The new EU GDPR and Database Security in general keeps me busy. I’ve updated the list of speeches and events for the next couple of month. It’s an interesting mix between GDPR, Oracle Database Security and MS SQL Server 2016 security. Depending on the feedback of the Call For Papers for the DOAG Conference and the Oracle OpenWorld there will probably be more. But for now I’ll definitely give a full day training on Oracle Database 12c Security at the Education day on DOAG Conference.
Upcoming events
-
Fri08Mar201911:00online
As part of the DOAG webinar series I deliver a webinar entitled “Oracle and Docker”. The webinar discusses different aspect of using Oracle databases in Docker containers. More information on this event including full agenda, registration etc. is available on the event web side DOAG Datenbank Webinar Oracle und Docker or DOAG webinar schedule.
Slides for lecture
DOAG_Oracle_und_Docker.pdf or on slideshare -
Tue26Mar201916:00online
As part of the Trivadis webinar series I deliver a webinar respectively TriCast entitled “Docker Security”. The webinar discusses different aspect of using Docker security. More information on this event including full agenda, registration etc. is available on the event web side TriCast - Docker Security or Trivadis TriCast series.
-
Wed15May2019Thu16May201909:00Vienna
Security is one of the key challenges for on-premises and cloud based databases today. But the appropriate security and hardening measures usually only make sense if authentication and authorisation have already been implemented with appropriate care. Instead of decentralised administration, where users, rights and roles are managed in each database, it is clearer and more secure to manage them centrally. The latest version of Oracle offers different possibilities to implement this requirement. With focus on the current versions of Oracle Database 18c / 19c the following topics are discussed among other things:- Password Verifier and strong authentication such as Kerberos and SSL
- Variants for central user administration of Oracle databases
- Differentiation between Oracle EUS and CMU
- Integration of Oracle 18c/19c databases with Active Directory Services
Sample setup of an Oracle database with Active Directory integration via Centrally Managed User CMU.
In the context of this workshop the basics as well as extended know-how in the area of Centrally Managed Users and central user administration of Oracle databases in general will be worked out.
More information on this event including full agenda, registration etc. is available on the AOUG web side.
- AOUG Hands On-Day at the User Conference 2019
- AOUG Conference 2019 - "Vienna calling. Technical but fun!"
Slides for lecture
AOUG19_LiveDemo_Oracle_CMU_soe_de.pdf or on slideshare -
Wed22May2019Olten
This year's Spring SOUG Day will take place on 22 May in Olten. I am attending the event with a lecture about Oracle databases and Docker. Similar to my DOAG webinar but updated with the latest use cases.
Short abstract: Oracle has long supported the use of Docker for Oracle databases. In theory, a simple docker run instantiates a container from a docker image. But why isn't the DB container ready in a few seconds? Where does my Oracle DB image come from and what happens if the container is stopped again? This talk explains how Oracle DBs are installed, configured and operated as Docker containers.
The functional scope as well as the size of the Oracle database container presuppose that one or the other thoughts about the use and operation are made in advance. This includes topics such as data persistence, licensing, migration, backup & recovery and other operational aspects. This presentation explains how Oracle databases can be installed, configured and operated as containers in a Docker Image.More information about the agenda and registration will be available on the SOUG website
Have a look at the SOUG Webpage for a detailed agenda of the event and the registration. Looking forward to see you there.
Documentation of the demo is available via https://url.oradba.ch/SOUG1905
-
Mon03Jun2019Tue04Jun2019Düsseldorf
I deliver a presentations entitled “Wieviel Security bietet Oracle XE?” at DOAG Datenbank Tage 2019 event organised by DOAG. More information on this event including full agenda, registration etc. is available on the DOAG web side DOAG Datenbank Tage 2019
Short abstract for my presentation:
The latest version of Oracle Database 18c Express Edition (XE) offers a lot of useful features, which are usually only known from enterprise environments. These include support for multitenant, in-memory, partitioning and other features. But what about database security? What is possible with Oracle 18c XE in the area of database security? Where are workarounds or other products required? And what are differences to other Oracle database editions? The presentation shows how much database security is possible with the latest version of Oracle Express Edition.
I hope you can join this event.
-
Tue27Aug2019Baden
This year's summer SOUG Day will take place on 27 August in Baden. I am attending the event with a lecture about PDB isolation and security.
Short abstract: The same principles and measures of database security can be implemented in container databases as in normal single-tenant environments. However, if the container databases are to be used securely by various tenants with more or less high system privileges, additional security measures are required. Especially if access to the operating system is granted directly or indirectly with JVM, external tables, scheduler jobs or directories. The aim of this presentation is to evaluate database security in the focus of container databases and to discuss appropriate measures. This includes the use of lockdown profiles, PDB_OS_CREDENTIALS and various other measures and features. Where useful, the presentation is complemented by appropriate examples and demos. As far as possible, it is also shown how Oracle handles these problems in its cloud solutions (e.g. Autonomous Database).
More information about the agenda and registration will be available on the SOUG website
Have a look at the SOUG SOUG Day August 2019 for a detailed agenda of the event and the registration. Looking forward to see you there.
-
Fri13Sep2019Sat14Sep201909:00Regensdorf
Like every year, Trivadis meets for their annual TechEvent. This event is organised twice a year. In Spring as a smaller internal event and in late summer as one of the biggest IT event in Switzerland also for Trivadis customers. Information about the event, the registration and the venue can be found on the website. Agenda is available as PDF.
I will participate in the event with two presentations.
Titel DB, CMU and EUS engineering with vagrant
Scheduled Friday, 12 Sept., 13:45 – 14:30
Abstract Friday afternoon and some free time? Ideal to try Centrally Managed Users (CMU) with AD Integration. Or do you prefer Enterprise User Security (EUS)? Oracle features which place extended demands on the infrastructure can usually not be tested in a company without more. Or who simply has access to an Active Directory, which he can reconfigure for Oracle. Somewhat more complex Security Use Cases can be easily rebuilt in a VM environment. With the help of Vagrant, the setup and construction of an appropriate environment can be automated and greatly simplified. The test AD including Unified Directory and Oracle DB is started with a simple "vagrant up" and is then available for engineering work and testing. In the context of this lecture we will show how such an environment can be created with little effort and adapted to your own needs for cloud or on-premises.
Titel Oracle PDB protection and isolation
Scheduled Friday, 12 Sept., 17:10 – 17:55
Abstract The same principles and measures of database security can be implemented in container databases as in normal single-tenant environments. However, if the container databases are to be used securely by various tenants with more or less high system privileges, additional security measures are required. Especially if access to the operating system is granted directly or indirectly with JVM, external tables, scheduler jobs or directories. The aim of this presentation is to evaluate database security in the focus of container databases and to discuss appropriate measures. This includes the use of lockdown profiles, PDB_OS_CREDENTIALS and various other measures and features. Where useful, the presentation is complemented by appropriate examples and demos. As far as possible, it is also shown how Oracle handles these problems in its cloud solutions (e.g. Autonomous Database).
Hope to see you at the Trivadis TechEvent. Do not hesitate to register.
-
Tue15Oct2019Hamburg
I present a lecture on Oracle PDB protection and isolation at the DOAG Security Day in Hamburg. Slides and presentations will be in German. Short abstract on my presentations:
The same principles and measures of database security can be implemented in container databases as in normal single-tenant environments. However, if the container databases are to be used securely by various tenants with more or less high system privileges, additional security measures are required. Especially if access to the operating system is granted directly or indirectly with JVM, external tables, scheduler jobs or directories. The aim of this presentation is to evaluate database security in the focus of container databases and to discuss appropriate measures. This includes the use of lockdown profiles, PDB_OS_CREDENTIALS and various other measures and features. Where useful, the presentation is complemented by appropriate examples and demos. As far as possible, it is also shown how Oracle handles these problems in its cloud solutions (e.g. Autonomous Database).
More Information on the Event including full agenda, registration etc is available on the DOAG web side DOAG SIG Events.
-
Tue19Nov2019Fri22Nov2019Nürnberg
As every year, the DOAG conference in Nürnberg takes place in November. This year I am represented with a presentation about Oracle PDB protection and isolation as well a presentation about testing database features with Docker containers. Additionally I hold a workshop about Oracle databases in Docker containers on the training day.Conference
Titel Testing database features with Docker containers
Scheduled Tuesday, 19. Nov., 16:00 - 16:45
Abstract As a DBA you are always faced with the situation of checking a feature or bug in a new database version. But this does not usually require a dedicated database environment. Many tests can be performed quickly and easily in Oracle databases in Docker Containers. In combination with Docker Compose and corresponding scripts, an appropriate environment can be set up within minutes. After a short introduction to Oracle databases in Docker Container, practical examples and demos will show how the DBA can simplify tests and troubleshooting with this method. This includes: verification of bugs in different DB versions, troubleshooting EUS, verification of PSU or RU and others.
Titel Oracle PDB protection and isolation
Scheduled Thursday, 21 Nov., 13:00 - 13:45
Abstract The same principles and measures of database security can be implemented in container databases as in normal single-tenant environments. However, if the container databases are to be used securely by various tenants with more or less high system privileges, additional security measures are required. Especially if access to the operating system is granted directly or indirectly with JVM, external tables, scheduler jobs or directories. The aim of this presentation is to evaluate database security in the focus of container databases and to discuss appropriate measures. This includes the use of lockdown profiles, PDB_OS_CREDENTIALS and various other measures and features. Where useful, the presentation is complemented by appropriate examples and demos. As far as possible, it is also shown how Oracle handles these problems in its cloud solutions (e.g. Autonomous Database).
Training day
Titel Workshop Oracle Databases in Docker ContainersScheduled Friday, Nov 22nd, 09:00 - 17:00
Abstract Oracle has long supported the use of Docker to install its products, including the latest versions of the Oracle database. In theory, a simple "docker run" instantiates a container from a docker image. But why isn't the database container ready in a few seconds? Where does my Oracle database image come from and what happens if the container is stopped again? The functional scope as well as the size of the Oracle database container presuppose that one or the other thoughts about the use and operation are made in advance. This includes topics such as data persistence, licensing and other operational aspects. Within the scope of this training we develop how Oracle databases can be installed in a Docker image, configured and then operated as corresponding containers.
See you at the DOAG in Nürnberg.
-
Sun01Dec2019Wed04Dec2019Brigthon
This year I have the opportunity to take part in the UKOUG TechFest for the first time. I am represented with two lectures. Have a look at the UKOUG Webpage for a detailed agenda of the event and the venue.
Titel Oracle PDB protection and isolation
Scheduled Tuesday, 3rd Dec., 9:00 AM for 45 minutes
Abstract The same principles and measures of database security can be implemented in container databases as in normal single-tenant environments. However, if the container databases are to be used securely by various tenants with more or less high system privileges, additional security measures are required. Especially if access to the operating system is granted directly or indirectly with JVM, external tables, scheduler jobs or directories. The aim of this presentation is to evaluate database security in the focus of container databases and to discuss appropriate measures. This includes the use of lockdown profiles, PDB_OS_CREDENTIALS and various other measures and features. Where useful, the presentation is complemented by appropriate examples and demos. As far as possible, it is also shown how Oracle handles these problems in its cloud solutions (e.g. Autonomous Database).
Titel Central user administration of Oracle databases
Scheduled Wednesday 4th Dec., 2:45 PM for 45 minutes.
Abstract Security is one of the key challenges for on-premises and cloud based databases nowadays. However, the appropriate security and hardening measures generally only make sense if authentication and authorization have already been implemented with appropriate care. Instead of the decentralised administration of users, privileges and roles in each database, it is easier and more secure to manage them centrally. The latest version of Oracle offers different possibilities to implement this requirement. With focus on the current versions of Oracle Database the following topics are discussed among others:
- Password verifier and strong authentication like Kerberos and SSL.
- Options for central user administration of Oracle databases.
- Oracle EUS versus CMU
- Integration of Oracle Database 19c with Active Directory Services
- Sample setup of an Oracle database with Active Directory Integration via Centrally Managed User (CMU)
The presentation is complemented by appropriate examples and live demos.
See you at the UKOUG TechFest 2019.
Have you missed an event? In this case check out the download page or blog post categorized with speaking. If possible, I’ll provide all information online?