Académique Documents
Professionnel Documents
Culture Documents
Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Page 2
1
3/24/2016
Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Page 3
Sécurité
Que de choses à faire !!
Audit et Sécuriser le poste client Administration
rapports Sécurité des documents locaux Authentification forte Anti-Phishing et surveillance
Gouvernance
Séparation des
Gestion des configurations Tableaux de bords (COBIT) Politiques de sécurité
responsabilités
4
4
2
3/24/2016
5
5
Espionnage réseau
Data
Injection SQL
Attaques de fichiers et vols de sauvegardes
Réseau mal protégé
Accès aux données mal contrôlés
Applications (WEB) mal codées
6
6
3
3/24/2016
Processus d’extraction des données de production Masquage irréversible des données sensibles
non sécurisés
7
7
4
3/24/2016
Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Page 9
Page 10
Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
5
3/24/2016
Page 11
Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Page 12
6
3/24/2016
Page 14
Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
7
3/24/2016
Page 15
Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
Page 16
Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
8
3/24/2016
Policies Auditor
Edition de rapports multi-sources Databases
consolidés Custom
SoD détaillée intégrée
Security
Analyst
Page 17
Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
Page 18
Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
9
3/24/2016
Page 19
Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
Page 20
Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
10
3/24/2016
Page 21
Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
Abus de privilèges
• Accès aux données abusif : Un utilisateur averti (souvent à profil technique) disposant de privilèges spéciaux sur les bases pourra accéder à des données
sensibles
• Contrôle des accès (SQL) utilisant des privilèges spéciaux : Des mécanismes de contrôles renforcés bloquent les tentatives d’accès aux données utilisant
des privilèges spéciaux
Page 22
Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
22
11
3/24/2016
http://www.oracle.com/database/security
Sites Web
http://www.oracle.com/technetwork/database/security
Customer
http://www.oracle.com/goto/database/security-customers
Successes
Newsletters Security Inside Out
Database Insider
LindkedIn Group: Database Insider
Social Media
Twitter: Oracle Database
Blogs http://blogs.oracle.com/securityinsideout
http://blogs.oracle.com/databaseinsider
Page 23
Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
12