GDPR and Database Security Speeches

The new EU GDPR and Database Security in general keeps me busy. I’ve updated the list of speeches and events for the next couple of month. It’s an interesting mix between GDPR, Oracle Database Security and MS SQL Server 2016 security. Depending on the feedback of the Call For Papers for the DOAG Conference and the Oracle OpenWorld there will probably be more. But for now I’ll definitely give a full day training on Oracle Database 12c Security at the Education day on DOAG Conference.

Upcoming events

  • Wed
    18
    Apr
    2018
    13:00Baden

    In about a week I will participate at the SOUG Day at Baden. I will present a paper entitled “TSDP Transparent Sensitiv Data Protection“.

    The aim of the presentation is to introduce Transparent Sensitiv Data Protection, a rather new Oracle feature which is available since Oracle 12c Release 1. But what exactly can you protect with TSDP? How to use this security feature for standard and custom applications. In this presentation the following points will be discussed (not conclusively)

    • Overview of Transparent Sensitiv Data Protection (TSDP)
    • Configuration and example of TSDP for Data Redaction, VPD and unified audit
    • Challenges related to TSDP
    • licensing

    Have a look at the SOUG Webpage for a detailed Agenda of the Event and the location. Looking forward to see you there.

    Slides for lecture  SOUG_20180418_Oehrli_Oracle_TSDP_small.

  • Thu
    14
    Jun
    2018
    08:15Baden

    Mid June I give a lecture on Oracle 18c New Security Features at the SOUG day in Baden.

    The aim of the presentation is to discuss the various security enhancements which has been introduced with Oracle Release 18c. But which features are worth a closer look at? In what context do the new features and option do make sense? How can security be improved in general with Oracle database 18c? Where does it make sense to invest in more database options? The aim of this lecture is to answer these and other questions around Oracle Database 18c security.

    Among others this presentation will cover the following security enhancements (not conclusively)

    • Create a User-Defined Master Encryption Key
    • Use Encrypted Passwords for Database Links with Oracle Data Pump
    • Use Oracle Data Pump to Export and Import the Unified Audit Trail
    • Create a Keystore for Each Pluggable Database
    • Create Schema Only Accounts
    • Encrypt Sensitive Credential Data in the Data Dictionary
    • Enhancements to Oracle Database Vault
    • Integration of Active Directory Services with Oracle Database
    • Ability to Write Unified Audit Trail Records to SYSLOG or the Windows Event Viewer

    Have a look at the SOUG Webpage for a detailed Agenda of the Event and the place. Looking forward to see you there.

    Slides for lecture  SOUGDay_Oracle18cNewSecurity_SOE.pdf and summary of the event.

  • Wed
    27
    Jun
    2018
    Stuttgart

    I present a lecture on Oracle Unified Directory on Docker at the DOAG SIG Security in Stuttgart. Slides and presentations will be in German. Short abstract on my presentations:

    Oracle Unified Directory ist eine All-in-One-Verzeichnislösung mit Speicher-, Proxy-, Synchronisations- und Virtualisierungsfunktionen. Je nachdem welche Deployment-Methode verwendet wird, lässt sich OUD einfach in einem Docker Container konfigurieren und betreiben. Im Rahmen dieses Vortrages werden Punkte rund um OUD on Docker besprochen.

    More Information on the Event including full agenda, registration etc is available on the DOAG web side DOAG SIG Events.

    Slides for lecture  DOAG_OracleUnifiedDirectory_in_Docker_Oehrli.pdf and summary of the event.

  • Tue
    18
    Sep
    2018
    12:15Orace Software (Schweiz), Täfernstrasse 4, Baden-Dättwil, 5405 Schweiz

    Mid September I give a lecture on Docker Security at the SOUG day in Baden. The topic is similar to my presentation at the DOAG conference.

    Docker Security or Secure Docker. How does this now exactly work with the root user? What is Host and what is Guest OS ? How should sensitive information such as credentials, ciphers, passwords or the like be handled? Who in a Docker Swarm or Kubernets trusts whom? And how do you generally solve the challenges of identity management in the container environment? There are many questions about security and data security in the Docker and container environment. Some are quite easy to answer. For others, this is only possible with careful consideration. Some of the challenges posed by security are easy to solve. But there is "not yet" a simple and perfect solution for everything. The aim of this presentation is to give an overview of the topic of security in Docker. Wherever possible, proper solutions are presented or approaches to solutions are shown.

    Have a look at the SOUG Webpage for a detailed Agenda of the Event and the place. Looking forward to see you there.

    Slides for lecture will be uploaded after the event.

  • Tue
    20
    Nov
    2018
    Fri
    23
    Nov
    2018
    Nürnberg Convention Center Ost

    As every year, the DOAG conference in Nürnberg takes place in November. This year I've applied for four presentations and a security training respectively workshop for the education day. So far the workshop Oracle Enterprise User Security mit Oracle Unified Directory und Active Directory Integration and the presentation Docker Security has been approved.

     

    Title: Docker Security

    Abstract: Docker Security or Secure Docker. How does this now exactly work with the root user? What is Host and what is Guest OS ? How should sensitive information such as credentials, cihpers, passwords or the like be handled? Who in a Docker Swarm or Kubernets trusts whom? And how do you generally solve the challenges of identity management in the container environment? There are many questions about security and data security in the Docker and container environment. Some are quite easy to answer. For others, this is only possible with careful consideration. Some of the challenges posed by security are easy to solve. But there is "not yet" a simple and perfect solution for everything. The aim of this presentation is to provide an overview of the topic of security in Docker. Wherever possible, appropriate solutions are presented or approaches to solutions are shown.

    See you at the DOAG in Nürnberg.

  • Fri
    23
    Nov
    2018
    Nürnberg Convention Center Ost

    Also this year I have the opportunity to hold a training at the DOAG conference. At the education day I'll have a workshop on Oracle Enterprise User Security with Oracle Unified Directory and Active Directory Integration.

    With a focus on the current versions of Oracle Database and Oracle Unified Directory, the following topics are discussed among others:

    • Password verifier and strong authentication such as Kerberos and SSL
    • Alternatives for central user administration of Oracle databases
    • Integration of Oracle Database 18c with Active Directory Services
    • Oracle Enterprise User Security
    • Introduction to Oracle Unified Directory
    • Blueprint to setup Oracle Enterprise User Security with Oracle Unified Directory and Active Directory integration
    • Other topics such as high availability, backup & recovery and licensing

    Looking forward to see you at the DOAG in Nürnberg. If I am lucky, even one or other presentation will be confirmed.

Have you missed an event? In this case check out the download page or blog post categorized with speaking. If possible, I’ll provide all information online?