Oracle Database Advanced Security Administrator's Guide 10g

Peter Kitson

ISBN : -

Order a printed copy of this book from Amazon --UNAVAILABLE--


Cover Design - Oracle Database Advanced Security Administrator's Guide 10g
  

For your free electronic copy of this book please verify the numbers below. 

(We need to do this to make sure you're a person and not a malicious script)

Numbers

 



Sample Chapter From Oracle Database Advanced Security Administrator's Guide 10g
     Copyright © Oracle Corp



Security Challenges in an Enterprise Environment


To increase efficiency and lower costs, companies adopt strategies to automate
business processes. One such strategy is to conduct more business on the Web, but
that requires greater computing power, translating to higher IT costs. In response to
rising IT costs, more and more businesses are considering enterprise grid
computing architectures where inexpensive computers act as one powerful
machine. While such strategies improve the bottom line, they introduce risks, which
are associated with securing data in motion and managing an ever increasing
number of user identities.

This section examines the security challenges of today's enterprise computing
environments in the following topics:
  • Security in Enterprise Grid Computing Environments
  • Security in an Intranet or Internet Environment
  • Common Security Threats

Security in Enterprise Grid Computing Environments

Grid computing is a computing architecture that coordinates large numbers of
servers and storage to act as a single large computer. It provides flexibility, lower
costs, and IT investment protection because inexpensive, off-the-shelf components
can be added to the grid as business needs change. While providing significant
benefits, grid computing environments present unique security requirements
because their computing resources are distributed and often heterogeneous. The
following sections discuss these requirements.

Distributed Environment Security Requirements

Enterprise grid computing pools distributed business computing resources to cost
effectively harness the power of clustered servers and storage. A distributed
environment requires secure network connections. Even more critical in grid
environments, it is necessary to have a uniform definition of 'who is a user' and
'what are they allowed to do.' Without such uniform definitions, administrators
frequently must assign, manage, and revoke authorizations for every user on
different software applications to protect employee, customer, and partner
information. This is expensive because it takes time, which drives up costs.
Consequently, the cost savings gained with grid computing are lost.

Heterogeneous Environment Security Requirements

Because grid computing environments often grow as business needs change,
computing resources are added over time, resulting in diverse collections of
hardware and software. Such heterogeneous environments require support for
different types of authentication mechanisms which adhere to industry standards.
Without strict adherence to industry standards, integrating heterogeneous
components becomes costly and time consuming. Once again the benefits of grid
computing are squandered when the appropriate infrastructure is not present.

Security in an Intranet or Internet Environment

Oracle databases power the largest and most popular Web sites on the Internet. In
record numbers, organizations throughout the world are deploying distributed
databases and client/server applications based on Oracle Database and Oracle Net
Services. This proliferation of distributed computing is matched by an increase in the amount of information that organizations place on computers. Employee and
financial records, customer orders, product information, and other sensitive data
have moved from filing cabinets to file structures. The volume of sensitive
information on the Web has thus increased the value of data that can be
compromised.