Start reading Effective Oracle Database 10g Security by Design on your Kindle in under a minute. Don't have a Kindle? Get your Kindle here or start reading now with a free Kindle Reading App.

Deliver to your Kindle or other device


Try it free

Sample the beginning of this book for free

Deliver to your Kindle or other device

Sorry, this item is not available in
Image not available for
Image not available

Effective Oracle Database 10g Security by Design (Oracle Press) [Kindle Edition]

David Knox

Print List Price: £49.99
Kindle Price: £47.49 includes VAT* & free wireless delivery via Amazon Whispernet
You Save: £2.50 (5%)
* Unlike print books, digital books are subject to VAT.

Free Kindle Reading App Anybody can read Kindle books—even without a Kindle device—with the FREE Kindle app for smartphones, tablets and computers.

To get the free app, enter your e-mail address or mobile phone number.


Amazon Price New from Used from
Kindle Edition £47.49  
Paperback £49.99  
Kindle Daily Deal
Kindle Daily Deal: Up to 70% off
Each day we unveil a new book deal at a specially discounted price--for that day only. Learn more about the Kindle Daily Deal or sign up for the Kindle Daily Deal Newsletter to receive free e-mail notifications about each day's deal.

Book Description

Oracle security expert David Knox explains how to design and develop an integrated, secure Oracle environment. “In my experience in the security world, including 32 years at the Central Intelligence Agency, I’ve not found anyone with more experience in the theory and practice of protecting your data than David Knox.” --Dave Carey, former Executive Director of the CIA

Product Description


A whole range of tips and tricks on security... The amount of code examples
is truly amazing
--, July 2006

From the Back Cover

Protect Your Mission-Critical Data with Tips and Tricks from an Oracle Security Insider

Oracle expert David Knox has written the most practical, up-to-date book on Oracle Database 10g security available. With an emphasis on real-world problems and detailed solutions, Effective Oracle Database 10g Security by Design provides all the information you need to develop and deploy secure database applications. The entire security cycle is covered--from identification and authentication to fine-grained access control and encryption to effective auditing techniques. The material is presented with comprehensive yet easy-to-understand examples that show how to use all the security technologies in a complementary way.

  • Assess database vulnerabilities and develop effective security policies
  • Preserve user identity with in-depth analyses of JDBC connection pools, proxy authentication, and client identifiers
  • Manage database users from a central directory without sacrificing security
  • Lock down database access using secure application roles
  • Leverage application and database security within Oracle’s Identity Management infrastructure
  • Validate user privileges by using simple views and scripts
  • Protect individual data elements by using the new Oracle DBMS_CRYPTO package
  • Exploit database views to provide row-level and column-level fine-grained access controls
  • Enforce need-to-know access and data privacy with Virtual Private Database and Oracle Label Security
  • Ensure user accountability with Oracle fine-grained Auditing

David Knox is the chief engineer for Oracle’s Information Assurance Center and is one of the premier educators worldwide on Oracle security. While at Oracle he has worked on wide-ranging security programs for various customers including the U.S. Department of Defense, intelligence agencies, financial services companies, and healthcare organizations.

Product details

  • Format: Kindle Edition
  • File Size: 6497 KB
  • Print Length: 544 pages
  • Simultaneous Device Usage: Up to 4 simultaneous devices, per publisher limits
  • Publisher: McGraw-Hill Osborne Media; 1 edition (17 Jun. 2004)
  • Sold by: Amazon Media EU S.à r.l.
  • Language: English
  • ASIN: B004IEA4IM
  • Text-to-Speech: Enabled
  • X-Ray:
  • Word Wise: Not Enabled
  • Amazon Bestsellers Rank: #803,043 Paid in Kindle Store (See Top 100 Paid in Kindle Store)
  •  Would you like to give feedback on images?

More About the Author

Discover books, learn about writers, and more.

Customer Reviews

There are no customer reviews yet on
5 star
4 star
3 star
2 star
1 star
Most Helpful Customer Reviews on (beta) 4.7 out of 5 stars  12 reviews
7 of 7 people found the following review helpful
5.0 out of 5 stars Excellent step by step how to guide for Oracle Security 6 Oct. 2004
By S. Enevold - Published on
Unlike most of Oracle's documentation, which requires you to go through several manuals to accomplish something, this book provides a high to mid level step by step guide for implementing defense in depth and least privilege security for Oracle 10G databases. Granted, this book doesn't go extremely deep to the point of Thomas Kyte's reference manual, but it is an easy read and has specific examples that will help you do basic implementations of Oracle's strongest security capabilities.

I highly recommend this book for anyone interested. You will find useful material, regardless of your expertise level.
6 of 6 people found the following review helpful
5.0 out of 5 stars The Bible of Oracle Security 6 Oct. 2004
By Marshall Presser - Published on
If the solution to your Oracle security problem cannot be found in David Knox's Effective Oracle Security by Design, it cannot be found anywhere. This book is invaluable for anyone needing to understand or implement security in an Oracle 10g or 9i database or middle tier. In addition to clear explanations, there are tested code examples for virtually every task. I would strongly urge anyone concerned with building secure IT systems read this book and take its suggestions. Frankly, I'm not sure how else one could do it.
7 of 8 people found the following review helpful
5.0 out of 5 stars Good Enough for the CIA 13 Dec. 2004
By John Matlock - Published on
It would be easy to be secure if all the data were in one room, there were no connections to the outside world (well I guess you have to have power coming in, but that's all), and there were no people who knew the data.

Unfortunately that's not the real world. Breaking the German and Japanese codes during World War II would have been meaningless if that information wasn't used to sink the submarines, divert the convoy, or be ready at Midway.

The situation hasn't changed, but the integral capabilities of the Oracle database itself have. As security has gotten ever more important, the steps you need to take get every more complex. At the same time, the users of your data can't be expected to agree, they have a job to do and if security systems prevent them from doing their job they will find ways to bypass or ignore the security system.

This book can be read on two levels. First it is an excellent primer on security in general. Second it is Oracle centric so that anyone responsible for security on an Oracle based system need go no further.

Note that the Foreward is by David Carey, former Executive Director of the Central Intelligence Agency. It is generally believed that a big contract from the CIA was Oracle's first major success. The implication is that the CIA worked with Oracle to develop the security system discussed here. If the CIA says it's good enough....
6 of 7 people found the following review helpful
5.0 out of 5 stars Get this Book 11 Nov. 2004
By Steve Rothstein - Published on
This is THE book to own on Oracle 10g Security. In addition to database security, the book also does a great job explaining 10g J2EE application security and identity management. If you want to fully leverage Oracle's powerful database security features in your Oracle applications--and you should--this might be the only detailed roadmap you will find. It IS the only one I could find!
3 of 3 people found the following review helpful
5.0 out of 5 stars Highly Recommeded Book 30 Aug. 2004
By Kasturiranga Meda - Published on
When reading books that serve as Design Guides, the litmus test for it's effectives lies in the answer to the following question, - "Did this book really help me in implementing a solution?" The answer for me was a resounding "YES" especially with regards to Label Security and Proxy Authentication. David Knox does a great job of explaining database security concepts through his examples. Furthermore the passage of an identity through the various layers of an n-tier computing model is clearly explained. The author has done a marvelous job of distilling and articulating his experiences in the information security space.
Were these reviews helpful?   Let us know

Customer Discussions

This product's forum
Discussion Replies Latest Post
No discussions yet

Ask questions, Share opinions, Gain insight
Start a new discussion
First post:
Prompts for sign-in

Search Customer Discussions
Search all Amazon discussions

Look for similar items by category