Fine-Grained Audit and ORA-28134 Error

I have been working on a customer database hardening. Database security isn’t really my cup of tea but it seems to be very popular these days. One of the requirement from the customer was the ability to monitor the database operation (which is very easy with the simple Oracle Audit features).

After we did that, the customer needed another auditing. He has sensitive data in one of the tables and he wanted some kind of auditing of the table access. This is one of the more central of his application so he asked the application should be excluded from the monitoring.

My first thought was to use the simple auditing for that but a short research showed that once an object is being monitored, there is no exclude feature to it. Another solution that came to mind is to use the ancient Fine-grained audit (DBMS_FGA). I know I’m coming a bit late to the party, and I know Oracle 12c has new and exciting ways of auditing but the customer was using Oracle and is not planning on upgrading soon.

Read more

Oracle Data Redaction

Here is a real treat: my good friend and colleague, Oracle ACE Director Oded Raz has agreed to publish couple of his high-end content about database security in my blog.
This time, Oded tells us about Data Redaction.

Sensitive data is everywhere in our organization’s systems. Today, organizations are required to protect sensitive data; these requirements come from regulations, laws and the necessity of the organization to protect its own data and customer’s information from falling to the wrong hands.

Data masking can dynamically or statically protect sensitive data by replacing it with fictitious data that looks realistic to prevent data loss in different use cases, understanding the difference between Static Data Masking – SDM and Dynamic Data Masking – DDM is crucial for implementing the right solution for each situation.
Read more

My New Year Resolutions for 2016

As 2015 is coming to its end and a new year is beginning, I find myself looking back, counting my successes and failures. I was very optimistic for this year, and indeed, it did not disappoint.

The year started just after I was awarded my Oracle ACE Associate in November 2014, so obviously I felt this year is going to be awesome in that field but I think I’ll need some goal setting if I want to get where I want to be next year. So here are some of my (professional) year summary and my New Year resolutions.

My main goal for next year is upgrading my Oracle ACE title and I hope these will help me achieve it.

I’m publicly posting them so I can check if I followed through, on January 1, 2017… 🙂

Read more

Oracle Week 2015: Oracle Advanced PL/SQL Presentation

, ,

As I said in my earlier post about Oracle Week 2015, this is one of the biggest database related educational (non-sale oriented) convention in Israel. None of the session is designed for selling any products (but consultant use it to showcase their abilities hoping to sell some professional services :)). Yesterday was my second daylong session in this convention this year . This time we talked about advanced features in PL/SQL and some new features of Oracle 12c.
Read more

Oracle Week 2015: Oracle Database Advanced Querying Presentation

, ,

Oracle week is one of the biggest Oracle related events in Israel which has going on yearly for the past 22 years (!).
It’s a 5 days long event with about 2000 participants in total over 80 different day-long seminars.
The seminars are around 8.5 hours (9am to 4:30pm) and are basically a day long course on various Oracle technologies which is nothing like the 45-90 minutes sessions I’m used to in the OUG sessions.
Read more

Big Data for CIOs Presentation


A few months ago I was asked to give a two hours lecture to a group of CIOs. The topic was a bit vague – “Introduction to Big Data and NoSQL” but I agreed to give it a try anyway.

Since I feel Big Data is such a big topic and since I really wanted to give the CIO so added value, I created this presentation. The aim of the presentation wasn’t to cover all the technological aspects of the topic, but to give some overview and pointers for the future. We talked about basic principles, issues that needs tackling, and solution that might be relevant in the near future. We also talked about NoSQL in order to understand the relation between RDBMS based solution and other kind of solutions.
Read more