRSSSS''''ccccoooolllluuuummmmnnnn____nnnnaaaammmmeeee ==== ''''SSSSSSSSNNNN''''............ 13. Copyright 2014 Oracle and/or its affiliates. All rights reserved. |Public 14PARTIALRedactionREG.EXPRESSIONRedactionRANDOMRedaction10 Presnenskaya, C XXXXXXXXXX24/08/1967 01/01/2001DC3456GH8K DC******8K641-13-31 ***-**-3198032-2584 98032-[hidden]N.Petrov@mail.ru [redacted]@mail.ru4022-5231-5531-9855 7584-9736-3401-302616/09/1986 22/12/1970FULLRedaction 14. Oracle Advanced Security Transparent DataCopyright 2014 Oracle and/or its affiliates. All rights reserved. |44445511--22117722--99884411--44336688xxxxxxxx--xxxxxxxx--xxxxxxxx--44336688Call CenterWalletEncryptionData Redaction4451-2172-9841-43685106-8395-2095-59387830-0032-0294-1827Public 15 15. LAST_NAME SSN SALARYAGUILAR 203-33-3234 40,000BENSON 323-22-2943 60,000LAST_NAME SSN SALARYANSKEKSL 323-23-1111 60,000BKJHHEIEDK 252-34-1345 40,000Copyright 2014 Oracle and/or its affiliates. All rights reserved. | Oracle Data Masking Public 16 16. Data Masking and Subsetting Pack EM 12cCopyright 2014 Oracle and/or its affiliates. All rights reserved. |Masked DataPump FilePublic 17 010010110010101001001001001001001001001001001000100101010010010010011100100100100100100100001001001011100100101010010010101010011010100101010010 010010110010101001001001001001001001001001001000100101010010010010011100100100100100100100001001001011100100101010010010101010011010100101010010 17. OracleCopyright 2014 Oracle and/or its affiliates. All rights reserved. |Database Vault , , ApplicationDBADV_OWNERselect * from finance_customersDBADV_ACTMGRPublic 18 18. OracleSensitiveConfidential Confidential SensitiveCopyright 2014 Oracle and/or its affiliates. All rights reserved. |Oracle Label Security , SaaS, - , Public 19Public 19. Database Firewall . Copyright 2014 Oracle and/or its affiliates. All rights reserved. | Oracle Public 20 20. Copyright 2014 Oracle and/or its affiliates. All rights reserved. |Oracle Audit Vault and Database Firewall , SaaS, - , LogPublic 21SQL 21. , Oracle DatabaseFirewallCopyright 2014 Oracle and/or its affiliates. All rights reserved. |Oracle Audit Vault and Database Firewall software appliance Public 22 22. Column Old Value New ValueUSERID 167 167POSITION DBA Project DirectorCopyright 2014 Oracle and/or its affiliates. All rights reserved. |CREATIONDATE 09/25/200917:22:5709/25/200917:22:57MODIFICATIONDATE 08/20/201017:12:1009/03/201312:05:50Public 23 23. Oracle Audit Vault and Database Firewall Copyright 2014 Oracle and/or its affiliates. All rights reserved. |Public 24 24. Oracle Audit Vault and Database Firewall Copyright 2014 Oracle and/or its affiliates. All rights reserved. |Public 25 SQL-Database FirewallLog Audit VaultServerOS, Directory, File System Custom Audit Logs 25. Database Firewall . Copyright 2014 Oracle and/or its affiliates. All rights reserved. | Oracle Public 26 26. Copyright 2014 Oracle and/or its affiliates. All rights reserved. | Public27 RACData Guard 27. PCI DSS v3.0 20133.5 (3.5.2), (3.5.3), , . (3.5.1)Copyright 2014 Oracle and/or its affiliates. All rights reserved. | Public28 RACData Guard3.6 , (3.6.4) 28. WalletCopyright 2014 Oracle and/or its affiliates. All rights reserved. |Public 29GoldenGate RACData Guard 29. Software ApplianceCopyright 2014 Oracle and/or its affiliates. All rights reserved. |Public 30 30. Copyright 2014 Oracle and/or its affiliates. All rights reserved. | Public 311. (One-time) token2. (jar) 3. 4. , 5. 31. Wallet OKV/etc/ORACLE/WALLETS/oracle CUSTOMER_DB_WALLET./okvutil upload -t WALLET -l /etc/ORACLE/WALLETS/oracle -g CUSTOMER_DB_WALLETCopyright 2014 Oracle and/or its affiliates. All rights reserved. |Public 32WALLET 32. Wallet ( )/etc/ORACLE/WALLETS/oracleCopyright 2014 Oracle and/or its affiliates. All rights reserved. |Public 33WALLETSQL startupORACLE instance started.Total System Global Area 801701888 bytesFixed Size 2257520 bytesVariable Size 272633232 bytesDatabase Buffers 520093696 bytesRedo Buffers 6717440 bytesDatabase mounted.ORA-28365: wallet is not open 33. Wallet OKV/etc/ORACLE/WALLETS/oracle CUSTOMER_DB_WALLET./okvutil download -t WALLET -l /etc/ORACLE/WALLETS/oracle -g CUSTOMER_DB_WALLETCopyright 2014 Oracle and/or its affiliates. All rights reserved. |Public 34WALLETNEW WALLET PASSWORD: ***** 34. Oracle Database 12cCopyright 2014 Oracle and/or its affiliates. All rights reserved. |Oracle Database 12c Enterprise , , Public 35 CreateDropModifyDBA roleAPPADMIN role 35. Oracle Database 12cCopyright 2014 Oracle and/or its affiliates. All rights reserved. |Oracle Enterprise Manager 12c Oracle Public 36 ( ) (, , ,) 36. Oracle Database 12cCopyright 2014 Oracle and/or its affiliates. All rights reserved. |Oracle Database Lifecycle Management , Public 37 37. Database Firewall Copyright 2014 Oracle and/or its affiliates. All rights reserved. | Oracle Public 38 38. . New Features Guide 1.9 Security 1.9.1 Data Encryption, Hashing and Redaction 1.9.1.1 Oracle Data Redaction 1.9.1.2 Support for Secure Hash Algorithm SHA-2 in OracleDatabase 1.9.2 Database Security Enhancements 1.9.2.1 Auditing Enabled By Default 1.9.2.2 Code-Based Security 1.9.2.3 Data Guard Support for Separation of Duty (SoD) 1.9.2.4 Enhanced Security of Audit Data 1.9.2.5 Increased Security When UsingCopyright 2014 Oracle and/or its affiliates. All rights reserved. |PublicSELECT ANY DICTIONARY 1.9.2.6 Last Login Time Information 1.9.2.7 Oracle Database Vault Mandatory Realms 1.9.2.8 Oracle Label Security Metadata Export and Import 1.9.2.9 Password Complexity Check 1.9.2.10 Privilege Analysis 1.9.2.11 Resource Role Default Privileges 1.9.2.12 Separation of Duty for Audit Administration 1.9.2.13 Separation of Duty for Database Administration 1.9.2.14 SYSBACKUP Administration Privilege 39. . New Features Guide 1.9 Security 1.9.3 Encryption Key Management Enhancements 1.9.3.1 Updated Key Management Framework 1.9.4 Improve Security Manageability, AdministrationCopyright 2014 Oracle and/or its affiliates. All rights reserved. |Publicand Integration 1.9.4.1 Oracle Database Vault Persistent Protections 1.9.4.2 Simplified Oracle Database Vault andOracle Label Security Installation 1.9.4.3 Transparent Sensitive Data Protection 1.9.4.4 VPD Fine-Grained Context-Sensitive Policies 1.9.5 Protect the Database Server From Outside 1.9.5.1 Restricted Service Registration for Oracle RAC 1.9.6 Real Application Security 1.9.6.1 Real Application Security 1.9.7 Security Optimizations 1.9.7.1 Unified Context-Based Database Audit Architecture 40. Copyright 2014 Oracle and/or its affiliates. All rights reserved. | 41. SquareTwo Enables Fast Growth with Oracle Database SolutionsSquareTwo enables fast growth and regulatory compliance with Oracle Database security defense-in-depthsolutions including Oracle Database Firewall, Oracle Data Masking, and Oracle AdvancedCopyright 2014 Oracle and/or its affiliates. All rights reserved. | Public 42Security National Marrow Donor Program Database Defense-in-DepthNMDP Secures life-saving patient and donor data with Oracle Advanced Security, Oracle DatabaseVault, and Oracle Data Masking T-Mobile Protects 35 Million Subscribers Using OracleT-Mobile explains how they use Oracle Database Firewall, Oracle Advanced Security, and Oracle DataMasking to secure sensitive data across the organization in both Oracle and non-Oracle databases TransUnion Interactive Uses Database Firewall for ComplianceHear how TransUnion Interactive protects customer data and meets regulatory compliance withdatabase actviity monitoring using Oracle Database Firewall ETS Complies with PCI DSS Using Oracle Advanced SecurityEducational Testing Service secures personally identifiable information (PII) and complies withregulatory requirements with Oracle Advanced Security 42. Data Sheets Whitepapers Web- , Oracle Database Security. www.oracle.com/database/securityCopyright 2014 Oracle and/or its affiliates. All rights reserved. |Public 43. Oracle Database Security. http://security-orcl.blogspot.ru/search/label/CertificationCopyright 2014 Oracle and/or its affiliates. All rights reserved. |Public 44. Copyright 2014 Oracle and/or its affiliates. All rights reserved. |Oracle Security Oracle Linux#333828/12/2010Public3- (-3)2- (-2) 45. Copyright 2014 Oracle and/or its affiliates. All rights reserved. |Oracle Security Oracle Linux v5.5 x86_64#309513/02/20143- (-3)2- (-2)Public 46. Copyright 2014 Oracle and/or its affiliates. All rights reserved. | OR AC L E Public 47 47. QQAACopyright 2014 Oracle and/or its affiliates. All rights reserved. |Nikolay.Danyukov@Oracle.comAndrey.Gusakov@Oracle.comPublic 48 48. Copyright 2014 Oracle and/or its affiliates. All rights reserved. | 49