Oracle Label Security Technical Overview. Jaime Briggs Account Manager Strategic Accounts MSc CS, CCISP, CCSK

Transcription

1 Technical Overview Jaime Briggs Account Manager Strategic Accounts MSc CS, CCISP, CCSK

2 Agenda Oracle Database Security Defense-in-Depth Business drivers Oracle Label Security policies Data labels and user label authorizations Enforcement options, privileges, trusted stored program units Managing through Oracle Enterprise Manager Applications support Summary Q&A 2

3 Oracle Database Security Solutions Defense in Depth Encryption & Masking Advanced Security Secure Backup Data Masking Access Control Database Vault Label Security Identity Management Auditing and Monitoring Configuration Management Audit Vault Total Recall Database Firewall Identity Management

4 Business Drivers Data consolidation Consolidation of data requires stronger controls due to regulations and/or business policies - ITAR Highly sensitive data gets intermixed with non-sensitive data Data classification Most application data does not have any notion of sensitivity Retrofitting applications, adding views, can be costly Multi-level Security Highly sensitive government data must be controlled based on the data classification of the data and the label authorization (aka Security Clearance) of the database and/or application user 4

5 Data Classification for Access Control Confidential Sensitive Transactions Confidential Report Data Public Reports Sensitive Oracle Label Security has been evaluated under the International Common Criteria at EAL4+ Classify data based on business drivers Database enforced row level access control Label authorizations can be assigned to application users that do not have physical database accounts User label authorizations can be managed in Oracle Identity Management 5

6 Access Control Users* User Label Authorizations Oracle Label Security Access Mediation Labels Data Labels Data *Users can be database or non-database (app users) 6

7 Policies A group of labels, authorizations and protected tables Multiple policies can exist in a single database Policies are basically containers and simplify management Defense Policy HR Policy Business Hosting Policy Judicial Policy 7

8 Data Label Components Component Description Examples Level Compartments Groups One indication of the labeled data s ordered sensitivity ranking Zero or more categories associated with the labeled data Zero or more identifiers of organizations owning or accessing the data Confidential Financial, Strategic HR, PAYROLL, ENGINEERING 8

9 Data Labels Data Label = Level plus Zero or more Optional Compartments plus Zero or more Optional Groups Example: CONFIDENTIAL : FINANCIAL, STRATEGIC : WESTERN REGION Level 2 Compartments 1 Group 9

10 User Label Authorizations Label authorizations extend database authorizations beyond traditional privileges and roles 1. A maximum and minimum level 2. Zero or more authorized compartments 3. Zero or more authorized groups 10

11 User Session Labels The combination of level, compartments, and groups at which a user works at any given time The user can change the session label to any combination of their authorized levels, compartments and groups Highly Sensitive Current Session Label Confidential Public 11

12 Data Labels, User Session Label and Access Control Data Label - A value associated with data rows and specifies confidentiality. Label tags are stored on each row of a protected table. Label tags are numeric to minimize overhead Session Label (Stored in Oracle Memory) Data Rows Label Tag Oracle Label Security Access Mediation 12

13 Policy Enforcement Options READ_CONTROL WRITE_CONTROL INSERT_CONTROL DELETE_CONTROL UPDATE_CONTROL LABEL_UPDATE CHECK_CONTROL NO_CONTROL LABEL DEFAULT 13

14 Data level =< User level Oracle Label Security Read Access Algorithm N Y Data has Groups Y User has at least one Group Data has compartments Y N N N User has all compartments Y Y N No Access Access 14

15 Database Architecture Applications Widget Other Oracle Database Dictionary User Definitions Role Definitions Table Definitions View Definitions Applications Fin HR Label Security Policy Applied Sensitive : US, Europe Highly Sensitive: Europe Confidential Unclassified LBACSYS Dictionary Label Policies Label Definitions User Labels Protected Tables Auditing Enforcement Options 15

16 Demo 16

17 Applications Certification Oracle E-Business Suite See Metalink note Oracle Label Security user label authorizations are initialized using the set_access_profile proxy function based on the FND_USER No default policy provided Other applications Any application can initialize Oracle Label Security by passing in the application username into the set_access_profile function. 17

18 Summary Classify data based on business drivers Database enforced row level access control Label authorizations can be assigned to application users that do not have physical database accounts User label authorizations can be managed in Oracle Identity Management 18

19 For More Information search.oracle.com database security oracle.com/database/security 19

20 Q & A 20

21 21