Database administrators, by the very essence of their job descriptions, are the protectors of their organization’s core data assets. They are tasked with ensuring that key data stores are safeguarded against any type of unauthorized data access. Ensuring that data is protected on a 24 x 7 basis is a complex task. External intrusions and internal employee data thefts combine to make many IT professionals lie awake at night thinking about how they can secure (more...)
The above phase means “who will guard the guards themselves?” and is relevant in many security contexts.
Here in Denmark, we are currently having our own “News of the World” affair. In our case, a contractor at the payment processor handling almost all Danish credit cards was able to automatically send a tip to a journalist whenever a celebrity used his or her credit card. That makes it hard to take an incognito honeymoon (more...)
The Heartbleed bug has shown that security vulnerabilities can pop up everywhere. Unfortunately, many IT organizations depend on a single security layer to secure their network – and as the ineffectiveness of the Maginot Line proved, that is a risky strategy. You need multiple security layers – what soldiers call Defence in Depth.This illustration is from my weekly Technology That Fits newsletter – sign up here.
I'm currently at IOUG Collaborate 2014 in Las Vegas, and I recently finished my 2-hour deep dive into WebCenter. I collected a bunch of tips & tricks in 5 different areas: metadata, contribution, consumption, security, and integrations:
As usual, a lot of good presentations this year, but the Collaborate Mobile App makes it a bit tough to find them...
Bezzotech will be at booth (more...)
The fun thing about doing the hard yards to code up the algorithm is that you get a deeper level of understanding about what's going on. Take these lines:
However I had a recent requirement to use a web service that makes use of Digest Authentication. If you have look at the UTL_HTTP SET_AUTHENTICATION subprogram, it only addresses Basic authentication (and, apparently, Amazon S3 which looks intriguing).
I will describe how you configure trust stores for the WebLogic Server.
- Chain of trust
- Creating a Trust Store
- Problems with misconfigured SSL
- Creating an empty Identity Store
When a SSL server certificate is issued by a CA it is signed by a another certificate. Normally this will be an intermediate certificated, that is again signed by the CAs root certificate. So there is a chain of trust between the (more...)
In every business, there is a balance between business goals and various impediments.
You need to make sure that you don’t allow legal, QA, security and other internally-focused concerns tip the scale towards paralysis. There is more in this week’s edition of my newsletter “Technology That Fits” – sign up here.
Suddenly, our offshore colleagues could not access the database. We scrambled to find a solution, and and it soon transpired that the central security function had rolled out out a security policy upgrade the night before. Unfortunately, our offshore colleagues were connected to the network in an uncommon way, so the new security policy cut them off.
You don’t know what will happen when you change a system. Enterprise IT landscapes have reached a complexity (more...)
Why is this useful? This improvement of 12c clusterware and listeners over the 11.2 version is useful mainly for security purposes, for example as a measure against TNS poisoning attacks (see also CVE-2012-1675), and it is particularly relevant for (more...)
I recently got my hands on a review copy of Learning Devise for Rails from Packt and was quite interested to see if it was worth a recommendation (tldr: yes).
A book like this has to be current. Happily this edition covers Rails 4 and Devise 3, and code examples worked fine for me with the latest point releases.
The book is structured primarily as a (more...)
In this post I'm going to share what we did to diagnose (more...)
In this regard, Oracle has put up an online Database Security Assessment on their website. You may now check how secure your database is by answering few simple (more...)
Today when trying different settings with Basic Authentication and SOA Suite, I wanted to from the embedded OWSM Policy Repository of JDeveloper to the one stored on the application server. In JDeveloper you can do that through preferences (Tools | Preferences). See this blog for more details.
Click on the App Server Connection option and choose an existing connection through the Connections drop-down or add a new one by clicking New.
My son (10) has been asking about VPNs a lot lately. Which I thought was because of all of the news lately about the NSA. I ended up showing him tunnel bear, which he quickly installed on his laptop and iPhone. I complimented my son for his interest in security (more...)
It appears that international credit bureau company Experian was inadvertently selling private information to online criminals posing as “private investigators”. These criminals then used Social Security numbers, birthdays and drivers license records to commit identify theft. Ironically, Experian is also selling protection against identity theft to private customers…
Do you know (more...)
Java 7u51 is scheduled for release in January. It will have some consequences for you Forms installation that you need to address.
As far as I know there is no problems with using 7u51 on the server side, only on the client side.
7u51 requires you to sign all RIAs (Applets and Web Start applications).
Oracle already signs the standard jar (more...)