Security in Oracle (remote db)

Hi,
Can anyone tell me, how Oracle protect data when 2 databases are separate and communicate on long distance (e.g. 200 km)? Is there any secure transmission like VPN or something similar? How many solutions Oracle have for such situations?
Thanks for suggestions.

Can anyone tell me, how Oracle protect data when 2 databases are separate and communicate on long distance (e.g. 200 km)?The actual distance is not material.
Even if only 1Km, but in different commercial sites, a risk exists.
Is there any secure transmission like VPN or something similar? ssh tunneling can be used.
How many solutions Oracle have for such situations?many

Similar Messages

  • How to install Oracle Label Security in Oracle Database 10g EE

    Hello All
    I just want to know how to install Oracle Label Security in Oracle 10g Database EE.
    I read in Oracle Enterprise Manager Grid Control Installation and Basic Configuration that Label Security must be installed before installing Enterprise Manager Grid Control.
    I have Oracle Database 10g Release 1 (10.1.0.1) on my Windows XP System, and I patch it to 10.1.0.3.
    M.
    Sorry about my English.

    Options is to connect to Oracle Policy Manager or use Oracle Internet Directory (OID)to administer Oracle Label Security.
    Find more ways in the Documentation here:
    http://download-uk.oracle.com/docs/cd/B19306_01/network.102/b14267/toc.htm

  • Error while "Enabling Security for Oracle Management Service"

    Hi,
    I have installed OEM 10GR1 on Solaris 9. I am using 9.2.0 database for repository.
    My first installation of OEM and agent went smoothly, and everything was working fine.
    Then, I tried to follow configurating security for Grid Control Framework. I got following error:
    /oracle/app/oracle/product/10gEM>cd bin
    /oracle/app/oracle/product/10gEM/bin>./emctl secure oms
    Oracle Enterprise Manager 10g Release 10.1.0.3.0.
    Copyright (c) 1996, 2004 Oracle Corporation. All rights reserved.
    Enter Enterprise Manager Root Password :
    Enter Agent Registration password :
    Enter a Hostname for this OMS :
    Checking Repository... Done.
    Checking Repository for an existing Enterprise Manager Root Key... Done.
    Generating Enterprise Manager Root Key (this takes a minute)... Done.
    Fetching Root Certificate from the Repository... Done.
    Generating Registration Password Verifier in the Repository... Done.
    Generating Oracle Wallet Password for Enterprise Manager OMS... Done.
    Generating Oracle Wallet for Enterprise Manager OMS...Missing /oracle/app/oracle/product/10gEM/sysman/wallets/oms.uxtora1/ewallet.p12
    :/oracle/app/oracle/product/10gEM/bin>
    Please help.

    Thanks for response. I had temp space full issue with repository database. After bouncing database, the temp tablespace became empty, and the secure operation went smooth.

  • Implementing Function Security in Oracle apps.

    I wanted to restrict certain menus in Payables manager for a particular user. How should i implement it? Is there any live example of implementing function security in oracle apps? Please Help.

    Hi,
    One approach is to create a custom menu and attach to it all the menus and functions you want and the add this menu to a new responsibility. But this is not the best way to solve the issue because you have to define different menus + responsibilities for each different user. Other way is to create roles which can be assigned to users.
    Thanks,
    Bahchevanov.

  • Security in oracle

    Hello,
    I'm planning to write my bachelor thesis and i'm writing about Security in Oracle database. I heard that security is an audit subject and it's interesting to talk about security. I wanna know what can i do at the practice part of my thesis? I wanna some ideas of what to do at the practice part, what's interesting to do in practice, regarding to this subject.
    Thanks!

    Hi roger;
    Give more details, security concept has huge concepts. Also i suggest check below link
    Security
    http://www.oracle.com/technetwork/topics/security/whatsnew/index.html
    Security Solutions From Oracle
    http://www.oracle.com/us/technologies/security/security-solutions-151411.html?origref=http://www.google.com.tr/
    Regard
    Helios

  • SOAP Header Security in Oracle Service Bus

    Currently we are in the process of implementing the SOAP Header Security through Oracle Service Bus. We have a requirement that BPEL need to call a external web service. That web service will be registered in OSB. While making the call, the OSB need to add the SOAP security header(user name & Pwd) in proxy service before forwarding the request to business service. Can you please help me find some information about that.

    Hi Manoj,
    The request payload which is going to the target is
    <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
    <soap:Header xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
    </soap:Header>
    <soapenv:Body>
    <man:GetDefaultRechargeValuesRequest xmlns:man="http://www.NII.com/ManagePrepaidRecharge/workflow/ManagePrepaidRecharge">string</man:GetDefaultRechargeValuesRequest>
    </soapenv:Body>
    </soapenv:Envelope>
    whereas the target expects the soap header populated. the payload expected by the target is
    <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
    <soap:Header xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
    <gsa:Authentication xmlns:gsa="http://www.nextel.com.br/Wbs/Gsa">
    <gsa:Account>test</gsa:Account>
    <gsa:Password>test</gsa:Password>
    <gsa:Guid>f65748e63b01</gsa:Guid>
    </gsa:Authentication>
    </soap:Header>
    <soapenv:Body>
    <man:GetDefaultRechargeValuesRequest xmlns:man="http://www.NII.com/ManagePrepaidRecharge/workflow/ManagePrepaidRecharge">string</man:GetDefaultRechargeValuesRequest>
    </soapenv:Body>
    </soapenv:Envelope>
    The Problem now is, when i call a business service(WSDL of the target) from a proxy service and when i set the above expression to the $header using replace action in the proxy service itself, the above expression,instead of going as a request to the business service, it is populated in the response.
    <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
    <soap:Header xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
    <gsa:Authentication xmlns:gsa="http://www.nextel.com.br/Wbs/Gsa">
    <gsa:Account>test</gsa:Account>
    <gsa:Password>test</gsa:Password>
    <gsa:Guid>f65748e63b01</gsa:Guid>
    </gsa:Authentication>
    </soap:Header>
    <soapenv:Body>
    <ns0:GetDefaultRechargeValuesResponse xmlns:ns0="http://www.NII.com/ManagePrepaidRecharge/workflow/ManagePrepaidRecharge">
    <ns0:StandardHeaderBlock>
    <ns2:ServiceState xmlns:ns2="http://xmlns.oracle.com/apps/StandardHeaderBlock">
    <ns2:errorCode>SOA_ERR_TARGET_SYSTEM_FAILURE</ns2:errorCode>
    <ns2:errorDesc>
    OSB Service Callout action received an error response
    </ns2:errorDesc>
    </ns2:ServiceState>
    </ns0:StandardHeaderBlock>
    </ns0:GetDefaultRechargeValuesResponse>
    </soapenv:Body>
    </soapenv:Envelope>
    Since the authentication details are not reaching the target, it is giving a target system failure. Can you suggest a remedy to this please.

  • Migrating Security In Oracle BI 11g - Project Amelia

    We'd like to introduce an open source project that assists with the migration of basic security from an OBI 11g (FMW) source environment to a target environment. The project generates a WLST script that executes a security artifact migration process. It is also great for creating an inventory of application roles and principal assignments that can be used in project documentation.
    This is a perfect tool for upgrades from OBI 10g to OBI 11g.
    Advanced users should have no problem testing and running the solution. Please provide feedback or potentially consider contributing to the project.
    The project page can be found here,
    http://amelia.artofbi.com/
    The project code can be downloaded from here,
    https://github.com/artofbi/Oracle-FMW-Amelia
    The first post and description of the project can be found here,
    http://www.artofbi.com/index.php/2011/09/introducing-project-amelia-easier-migration-of-obi-11g-security/
    This project was originally designed to provide a quicker mechanism for migrating Oracle BI 11g security. It clearly has a resounding place in other OPSS based FMW applications. Project Amelia is a new open source project to assist with migrating and documenting Policy Store Security in Oracle Fusion Middleware, specifically for but not limited to Oracle Business Intelligence 11g. The project contains the core scripts and binary files required for utilization in any Java ready Operating System.
    The project is released under the Apache License 2.0 which means it is free to use, free to share, and free to copy.
    Please feel free to leave any comments or questions in the forum thread.
    Cheers,
    Christian
    http://www.artofbi.com

    Check this http://www.rittmanmead.com/2011/02/obiee-11g-migrations/
    and http://docs.oracle.com/cd/E23943_01/doc.1111/e15722/toc.htm

  • There is a problem with this connection's security certificate The remote computer cannot be authenticated due to problems with its security certificate. Security certificate problems might indicate an attempt to fool you or intercept any data you send

    Hi,
    I have this Windows 2008 R2 on which I installed remoteapp some years ago.
    Now the certificate expired and I get the message
    "There is a problem with this connection's security certificate
    The remote computer cannot be authenticated due to problems with its security certificate.
    Security certificate problems might indicate an attempt to fool you or intercept any data you send to the remote computer."
    How should I renew the certificate? I already went to certification store and tried to renew certificate with same key but then it says "the request contains nor certificate template information".
    Please advise.
    J.
    J.
    Jan Hoedt

    Does the computer account have Enroll permission to the certificate template?
    From the Server running your CA, run mmc, click File then Add/Remove Snap-in...
    Add Certificate Templates and click OK.
    Find the certificate template, then right click and select properties.  On my CA its call ed RemoteDesktopComputers but might be called something different depending on what what template your certificate is based on.
    On the security tab, click Oblect types, check Computers then OK. Enter the Computername and click OK.  Then give your computer account Enroll permisssion.
    HTH,
    JB

  • Is Oracle Remote Printing utility - orarp licensed

    Hi,
    Wondering whether the oracle remote printing utility - orarrp is licensed. Its not supported by oracle metalink but usage at the utility involves and licensing.
    Best Regards,
    Ravikumar

    Thank you for the reply..Also for giving hopes that something of the sort of functionality of ORARRP would be taken up for Linux..Because, certain functionalities like printing(sort of automatic, directed by pressing a particular key at the CLIENTSIDE) from USEREXITS in the earlier versions, cannot be reproduced without using something like ORARRP in web deployed Reports6i reports(where priting can be invoked using web.show_document('http://---/report_name.rrph' or 'http://---/report_name.rrpr'))..
    Thank you,
    Ranjith..

  • REP-56110: Failed to connect to security repository Oracle Portal.

    Dear All,
    I need your help on the error REP-56110: Failed to connect to security repository Oracle Portal.
    I have installed Oracle Application Server 10g R2.
    I have enabled SSO for form Sevice and Report Service.
    I created OID user login and map it to my database user (on which my Application Run).
    When i run my application, SSO page apear. I login it with user id and Password and My application Runing Succesfully. But when i call Reports from my Application through Run_Repor_Object or Web.Show document. I get the error REP-56110: Failed to connect to security repository Oracle Portal.
    my oid user id and passwor is as follow
    username = ssotest
    password = ssotest1
    IF i run rwservlet command. It is showing the Server page with Secure mode.
    http://server:7778/reports/rwservlet/showjobs?
    What is the reasong behind this? Help me out.
    http://server/reports/rwservlet?destype=cache&desformat=pdf&report=sr_master.rdf&FromDate='01-JAN-12'&ToDate='31-DEC-12'&SSOConn=test/OracleDB/ssotest
    where -- test is my Resoruce Name define in OID
    oracleDB Resource Type
    ssotest my sso user name
    Edited by: Meherban Khan on Mar 27, 2012 6:21 AM

    I changed %PORTAL_DB_USERNAME%/%PORTAL_DB_PASSWORD%@%PORTAL_DB_TNSNAME%
    with the actual username/password of the portal schema. Now i get the following Error.
    REP-56071: Security check failed with error message: Error code30004 - Cannot access the output type:cache
    In package:wwv_rw_usr function:security_check
    Command line is: server=rep_portal_form_report_services report=KPIx/Churn Analysis/ChurnByAgeGroup.jsp destype=cache desformat=html rundate="27-DEC-05 12:12:20"
    Executed on:12/27/05 12:12:29

  • Doubtful about security of oracle's Wrap code!

    Dears
    I am little bit doubtful about security of oracle's own Wrap code like package "sys.utl_smtp" .
    Someone can easily Unwrap it without source code?
    How it possible? whats your opinion about this? please can anybody clear me.
    Regards
    Abdul Halim
    Edited by: Abdul Halim on May 31, 2013 8:14 PM

    Halm, you are operating under the mistaken belief that your code deserves hiding from the customer and competitors to begin with. Why? All you are doing in the code is performing DML. It is not like your application is the only one in the world that performs its function.
    If someone really wanted to they could figure out what your code is basically doing just by looking at the table and file data before and after running the code. By careful manipulation of the data and studying the results they can figure out what is being done and then develop their own specific of the how it is done. One can also look at Oracle's internals as the code is being processed both using Oracle provided views and direct peaking at Oracle's shared memory. Then there are tools like sql trace which will captute the SQL, waits, and binds for the process.
    But all of this is kind of mute in that most shops do not have the talent to write their own unwrapper nor has the shop purchased an unwrapper so if you wrap the code it is going to be secured from most users and competitiors. I would just recommend that potential customers not purchase your product becuase the customer is going to need access to the code either for debugging (bugs will exist in the code) or tuning. Likely both.
    IMHO -- Mark D Powell --

  • Securely identifying a remote physical machine

    Hi,
    Is there a way of securely identifying a remote physical machine? I don't mean by using a public/private key mechanism, because I want to identify the physical machine, NOT the user, for program piracy issues.
    I posted this to the general security forum, but I think I have a better chance using some low-level network mechanism?
    TIA,
    Reggie

    I thought commercial programmers always had access to
    some unique network machine ID, like the one ActiveX
    uses to create a UID to create a unique ID for their
    ActiveX control?It's easy to generate a unique ID. But such an ID isn't secure. The user can change it, force it to be regenerated, move it to a different system, or otherwise compromise some aspect of its uniqueness/security.
    If you're willing to rely on users not being malicious, there are a lot of ways you can generate unique IDs which would identify the machine in question. If you were to combine the current time, the machine's IP address and some random value, you would have a nearly-guaranteed unique ID, but one that is only sufficient in a friendly environment.
    The "standard" UUID generator is based on the current time and the machine's MAC address. Here is some information on it:
    http://www.opengroup.org/onlinepubs/9629399/apdxa.htm

  • Web connectivity and security in Oracle 8i

    How can i make Web Connectivity with Oracle 8i database.
    Junaid Tareen

    <BLOCKQUOTE><font size="1" face="Verdana, Arial">quote:</font><HR>Originally posted by [email protected] ():
    What do you mean by data level security?
    Can you give an example and explain your query?<HR></BLOCKQUOTE>
    When giving him permissions to users on a table I want that the user can manipulate only certain columns and that the others are restricted for him. If it is connected by application, SQL, ODBC, etc. That it always has activates the restrictions on the data of those columns.
    Ej.
    I have a table with 5 columns, need to give permissions him of select to users on that table but single desire to show the users columns to him the 1,2 and 3.Las others will remain restricted for those users until it is decided to assign them.

  • Security for Oracle BPM PAPI WS

    Hi all,
    1) While creating a session using PAPI WS if we use the password same as username can't the webservices be invoked by other applications in te same network? How to prevent this? Any application which knows an username in Oracle BPM directory can invoke these web services!!
    2)What is username token profile mechanism for WS?
    how to apply username token profile for PAPI WS when invoked from .net apps? I need details.
    Regards,
    Som

    1.) Any application which knows the username/password could invoke the services. The passwords are only the same as the username in Studio, not in enterprise.
    2.) Username Token profile is a WS-Security standard. Using WCF you would be able to set the username/password which will be included in the SOAP header.

  • Security in Oracle Forms

    Does Oracle Forms have a mechanism to prevent
    a client java applet (JInitiator) from being impersonated by
    hacker-built client applet?
    Would a hacker not be able to create their own Form/applet
    (via the Forms Builder gui) and use a valid login to
    gain unfettered access to the database (assuming VPD
    is not used)

    Interesting question lets address some of the issues:
    1) When you build a Form you are not building an Applet you are building a store of Metadata which gets sent to the Generic Forms Applet as the Form is run.
    2) The generic Forms applet is signed using a certificate that JInitiator already knows about - a Fake applet would not be signed with our certificate and would not be trusted by the JVM - it would have Yellow Warning Bars everywhere.
    3) The communication between the Forms Applet and the Runtime engine which is serving it metadata is encrypted. Any fake applet would have to handle this and would also have to understand the Forms messaging protocol which is not published.
    4) The Forms Applet is downloaded from the Server - so the "hacker" would need access to your server machine to put the fake applet version in place if this happens you probably have bigger problems.
    5) Likewise if someone created a Form which was to be substituted in place of a Real application login they would need access to the Server machine and the configuration files to make it get used.
    So in summary - if your server is secure both in access and physical terms you will not have a problem.

Maybe you are looking for

  • I think I forgot to make a back up copy of bookmarks while using my old firefox. Recetly after formating my PC, I am unable to get my old bookmark. Pls Help

    forgot to make a back up copy of bookmarks while using my old firefox. Recetly after formating my PC, I am unable to get my old bookmark. Pls Help

  • Ipad portfolios

    Hi there. Im using PDF's to create a portfolio in i books with the ipad. ive set the image resolution ( while i was editing in photoshop) to 1024 x 768 at 72 ppi which was what i found suggested on various forums, howver the resolution when zoomed in

  • Problems updating firmware on X6-00

    Since 2010 I am the owner of a Nokia X6-00. At first I didn't have any problems with updating the system-software (firmware), but now I have a serious problem. How come? Recently I had to give my X6-00 a hard reset (could not add a internet access an

  • Laptop suddenly shuts down with battery at +60%

    Hey guys, So i had my laptop for a 6 month now, it is an MSI GT683DX Windows 8.1/Updated from  Win 7 HP,  but recently i did a battery calibration using the offical MSI software (it just charges and decharges the laptop) But now, my laptop would just

  • Query-only privilege

    i want to know what are query-only privileges.for example i want to grant query-only privileges to user XYZ on object emp. can any one provide me an example for granting query-only privileges for the above scenerio. thankx.....