Call: +44 (0)1904 557620 Call

Pete Finnigan's Oracle Security Weblog

This is the weblog for Pete Finnigan. Pete works in the area of Oracle security and he specialises in auditing Oracle databases for security issues. This weblog is aimed squarely at those interested in the security of their Oracle databases.

[Previous entry: "OT: RSS fixes just done"] [Next entry: "10gR2 adds a "wrap" package procedure, TDE and makes DBMS_OUTPUT output unlimited"]

Security is a major force in the new 10g Release 2 database

I have just seen a new news item on the website.. The article was released today, June 20, 2005 and was written by Clint Boulton and is titled "Security's Starring Role in Oracle's 10g DB".

The item talks about the fact that Oracle have been releasing information about 10g R2 today and security is high on the agenda for Oracle's new release. Self management and increased XML support are also included. The writer talks about Sarbanes Oxley being a requirement for many firms now and that means that data has to be kept. This is an issue for companies, to be able to keep that data secure. 10g R2 will bring new encryption technology in the database that will allow transparent encryption of data without any developer intervention. This will make it easier for companies to encrypt the huge swathes of clear text data that they have stored that should be encrypted. This is particularly relevant where legacy applications are involved and re-development would be cost restrictive.

There are third party encryption solutions such as Application Security Inc's DBEncrypt product that allow data to be encrypted with relative ease in current versions of the database. The 10gR2 enhancements will make things easier of course. The new feature in 10gR2 allows the DBA to simply change a column definition to allow the data to be transparently encrypted.

The article goes on to talk about some of the other new functions / features set to be available in the 10gR2 database.