miss scarlet with a lead pipe, in the library players: 3 to 6 contents: clue game board, six suspect...

Miss Scarlet with a lead pipe, in the library

•Players: 3 to 6•Contents: Clue game board, six suspect tokens, six murder weapons, 21 cards, secret envelope, one die, pad of detective notebook sheets.•Goal: To correctly name the murderer, murder weapon, and murder location.

•Setup - Sort the cards by type and shuffle each pile face-down. Without looking, take one suspect card, one weapon card, and one room card, and slide them into the secret envelope.

Cluedo - the game

Cluedo - the tools

Deon Roos

Enterprise Architect

Oracle Corporation South Africa

Developer End User Power UsersQuality

Assurance

Pro

d

De

v, Q

A,

Te

st

Re

po

rt

Se

rve

r

Storage Storage

•Sys Admin•Network Admin•Storage Admin•DBA

HW Vendor

Backup Server

hAck3rs

Database Defense-in-Depth

Access Control

• Oracle Database Vault

• Oracle Label Security

• Oracle Advanced Security

• Oracle Secure Backup

• Oracle Data Masking

Encryption and Masking

Auditing and Monitoring

• Oracle Audit Vault

• Oracle Configuration Management

• Oracle Total Recall

• Oracle Database Firewall

Blocking and Logging

Encryption & Masking

Access Control

Auditing & Monitoring

Blocking & Logging


Assurance

Pro

d

De

v, Q

A,

Te

st

Re

po

rt

Se

rve

r

Storage Storage


HW Vendor

Backup Server

SSL

hAck3rs


Access Control














Access Control


Blocking & Logging


Assurance

Pro

d

De

v, Q

A,

Te

st

Re

po

rt

Se

rve

r

Storage Storage


HW Vendor

Backup Server

SensitiveSensitive

ConfidentialConfidential

PublicPublic

hAck3rs


Access Control














Access Control


Blocking & Logging

Developer End User Power UsersQuality Assurance

Pro

d

De

v, Q

A,

Te

st

Re

po

rt

Se

rve

r

Storage Storage


HW Vendor

Backup Server

Auditing vault

hAck3rs

ConfigurationManagement& Audit

VulnerabilityManagement

Fix

Analysis &Analytics

Prioritize

PolicyManagement

AssessClassify MonitorDiscover

AssetManagement

Why Audit?

• Compliance Mandates It– SOX, PCI-DSS, HIPAA …..

• Your auditor told you to do it• You don’t want to end up in the news• Maintain customer trust

• Detective controls– Monitor privileged application user accounts for non-compliant

activity – trust but verify– Audit non-application access to sensitive data (credit card,

financial data, personal identifiable information, etc)– Verify that no one is trying to bypass the application security

controls– Line items are changed in order to avoid business processes

and approvals

• Cost of compliance– Eliminate costly and complex scripts for reporting– Reduce reporting costs for specific compliance audits

Business drivers

• Statement Auditing

• Statement auditing audits SQL statements by type of statement, not by the specific schema objects on which the statement operates

• Data definition statements (DDL). • Data manipulation statements (DML).

• Object Auditing

• Schema object auditing is the auditing of specific statements on a particular schema object.

• Privilege Auditing

• Privilege auditing is the auditing of SQL statements that use a system privilege. You can audit activities of all database users or of only a specified list of users.

Standard Auditing

●●●●●●Failed Logins

Do you have visibility of failed logins and other exception activities?

●●●●●●Accounts, Roles & Permissions

Do you have visibility of GRANT and REVOKE activities?

●

●

●

FISMA

●

●

●

●

Basel II

●●●●Privileged User Activity Do you have visibility of users activities?

●●●●

Schema ChangesAre you aware of CREATE, DROP and ALTER Commands that are occurring on identified Tables / Columns?

●Data Changes

Do you have visibility into Insert, Update, Merge, Delete commands?

●●●Access to Sensitive Data

Can you have visibility into what information is being queried (SELECTs)?

GLBAHIPAAPCI DSS

SOXDatabase

Audit Requirements

What do you need to audit?

Health Insurance Portability Account Act - Federal Info Sec Man Act – Gramm-Leech-Bliley Act

Siebel

MS SQL Server 2000, 2005, & 2008

SybaseASE 12.5.4 - 15.0.x

HCM

Audit DataAudit Data

PoliciesPolicies

Built-inReportsBuilt-inReports

AlertsAlerts

CustomReportsCustomReports

!

AuditorAuditor

•Various DB sources•Adapters for packaged applications

•Various DB sources•Adapters for packaged applications

Oracle

DB28.2 - 9.5 on Linux,

Unix, Windows

•Easy to use reports•Central provisioning of policies•Meet compliance reporting•Proactive – alerts & notifications (SMS/email)•Pre-defined & custom reports

•Easy to use reports•Central provisioning of policies•Meet compliance reporting•Proactive – alerts & notifications (SMS/email)•Pre-defined & custom reports

AA

Encryption in

transitE

ncryption in transit

•Audit warehouse•Secured audited data•Segregation of duties•Completeness of audit•Encryption at rest•Consolidated auditing•Performance & scalability

Oracle Audit Vault Automated Activity Monitoring & Audit Reporting

Default reports

Out of the box - Compliance reports


Access Control














Access Control


Blocking & Logging

hAck3rsDeveloper End User Power UsersQuality

Assurance

Pro

d

De

v, Q

A,

Te

st

Re

po

rt

Se

rve

r

Storage Storage


Backup Server

hack3rs

oracle.com/database/security

search.oracle.com

database securitydatabase security

For more Information

miss scarlet with a lead pipe, in the library players: 3 to 6 contents: clue game board, six suspect...

Documents

masking auditing

game slide

solution slide

tools slide

library slide

database defense

secret envelope

suspect card