Site icon Database Tutorials

Security In Oracle Database 20c

In today’s article, we will explain the measures taken for Oracle Database 20c and some increased security measures.

Upper/lower case password

As in all versions of Oracle Database, in this version, your passwords can be case sensitive.

This feature, which was available in all versions of Oracle Database 19c and earlier, is now parametric with Oracle Database 20c.

Oracle requires sensitivity about the use of complex passwords in recommended documents.

By turning off the parameter, you can use simple passwords as before, or you can force users to give complex passwords directly.

Connection to multiple databases with different certificates from a single client

Oracle Database 20c allows to configure database clients to make multiple SSL sessions using different SSL certificates.

This feature allows multi-threaded clients to use multiple wallets with different certificates for simultaneous SSL logins.

Developers using a cloud environment can connect to different cloud environments without any problems.

USER_APPLICATION_ROLES

The USER_APPLICATON_ROLES data dictionary image added with Oracle Database 20c allows defining sub-roles only for valid users in DBA_APPLICATION_ROLES.

USER_APPLICATION_ROLES is responsible for displaying only the user-specific roles, instead of all possible roles of the current user in DBA_APPLICATION_ROLES.

Predefined unified audit policies for compliance with STIG guidelines

With Oracle Database 20c, you can control the predefined co-audit policies with STIG guides.

The added policies are as follows.

You can send SYSLOG

With Oracle Database 20c, you can send existing log files to SYSLOG targets.

Thanks to this feature, which can be adjusted with the UNIFIED_AUDIT_COMMON_SYSTEMLOG parameter, you can collect all audit records on a single UNIX platform.

Live-acting audit policies

The user, who had previously applied any auditing policy, had to log out and log in in order to be affected by this policy, but now she has the ability to do this live.

Exit mobile version