As containers gain attention and traction for both development and operational purposes, it becomes increasingly important to monitor the security of running containers . In order to facilitate simple scanning of Docker and Rkt images based on Oracle Linux, we have added support for Clair and Vuls in both upstream projects.
More and more enterprises are using Single-Sign-On (SSO) for there on-premise applications today, but what if they want to use SSO for there cloud applications as well?
This blog post is addressing this topic for Single-Sign-On to Oracle ERP Cloud in a hybrid environment.
First of all lets focus on SSO on-premise and introduce some terminology.
A user (aka principal) wants to have access to a particular service. This service can be found at the (more...)
Elke Phelps, Senior Principal Product Manager, provides an overview of Oracle E-Business Suite secure configuration guidelines and security features available when deploying Oracle E-Business Suite in Oracle Cloud. Knowledge of Oracle's Cloud (more...)
Oracle Fusion Middleware products get new Patch Set updates. When a
new Patch Set has been released, a 12 month Grace Period for the
previous Patch Set begins. Once that Grace Period ends, no new patches
for the previous Patch Set will be released.
For more details, see:
- Error Correction Support Dates for Oracle Fusion Middleware 11g (11.1.1/11.1.2) (Doc ID 1290894.1)
Oracle Internet Directory is part of a (more...)
Recently, I was trying to setup TDE. Doing that I found out the Oracle provided documentation isn’t overly clear, and there is a way to do it in pre-Oracle 12, which is done using ‘alter system’ commands, and a new-ish way to do it in Oracle 12, using ‘administer key management’ commands. I am using version 18.104.22.168.170117, so decided to use the ‘administer key management’ commands. This blogpost is about an (more...)
In my previous post, I covered the installation of SQL Server 2016 SP1 for our Hyper-V environment. After that is completed, we are ready to install SharePoint Server 2016. That’s what I’ll be covering here. Firstly, you need to download a copy of the software. At the time of writing this post, SharePoint Server 2016 is available from Microsoft. That’s the version I’ve downloaded for installation on the VM.
Installing the Prerequisites
To start the (more...)
I tried to fix this via network-manager with adding the hook at the checkbox "Alle Benutzer dürfen dieses Netzwerk verwenden", but this did not help at all.
The point is, that after resuming my login keyring wants (more...)
In the previous post in this series, I created the Hyper-V VM environment (running Windows Server 2012 R2) I’ll be using to build SharePoint Server 2016 on. The next step is to install either SQL Server 2014 or SQL Server 2016 for the database server requirements. Because I’m a geeky sort of guy and have to be on the bleeding edge, I’m going to use SQL Server 2016 with SP1, which is available from Microsoft (more...)
One of the areas I’ve been investigating as a technical architect at www.archtis.com is using the Cyberinc Entitlements Server (CES) to provide attribute based access control (ABAC) access to documents stored in SharePoint. It’s an area we haven’t tested at all before, so it was important to build a prototype environment to satisfy ourselves that it really does work the way we want it to. At the time of writing this post, CES (more...)
Last year in October Oracle released the Oracle Database Security Assessment Tool (DBSAT) to analyzes database configurations and security policies to improve the security in your environment.
- quickly identify security configuration errors in the database environment
- lauch Security best practices
- increase the security level of your Oracle Databases
- reduce the attack and exposure risk
What does DBSAT check
- User Accounts, Privileges and Roles
- Authorization Control
- Data Encryption
- Fine-grained Access Control
- Auditing Policies
- Database (more...)
Within the Oracle iPaaS products you will encounter features that exist to help provide security or mitigate the risks of someone misusing Oracle cloud accidentally (or otherwise). These features look to mitigate security issues such as a Denial of Service (DoS) attack (e.g. flooding a web service with more calls than it can handle preventing […]
I prefer to write blog posts about the interesting questions on OTN. This blog post is one of them. There are usually more than one EM admins managing the systems, and you may want to track other users’ activity. Enterprise Manager Cloud Control provides auditing mechanism called “comprehensive auditing”. It’s not enabled by default for all actions because it may consume a lot of disk space.
If you want to enable it for all actions, (more...)
I thought I'd add a simple demonstration, for reference.
Consider the following query, with variations of escaped column output.
with data as
||'<br>APEX<script></script>' as string
-- UI default
-- where no tags expected
-- good for most things
-- replace line feeds with HTML line break. (more...)
In my experience, these are best defined at a privilege level, where the same privilege could be allocated to multiple business roles, but that's for another post.
In this post, I want to mention a cool API function called
apex_authorization.reset_cache, which helps control the behaviour of these authorization schemes.
PrefaceWhile googling something else (more...)
In my previous post, I introduced you to the two concepts of Role-Based Access Control (RBAC) and Attribute-Based Access Control (ABAC). ABAC resolves a number of the limitations associated with RBAC, as I discussed in that post. In this post, I wanted to drill into the architecture underlying ABAC a little bit more.
In simple terms, there are four main parts of the ABAC architecture. These are:
- The Policy Decision Point (PDP) – this (more...)
A relatively common on the forums is regarding the escaping of special characters in reports, but it seems the developer isn’t always sure what is actually happening and how to how to search for it.
In a recent post, I explained a little bit about what my new role at archTIS is. archTIS is a company that focuses on the area of Trusted Information Sharing. Trusted Information Sharing is a concept that not too many people would understand the complexities of. In fact, when I first started in my new role I wasn’t aware of just how complex it was myself! To explain all that complexity in a single (more...)
You log in to your favorite web app and it takes a little while to get your login validated, or your password consumed, depending on your take on things,
You log in to your favorite APEX application, and after every 3rd shot, it takes a bit longer to retry
You are sure what you are doing and you are surely not drunk, but just mistyped the ****-password.