The new EU GDPR and Database Security in general keeps me busy. I’ve updated the list of speeches and events for the next couple of month. It’s an interesting mix between GDPR, Oracle Database Security and MS SQL Server 2016 security. Depending on the feedback of the Call For Papers for the DOAG Conference and the Oracle OpenWorld there will probably be more. But for now I’ll definitely give a full day training on Oracle Database 12c Security at the Education day on DOAG Conference.
Upcoming events
-
Tue20Apr2021
Titel: Oracle Cloud deployment with Terraform
Elevator Pitch: Quickly provisioning of infrastructure resources in the Oracle Cloud? Nothing easier than that with Terraform and the Oracle Terraform Provider. Using a training environment as an example, we show how resources in OCI can be configured and scaled with the Oracle Terraform Provider.
Description: The Oracle Cloud allows to build and configure various infrastructure resources. But you won't get far by just using "click acrobatics" via Web Console, especially if you want to build several similar and complex environments. A mouse click cannot be saved just like that. Oracle offers several API's to create and manage objects in OCI, e.g. Oracle OCI commandline utility, OCI SDK, Terraform Provider etc. This presentation will explain how to implement Infrastructure as Code in OCI using Terraform and the Oracle Terraform Provider. Using a training environment as an example, it will be shown how to build components with Terraform Server, databases and network components and how to scale them in terms of resources or number.
The presentation is supplemented by examples and live demos.
-
Wed05May2021
Titel: DB Oracle Database Security 19c/21c new Feature
Abstract: With the Inovation Release 21c Oracle has introduced one or the other security feature. These include small improvements that make DB operation more secure and easier. But also completely new concepts like DB Nest, which introduce a new approach for databases, how DB security can be implemented in multitenant environments. In this talk we will present the security improvements in the latest Oracle releases. By using simple examples we will check if and where the use of this new security feature is worthwhile. The presentation will be complemented by examples and live demos.
-
Tue11May2021Online
Inhalt:
Kerberos, CMU, EUS oder doch keine zentrale Authentifizierung / Autorisierung Es gibt verschiedene Ansätze, wie man Datenbank Benutzer und Rollen zentral verwalten kann. Doch wo beginnt man an? Welche Lösung passt in ein Unternehmen? Und wie machen es überhaupt andere Unternehmen? Diskutiere mit uns über Architektur und Lösungen für die zentral Verwaltung von Datenbank Benutzer / Rollen. -
Wed02Jun2021
Titel: Oracle Cloud deployment with Terraform
Elevator Pitch: Quickly provisioning of infrastructure resources in the Oracle Cloud? Nothing easier than that with Terraform and the Oracle Terraform Provider. Using a training environment as an example, we show how resources in OCI can be configured and scaled with the Oracle Terraform Provider.
Description: The Oracle Cloud allows to build and configure various infrastructure resources. But you won't get far by just using "click acrobatics" via Web Console, especially if you want to build several similar and complex environments. A mouse click cannot be saved just like that. Oracle offers several API's to create and manage objects in OCI, e.g. Oracle OCI commandline utility, OCI SDK, Terraform Provider etc. This presentation will explain how to implement Infrastructure as Code in OCI using Terraform and the Oracle Terraform Provider. Using a training environment as an example, it will be shown how to build components with Terraform Server, databases and network components and how to scale them in terms of resources or number.
The presentation is supplemented by examples and live demos.
Notes: Einstig in Infrastructure as Code, OCI und Terraform am beispiel von Oracle Schulungs- und Engineeringumgebungen.
-
Fri10Sep2021Sat11Sep2021Warsaw
This year I have the opportunity to take part in the POUG for the first time. Ok just remote, but it is a start. I am represented with one lecture. Have a look at the POUG Webpage for a detailed agenda of the event and the venue.
Titel DB Nest 21c - PDB Security and Isolation
Scheduled Saturday, 11th Sep., 12:55 AM for 45 minutes
Abstract Lockdown Profile, PDB_OS_CREDENTIALS and other measures to enhance security and isolation of multitenant databases are available since Oracle 12c. Unfortunately only a part of the desired measures can be technically implemented. With the latest release of Oracle 21c a new features called DB Nest has been introduced. DB Nest introduced an other approach to security in PDBs. In this presentation we will discuss the new approach and its possibilities to increase database security of PDBs. The presentation will be completed by corresponding examples and live demos.
See you at the POUG 2021.
-
Wed29Sep2021Thu30Sep2021Online
Titel: DB Nest 21c - PDB Security and Isolation
Elevator Pitch: Lockdown profiles, PDB_OS_CREDENTIALS and other measures have been available since Oracle 12c to increase the security of multitenant DBs. However, these functions cover only part of the measures. Oracle 21c introduced DB Nest, which provides a different approach to security in PDBs.
Description: Lockdown Profile, PDB_OS_CREDENTIALS and other measures to enhance security and isolation of multitenant databases are available since Oracle 12c. Unfortunately only a part of the desired measures can be technically implemented. With the latest release of Oracle 21c a new features called DB Nest has been introduced. DB Nest introduced an other approach to security in PDBs. In this presentation we will discuss the new approach and its possibilities to increase database security of PDBs. The presentation will be completed by corresponding examples and live demos.
The presentation is supplemented by examples and live demos.
Link: to the Event and Agenda
-
Tue09Nov2021Fri12Nov2021Online
AUSOUG Connect 2021 will take place over 4 days from 9th November 2021 to 12th November 2021, virtually and online, with each day dedicated to a stream. Registrations is NOW open. Click on the respective streams to register.
- 9th November 2021 – Oracle E-Business Suite/Cloud Applications
- 10th November 2021 – Development/APEX Day
- 11th November 2021 – Big Data/Analytics/Security/EPM & BI Summit
- 12th November 2021 – Database/Cloud Day
Link: https://ausoug.org.au/connect-2021/
My Speeches
Titel: Security Best Practice: Oracle passwords, but secure!
Elevator Pitch: Authentication is an integral part of security. If authentication or passwords are insufficient, all further security measures are obsolete. But how do you ensure that passwords are complex? We will explain the different password hashes and show how to make sure authentication is secure.
Description: Authentication is an integral part of database security. If authentication or passwords are insufficient or inadequate, all further security measures are generally useless. But how do you ensure that passwords are complex and authentication is secure? In this presentation, the password hashes will be explained and it will be shown how to make sure passwords and authentication are state of the art. Focusing on the current versions of the Oracle database, the following topics will be discussed:
- Oracle database authentication
- Password verification and hashes
- Where can I find password hashes?
- Check and password hashes.
- Discussion of various risks related to authentication.
- Discussion of password policies and strong passwords.
- Customer Use Case in the DB Vault environment "ups we have forgotten the passwords".
The presentation will be supplemented by corresponding examples and live demos.
Schedule: Thu, Nov 11, 2021 4:30 PM - 5:20 PM AEDT
Blog Post: A short blog post about the password demos https://www.oradba.ch/2021/11/notes-on-oracle-password-security/
Slides:
-
Tue16Nov2021Thu18Nov2021Mixed
The DOAG 2021 Conference + Exhibition will take place from November 16-18, 2021 as a moderated online conference. Ticket sales have started!
Link: https://2021.doag.org/de/home/
My Speeches
Ready, set, go - DB Sec LAB in 5min
Elevator Pitch: Always having a lab environment at hand to test the latest security features is not easy. Especially when additional infrastructure components like MS AD are needed. We show a few approaches based on IaC, cloud, containers and more.
Description: There is always the problem to analyze or the new feature you want to test briefly. But often you lack a corresponding LAB environment.In this presentation, we will show how you can use Infrastructure as Code and Terraform, Vagrant or Docker to quickly and easily create corresponding LAB environments. In doing so, we will show how to create configurations in OCI and on-premises, depending on the use case. Terraform modules, Vagrant configuration, Docker containers as well as a collection of scripts provide the basics to deploy corresponding resources. Enough material to implement your own ideas. The presentation will be complemented by corresponding demos and examples.
Schedule: Wednesday 17.11.2021, 08:00 - 08:40
Oracle Database Vault - Protection from Thieves, Snakes,...
Elevator Pitch: Oracle DB Vault has been around for a while. What can it be used to take DB security to the next level? How does it fix in an Enterprise Security Architecture. Let’s have a close look into the latest features and possible use cases.
Description: Oracle Database Vault has been on the market for a few years now. The product has been constantly improved over the years. But where is it worthwhile to use it? Which security measures can be implemented with it? And from whom does DB Vault protect me at all? In this presentation, the technical possibilities of Database Vault 19c / 21c will be explained in addition to the experiences from two customer projects. We will try to show where the use of Database Vault is worthwhile under certain circumstances and under which conditions it is not. This also includes whether protection against snakes and thieves is ensured. PS: I asked my children what kind of presentation I should submit.The answers were snakes, thieves and cheetahs…
Schedule: Wednesday 17.11.2021, 11:00 - 11:40
-
Mon22Nov2021Sat11Dec2021Online
Event: Oracle Groundbreakers APAC Virtual Tour 2021 are 2 weeks of exciting speeches, round tables and workshops. This year our annual APAC Groundbreakers tour is going virtual. With the participation of many Oracle User Groups, and Java Communities in the region, this year event is promising to be the biggest event ever done within the APACOUC Community.
Link:
My Speeches
Titel: DB Nest 21c - PDB Security and Isolation
Elevator Pitch: Lockdown profiles, PDB_OS_CREDENTIALS and other measures have been available since Oracle 12c to increase the security of multitenant DBs. However, these functions cover only part of the measures. Oracle 21c introduced DB Nest, which provides a different approach to security in PDBs.
Description: Lockdown Profile, PDB_OS_CREDENTIALS and other measures to enhance security and isolation of multitenant databases are available since Oracle 12c. Unfortunately only a part of the desired measures can be technically implemented. With the latest release of Oracle 21c a new features called DB Nest has been introduced. DB Nest introduced an other approach to security in PDBs. In this presentation we will discuss the new approach and its possibilities to increase database security of PDBs. The presentation will be completed by corresponding examples and live demos.
The presentation is supplemented by examples and live demos.
Schedule: 22. Nov. 2021 01:00-01:45 Europe/Zurich TZ
Titel: Oracle Database Vault - Protection from Thieves, Snakes,...
Elevator Pitch: Oracle DB Vault has been around for a while. What can it be used to take DB security to the next level? How does it fix in an Enterprise Security Architecture. Let’s have a close look into the latest features and possible use cases.
Description: Oracle Database Vault has been on the market for a few years now. The product has been constantly improved over the years. But where is it worthwhile to use it? Which security measures can be implemented with it? And from whom does DB Vault protect me at all? In this presentation, the technical possibilities of Database Vault 19c / 21c will be explained in addition to the experiences from two customer projects. We will try to show where the use of Database Vault is worthwhile under certain circumstances and under which conditions it is not. This also includes whether protection against snakes and thieves is ensured. PS: I asked my children what kind of presentation I should submit.The answers were snakes, thieves and cheetahs…
Schedule: 30. Nov. 2021 09:00-09:45 Europe/Zurich TZ
-
Fri10Dec202110:00online
Titel: Erfahrungsbericht PoC DB Vault 19c mit TDE
Abstract: Oracle Database Vault ist nun bereits seit ein paar Jahren am Markt. Das Produkt wurde über die Jahr stetig verbessert. Doch wo lohnt sich der Einsatz? Welche Sicherheitsmassnahmen können damit umgesetzt werden? Und vor wem schützt mich DB Vault überhaupt? Im Rahmen von dieses Vortrages werden neben den Erfahrungen aus zwei Kundenprojekten die technischen Möglichkeiten von Database Vault 19c / 21c erläutert. Wir versuchen aufzuzeigen, wo sich unter umständen den Einsatz von Database Vault lohnt und unter welchen Bedingungen eher nicht. Dazu gehört auch, ob der Schutz vor Schlangen und Räubern sichergestellt wird.
Link: https://shop.doag.org/shop/prd.110.erfahrungsbericht-poc-db-vault-19c-mit-tde/
Have you missed an event? In this case check out the download page or blog post categorized with speaking. If possible, I’ll provide all information online?