Loading…
This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
View analytic
Thursday, July 29 • 3:15pm - 4:30pm
Hacking and protecting Oracle Database Vault

Sign up or log in to save this to your schedule and see who's attending!

Oracle Database Vault was launched a few years ago to put a limit on DBAs unlimited power especially over highly confidential data where it is required by regulations. This presentation will show how this add-on product for Oracle Database performs on this difficult task, first giving an introduction to DB Vault and what protections does it brings, then showing with many examples how it is possible to bypass the protections provided.

 

The attacks demonstrated include getting operating system access to disable DB Vault, SQL Injection and impersonation techniques to bypass DB Vault protections and how it is possible using simple exploits to circumvent DB Vault. These attack examples are accompanied by recommendations on how to protect from them. Also the presentation shows some issues with native database auditing and has a section with additional recommendations to secure DB Vault and conclusions.


Thursday July 29, 2010 3:15pm - 4:30pm
Day 2 - Where the Data Lives

Attendees (9)