Oracle Security and Net8

Oracle Security and Net8

Virtual Private Database Feature – Provides row-level security across all applications by using a security policy attached to a table or view.
Fine-Grained Access Control - Security rules are evaluated at SQL statement parse time when accessing a base table or view in a select or DML statement.
Application Context – Is set and reset by a designated package. Use the CREATE CONTEXT statement to specify.
Advanced Networking Option (ANO) - Renamed to Oracle Advanced Security.
Enhancements to Enterprise User Management - integrated security and directory services through Oracle Internet Directory (OiD). Information is managed in a directory and is accessed by an LDAP (Lightweight Directory Access Protocol) version 3 compliant server.
Oracle Wallet Manager - Tool used to manage an Oracle wallet. Contains a user’s credentials used for authenticating access to multiple data servers and application servers.
N-Tier Authentication – Can preserve the real client identity via the middle tier and control the connections that a middle tier can perform. Server can also audit actions taken by the middle tier on behalf of a user.
New invoker-rights model – Allows programs to be executed with the privileges of the calling user. The CREATE FUNCTION, CREATE PROCEDURE, CREATE PACKAGE and CREATE TYPE commands contain a new invoker_rights_clause.
Directory-enabled Oracle Security Manager - Provides for administration of enterprise-wide security via a single interface. This product will be incorporated into OEM as the Oracle Security Manager in future releases.
New automatic Database Instance Registration – Database and service names can automatically register themselves with a listener. Also enables dispatcher registration with a listener. Can provide some automatic instance fail over.
Connection Load Balancing – Enabled by instance registration. Listeners can make routing decisions based upon the current dispatcher and instance node loads
Can use service name instead of SID in tnsnames.ora file. Allows for database services to span multiple instances.
New tnsnames.ora parameters – FAILOVER, INSTANCE_NAME, LOAD_BALANCE, SERVICE_NAME.
New listener.ora parameters – PROTOCOL_STACK, PRESENTATION, SESION,
Improvements to native Authentication on Windows NT - Faster, adapter uses Security Support Provider Interface, client and server authenticate each other.