New Security Features Oracle 11g Release 2

Here are the New Features Oracle 11g Release 2.

  • ¬†Enhancements to the Audit Trail Cleanup Process
    (Oracle has added several enhancements to the audit trail cleanup process, e.g. set maximum size and age for os audit trails, mobe audit trail from SYSTEM tablepace, purge audit trail records in one operation or purge job, timestamp audit trail records based on their archive date)
  • Enhancements to Directory Objects
    (Execute Privilege for Directory Objects. Since Oracle 11.1.0./ it is possible to run OS commands via external tables. This privilege allows to restrict the execution of OS commands.
    Auditing of directory objects „AUDIT EXECUTE ON DIRECTORY rds_dir BY ACCESS;“)
  • Enhancements to Fine-Grained Access to External Network Services
    (utl_http supports azon Simple Storage Service (S3) scheme,
    support for IPv6)
  • Global Application Contexts Available Across Oracle RAC Instances
  • Secure Sockets Layer (SSL) Version 2 Support Change
    (SSL is no longer included in the default list of default supported protocols)
  • Tablespace Master Key Rekey: Changing the Encryption Key Password
    (To fullfil the PCI DSS requirements it is now possible to rotate the encryption key)

Some features are deprecated with this version of Oracle:

  • DB_EXTENDED Setting for the AUDIT_TRAIL Parameter Deprecated
    (instead use the DB,EXTENDED string)
  • WKUSER Role and Ultra Search Schemas Deprecated
    (The WKUSER role and the schemas WKSYS, WKTEST, WKPROXY have been deprecated)
  • Database Configuration Assistant No Longer Provides Default Security Settings
    (Audit options and password policies are automatically added to the database if you use DBCA)
    (btw „IDENTIFIED BY VALUES is still undocumented, see Oracle documentation)
  • Password for the listener.ora File Deprecated
    (According to Oracle it is no longer needed and will be removed in Oracle 12)

Comments are closed.