FISC 6 Oracle Database 10g ~ ~ : 2005 7 26 : 2005 7 31 : 1.0
2004 4 (* ) FISC ) (* ) FISC 6 (* FISC 6 ) FISC 6 Oracle g Database 10 (FISC) http://www.fisc.or.jp FISC http://www.fisc.or.jp/info/info/050307-1.htm http://otn.oracle.co.jp/document/index.html * ) ( FISC Oracle g ( Oracle Database g 10 Enterprise Edition ) 138 FISC 6 9 1 F
1. Oracle Database 10g FISC 6 1.1. 20 1.2. 28 1.3. 29 1.4. 35 1.5 35-1 1.6 36 ID 1.7. 37 1.8. 42-1 1.9 48 2. FISC 6 ) ( 2.1. 4-1 2.2. 4-2 2.3. 4-3 2.4. 4-4 2.5. 4-5 2.6. 4-6 2.7. 4-7
1. Oracle Database 10g FISC 6 1.1. 20 FISC ( 1) 4 Oracle Database g 10 Oracle OS Oracle Enterprise Manager 10g ( OEM SE/EE * EE ) OEM OEM SNMP agent DB agent Web OEM OEM Oracle DB : Oracle Enterprise Manager
1.2. 28 FISC ( 1 2 4) 1) ( 2) ( CPU 4) (
Oracle Database g 10 1 Oracle Database 10g (SE/EE) DB DB 2 (SE/EE) 4 (PDA) Oracle Database Lite 10g ( ) O Database Lite 1 2 4 Oracle Database 10g DBMS_CRYPTO Obfuscation Toolkit (* DBMS_CRYPTO ) PL/SQL DBMS_CRYPTO RAW Oracle DES Triple-DES RC4 Advanced Encryption Standard AES MD5 MD4 SHA-1 MD5 SHA-1 MAC Oracle Database 16 Oracle Database 10g OS DB ( ) Oracle Advanced Security Obfuscation Toolkit
1. create table creditcard (cardnumber varchar2(40)); 2. 2.1. key_str create or replace function string_encrypt (input_val varchar2) return varchar2 is key_str varchar2(16) := 'ABCDEFGHIJKLMNOP' ; * return_val varchar2(40) := NULL; begin dbms_obfuscation_toolkit.desencrypt(input_string =>input_val, key_string => key_str, encrypted_string => return_val ); return return_val ; end; / 2.2. key_str create or replace function string_decrypt (input_val varchar2) return varchar2 is key_str varchar2(16) := 'ABCDEFGHIJKLMNOP' ; * return_val varchar2(40) := NULL; begin dbms_obfuscation_toolkit.desdecrypt(input_string =>input_val, key_string => key_str, decrypted_string => return_val ); return return_val ; end; / 3. INSERT string_enctypr CREATE OR REPLACE TRIGGER TR_ENCRYPT_CREDITCARD BEFORE INSERT OR UPDATE of cardnumber ON CREDITCARD REFERENCING OLD AS OLD NEW AS NEW FOR EACH ROW BEGIN
:NEW.CARDNUMBER:=string_encrypt(:NEW.CARDNUMBER); END; / 4. * insert creditcard SQL> insert into creditcard values ('1111999922228888'); 1 SQL> select * from creditcard; CARDNUMBER ---------------------------------------- y }e= pm $? mu * 5. * string_decrypt SQL> select string_decrypt(cardnumber) from creditcard; STRING_DECRYPT(CARDNUMBER) ------------------------------------------ PL/SQL 22 55 4 Oracle Database Windows Lite Windows 32 CE ENCRYPDB Oracle Databa ENCRYPDB CAST5 DES 128 DECRYPDB Oracle Database Lite Oracle Database Lite 10g 3
1.3. 29 1 2) ( 1) ( 2) (
Oracle Database g 10 1 Oracle Oracle Net Oracle Advanced Security (EE ) Oracle Oracle Net (SE/EE) Oracle Advanced Security Oracle Advanced Security Oracle Net Services sqlnet.ora Oracle Net Services sqlnet.ora Oracle Net Manager Oracle Advanced Security Oracle Advanced Security Advanced Encryption Standard AES DES 3DES RC4 MD5 Secure Hash Algorithm SHA-1 SSL JDBC Thin Oracle Advanced Security Java Oracle JDBC Thin (SE/EE) Oracle Net sqlnet.ora tcp.validnode_checking ON OFF tcp.invited_nodes tcp.excluded_nodes Oracle Net Services 9
1.4. 35 ( ) ) ( Oracle Oracle Database g 10 Oracle OS Oracle Database 4 (SE/EE) OS (SE/EE ) OSOracle OS ) (EE Kerberos RADIUS Oracle Oracle Advanced Security CREATE USER Oracle Database SQL 17 OS/ OS CREATE IDENTIFIED EXTERNALLY USER S sqlnet.ora Oracle Database 4
1.5. 35-1 ) ( Oracle Database g 10 Oracle Database 10g Oracle Advanced Security [1.4 35 ]
1.5. 36 ID 1) ( 5 ID Oracle Database g 10 Oracle Database 10g ( ) ID Oracle Database 10g ID 1 Oracle Database 4
Oracle Database 10g Oracle RESOURCE_LIMIT TRUE 10 CREATE PROFILE PROF1 LIMIT IDLE_TIME 10; ALTER USER SCOTT PROFILE PROF1; Oracle DB PL/SQL 8AM 6PM CREATE OR REPLACE TRIGGER LOGON_TIME AFTER LOGON ON DATABASE BEGIN if (to_char(sysdate,'d') not between '2' and '6') or (to_char(sysdate, 'HH24MI') not between '0800' and '1800') then RAISE_APPLICATION_ERROR(-20001, 'You are not allowed to log into database now.'); end if; END; ( ) 4 CREATE PROFILE prof LIMIT FAILED_LOGIN_ATTEMPTS 4 PASSWORD_LOCK_TIME 30; ALTER USER ashwini PROFILE prof;
CREATE PROFILE PASSWORD_LIFE_TIME CREATE PROFILE prof LIMIT PASSWORD_LIFE_TIME 90; ALTER USER ashwini PROFILE prof; CREATE PASSWORD_GRACE_TIME PROFILE CREATE PROFILE prof LIMIT PASSWORD_GRACE_TIME 3; ALTER USER ashwini PROFILE prof; Oracle PL/SQL PL/SQL UTLPWDMG.SQL (* $ORACLE_HOME/rdbms/admin/utlpwdmg.sql 4 1 1 1 welcome account database user 3 CREATE PROFILE PASSWORD_VERIFY_FUNCTION Oracle Database SQL 17
1.6. 37 37 2) ( Oracle Database g 10 Oracle Database 10g (SE/EE EE) * SQL Oracle Database 4 Oracle Database 11 8 DBA DBA ( ) OS DBA DBA
SQL 3 (EE) 1 PL/SQL (EE) Oracle BI ) Business Intelligence ( * BI Discoverer Discoverer DWH Oracle Database 10g ) root OS 36 DBA AUDIT_FILE_DEST DBA AUDIT_SYS_OPERATIONS SYS SQL AUDIT_TRAIL AUDIT (SYS.AUD$ ) OS 2
UTC SQL SQL (EE) AUDIT_TRAIL DBMS_FGA DBA_FGA_AUDIT_TRAIL DBMS_FGA hr.emp INSERT UPDATE DELETE SELECT sales salary DBMS_FGA.ADD_POLICY( object_schema => 'hr', object_name => 'emp', policy_name => 'chk_hr_emp', audit_condition => 'dept = ''SALES'' ', audit_column => 'salary' statement_types => 'insert,update,delete,select'); [1.8. 48 Oracle Flashback Version Query 1.8
1.7. 42-1 1) ( Oracle Database 10g Oracle Database 10g Oracle Email Oracle Collaboration Suite Oracle Email SMTP POP3 IMAP mail Oracle Oracle Database Oracle Database / DB DB DB DB 42-1 Oracle Collaboration Suite 2 9.0.4 Oracle Collaboration Suite 2 9.0.4
) ( Oracle Email ) ( Oracle Email, 2 9.0.4.1 3 Oracle Email 2 9.0.4 2
1.8. 48 1) ( 48 Oracle Database 10g Oracle Database / / Oracle Database 10g (EE) 6 Oracle Database 9 Oracle Flashback Query
Oracle Flashback Version Query Oracle Flashback Transaction Query 1 Oracle Flashback Table Oracle Flashback Drop DROP TABLE Oracle Flashback Database Oracle Flashback Table Oracle Flashback Query Oracle Flashback Transaction Query Oracle Flashback Version Query UNDO UNDO Oracle Flashback Query SELECT AS OF 2003 4 4 9 30 JOHN SELECT * FROM EMPLOYEE AS OF TIMESTAMP TO_TIMESTAMP('2003-04-04 09:30:00', 'YYYY-MM-DD HH:MI:SS') WHERE name = 'JOHN'; JOHN EMPLOYEE INSERT INTO employee (SELECT * FROM employee AS OF TIMESTAMP TO_TIMESTAMP('2003-04-04 09:30:00', 'YYYY-MM-DD HH:MI:SS') WHERE name = 'JOHN');
Oracle Flashback Table 5 JOHN EMPLOYEE 2 JOHN Oracle Flashback Table 2 FLASHBACK TABLE EMPLOYEES TO TIMESTAMP TO_TIMESTAMP ('2003-04-04 14:00:00','YYYY-MM-DD HH:MI:SS') ENABLE TRIGGERS; Oracle Flashback Database Oracle Flashback Database REDO Point-in-Time Oracle Flashback Database UNDO Flashback Database ARCHIVELOG DB_FLASHBACK_RETENTION_TARGET ALTER DATABASE FLASHBACK ON SQL Flashback Database FLASHBACK DATABASE TO TIME timestamp ('2002-11-05 14:00:00');
2. FISC 6 ( ) FISC Oracle Database 10 g 2.1. 4-1 4-1 [ 35] 4-1 [ 36] ID [ 103] [ 104] 4-1 [ 26] [ 17] 2.2. 4-2 4-2 [ 16] [ 18] 4-2 [ 31] 4-2-1 [ 44] 4-2-1 [ 43] 4-2-1 [ 45] 4-2-1 [ 31]
2.3. 4-3 4-3 [ 11] [ 18] 4-3 [ 16] [ 18] 4-3 [ 16] [ 18] 2.4. 4-4 4-4-1 [ 28] 4-4-1 [ 29] 4-4-1 [ 30] [ 49] [ 50] 4-4-2 [ 63] [ 48] 4-4-2 [ 51] 4-4-2 [ 24]
2.5. 4-5 4-5 [ 37] [ 42-1] [ 45] 2.6. 4-6 4-6 [ 22] [ 20] 2.7. 4-7 4-7 [ 91]