Database Reference
In-Depth Information
Chapter 16
Oracle Security Architecture
Foundations
This chapter will provide an overview of Oracle architecture and how that fits with IT security architectural design
theory. Practical examples of why this is important to the security of your systems will be explored, as well as
implications for risk calculation, so that audit processes can be shown to be compliant.
EM12c Architectural Control
As discussed in the previous chapter, EM12c has the power to provide large-scale automated administration,
monitoring, and reporting, which can form a distributed defense policy. Additionally, EM12c coordinates the tiers of
an Oracle architecture (see Figure
16-1
).
OSI
Layers
WWW/Cloud
App/Ebus
Appserver/weblogic
DB
*nix
Storage
EM12c
Oracle
Architecture
Figure 16-1.
Architectural layers that communicate with EM
Why Do We Need Architectural Thinking?
An architectural coordinating capability is important because advanced pentesting techniques take advantage of
architectural weaknesses. Responsibility for security passes from one team to another where one layer meets another,
thus raising the potential for mistakes and security vulnerability.
