Tag Archives: security

Invoker Rights in Oracle Database 12c : Some more articles

I wrote about the Code Based Access Control (CBAC) stuff in Oracle Database 12c a while back. Code Based Access Control (CBAC) : Granting Roles to PL/SQL Program Units in Oracle Database 12 Release 1 (12.1) I’ve recently “completed the set” by looking at the INHERIT PRIVILEGES and BEQUEATH CURRENT_USER stuff for PL/SQL code and […]

WordPress Security…

With all the recent press about global brute force attacks on WordPress I decided to install the Better WP Security plugin last Sunday. It includes loads of security features, including the big ones mentioned in the recent attacks: Changing the name of the “admin” user. Changing the ID of your renamed admin user. Changing the […]

Security: It’s always the silly things that get you…

I had to laugh when I read this story about Amazon Web Services. It’s posted with an attention grabbing title that implies this is an Amazon problem, but it is squarely down to user error/oversight. Luckily I’ve not fallen into this trap yet, but I have done equally silly things in the past. That reminds […]

Barclaycard Security: So boring it works…

I’ve just bought something over the net using my Barclaycard. As usual, the checkout screen bounces me to a Barclaycard verification screen. As usual it asks me for several letters from my password. As usual my password doesn’t work. As usual I reset the password. Not as usual, the screen then asks me for the […]

Do virtual keyboards promote weak passwords?

I’m quite big on password complexity. I like to use mixed case, numbers and special characters in my passwords. Since having the iPad (and now the Android phone) I find it a real bind typing in strong passwords. The mixed case isn’t so bad, but I do have more login mistakes with the virtual keyboard. […]

SecureFiles in Oracle 11g…

I’ve just posted an article on SecureFiles in Oracle 11g. It looks like Oracle have done a pretty good job of improving LOBs in 11g. Depending on the LOB contents, and provided you can cope with the processing overhead, you can certainly save some serious space using the compression and deduplication options. Anyone who’s used […]

Lots of good stuff out there…

There’s some good stuff out on the net today: Tom is back and talking about the level of skills in the IT industry. I think we all share his pain. Mary Ann Davidson has a great piece on security. This links in nicely with what Tom was saying, in so far as it relates to […]

Fine-Grained Access to Network Services in 11g…

Continuing my OCP 11g upgrade campaign, I’ve been looking at Fine-Grained Access to Network Services in Oracle Database 11g Release 1. This represents a pretty major security improvement for Oracle 11g. In previous versions the all-or-nothing security associated with database callouts was a little ham-fisted to say the least. On the down side, I think […]

Secure External Password Store…

Someone on my forum was having a problem with the Secure External Password Store feature and to be honest I hadn’t got a clue because I had never used this feature. A few minutes of messing about with it resulted in this: Secure External Password Store Cheers Tim…

Schema Owners and Application Users…

I was trying to explain to a colleague the concept of using application users, rather than logging directly into the schema owner. Although it’s a very basic point, it seemed worthy of a write-up, especially because it’s been a long time since I’ve written anything about Oracle. So here is it: Schema Owners and Application […]