System News
back1 2 3 4 5 6 7 8 9 10 11 next
Archived Security Articles
20 Feb 2014
open to premium members only
Oracle Identity Federation [34978]
Released as part of Oracle Fusion Middleware 11gR2 Release 2 (11.1.2.2.0)

Damien Carru, a member of the Oracle Identity Management organization, writes,"This new version of OIF provides Identity Provider (IdP) and Service Provider (SP), a.k.a. Relying Party (RP), support for the SAML 2.0, SAML 1.1 and OpenID 2.0 protocols.

The admin interfaces have been revamped to provide a comprehensive and easy way for administrators to manage Federation partnership on a day-to-day basis: while the UI allows the basic administration of Federation settings, which would cover most of the daily use cases, the OIF WLST command scripting tools allow advanced configuration of the Federation servers and its partners.

In this article, I will discuss about the features included in OIF 11.1.2.2.0:

  • Native Integration with OAM
  • Protocols
  • Additional Features

Read on for details..."
(Get More Information . .)

19 Feb 2014
open to premium members only
Oracle Advanced Security Blog [34977]
By Todd Bottger

Todd writes that as, "technical product manager for Oracle Advanced Security here at Oracle Corp, I extend a warm welcome to new readers and hope that you will find this blog informative and useful... By way of background, Oracle Advanced Security is a commonly used option for Oracle Database Enterprise Edition that provides two important preventive controls to protect sensitive data at the source. The first control is Transparent Data Encryption (TDE), which stops would-be attackers from bypassing the database and reading sensitive information directly from storage by enforcing data-at-rest encryption in the database layer. The second control is Data Redaction, which complements TDE by reducing the risk of unauthorized data exposure in applications, redacting sensitive data bound for application display before it leaves the database..."
(Get More Information . .)

20 Jan 2014
open to premium members only
What's New in Oracle Identity Manager 11gR2 PS2? [34580]
By Arda Eralp

Arda writes, "Oracle Identity Manager is a highly flexible and scalable enterprise identity administration system that provides operational and business efficiency by providing centralized administration & complete automation of identity and user provisioning events across enterprise as well as extranet applications. Part of the Oracle Identity Governance Suite, it provides role lifecycle management and privileged account management, ensuring consistent enforcement of identity based controls thereby reducing ongoing operational and compliance costs. This blog post highlights key new features introduced in Oracle Identity Manager 11gR2 PS2. .."
(Get More Information . .)

09 Jan 2014
open to premium members only
Securing Oracle Database 12c: A Technical Primer eBook [34397]
complimentary ebook

Get your complimentary copy of the new database security ebook: Securing Oracle Database 12c: A Technical Primer.

Troy writes, "The book is for database administrators who want to learn more about Oracle Database security and for security professionals who want to learn more about how to secure Oracle Databases in an overall IT environment. While the title references Oracle Database 12c, most of the content is applicable to Oracle Database 9i and above..."
(Get More Information . .)

23 Dec 2013
open to premium members only
Solaris 11.1 STIG update [34115]
Security Technical Implementation Guide (STIG)

Jim Laurent writes, "I am still in the process of creating a Solaris 11.1 Security Technical Implementation Guide (STIG) with DISA Field Security Office. The process is long and detailed requiring significant testing and review by DISA for final approval. The STIG items are complete (pending DISA's approval). While I can't predict how long the final approval will take, if you are a DoD customer wishing to run Solaris 11, you may contact your Oracle systems sales team to receive a draft copy in spreadsheet form.

STIGs are guidelines to assist DoD customers in securing their systems. It is NOT required to have a DISA STIG document to run Solaris 11 in your environment. In the absence of a DISA approved STIG, customers may use industry or vendor recommended guidelines. We already have a number of DoD customers running Solaris 11..."
(Get More Information . .)

16 Dec 2013
open to premium members only
Solaris 11 receives FIPS 140-2 certification [34116]
For Oracle Solaris Kernel Cryptographic Framework

Jim Laurent writes, "NIST has awarded FIPS 140-2 certificate #2060 to the Oracle Solaris Kernel Cryptographic Framework with SPARC T4 and SPARC T5 (Software-Hybrid), and FIPS 140-2 certificate #2061 for the Oracle Solaris Kernel Cryptographic Framework (Software) module. The certificates are not yet available, however, the details are already posted on the NIST Validated FIPS 140-2 Website. ... The Userland Software and Software-Hybrid validations are still in the NIST Coordination phase."
(Get More Information . .)

 
back1 2 3 4 5 6 7 8 9 10 11 next









News and Solutions for Users of Solaris, Java and Oracle's Sun hardware products
Just the news you need, none of what you don't – 42,000+ Members – 24,000+ Articles Published since 1998