Oracle Technology Network

PRODUCTS

Database
Middleware
Developer Tools
Enterprise Management
Applications Technology
Products A-Z

TECHNOLOGIES

BI & Data Warehousing
Embedded
Java
Linux
.NET
PHP
Security
Windows Server System
Technologies A-Z

ARCHITECTURE

Enterprise 2.0
Extreme Transaction Processing
Grid
Service-Oriented Architecture
Virtualization

COMMUNITY

Join OTN
Oracle ACEs
Oracle Wiki
Blogs
Podcasts
Events
Newsletters
Oracle Magazine
Oracle Books
Certification
User Groups
Partner White Papers

Printer View

E-mail this page

Bookmark

Common Criteria Evaluated Oracle Products
Oracle Database Oracle Enterprise Linux Oracle Application Server Oracle Internet Directory Oracle Identity and Access Management Oracle AquaLogic Oracle WebLogic Other Oracle Products Copies of the Evaluated Configuration Guides may also be obtained by emailing seceval_us@oracle.com.
Oracle Database
Oracle Database 10g Release 2 (10.2.0.3) Enterprise Edition, Standard Edition, Standard Edition1	Oracle Label Security 10g Release 2 (10.2.0.3 )
Oracle Database 10g is the first relational database management system designed for Grid Computing, providing advanced security and functionality for multi-user, distributed database environments. Oracle10g, Release 2 (10.2.0.3) is evaluated against the U.S. Government Protection Profile for Database Management Systems in Basic Robustness Environments, Version 1.1. Oracle Database 10g Release 2 (10.2.0) has been evaluated in three editions: Enterprise Edition, Standard Edition, and Standard Edition One. The following differences between the editions with respect to security functionality that has been evaluated should be noted: Enterprise Edition and Standard Edition support Real Application Clusters Only Enterprise Edition supports Fine-grained Access Conrol and Partitioned Fine-grained Access Conrol Enterprise Users and the authentication with the support of a external LDAP directory Partitioning Fine-grained Auditing	Oracle10g Label Security (OLS) is a security option for the Oracle Database 10g Enterprise Edition, Release 10.2.0.3. It is evaluated against the U.S. Government Protection Profile for Database Management Systems in Basic Robustness Environments, Version 1.1. OLS mediates users access to data via their assigned authorities and labels, allowing data separation by sensitivity within single databases. OLS augments traditional government-centred Multilevel Security and B1 products. It extends classifications and compartments with groups and, exploiting facilities within Oracle10g's Virtual Private Database feature, provides for multiple policies on the same database. Interfaces are provided for creating and managing policies, enforcement options, data labels and user label authorisations, and for protecting individual tables or schemas. OLS also supports releasabilities (or nationality caveats).
Security Target Certification Report Certificate Evaluated Configuration Document FTA Adapted Files	Security Target Certification Report Certificate Evaluated Configuration Document FTA Adapted Files
Oracle Database 10g Enterprise Edition (10.1.0)	Oracle Label Security 10g (10.1.0 )
Oracle Database 10g Enterprise Edition is the first relational database management system designed for Grid Computing, providing advanced security and functionality for multi-user, distributed database environments. Oracle10g, Release 10.1.0 is evaluated against the Database Management System protection profile. In addition to the security functions listed for Oracle9i, Release 2, Oracle10g supports Enterprise User Security including Enterprise Privilege Administration and Password Authenticated Enterprise Users. It has extensible fine-grained auditing and enhanced administrator auditing. Oracle 10g supports secure connections from Oracle 10g databases to older database versions.	Oracle10g Label Security (OLS) is a security option for the Oracle Database 10g Enterprise Edition, Release 10.1.0. It mediates users access to data via their assigned authorities and labels, allowing data separation by sensitivity within single databases. OLS augments traditional government-centred Multilevel Security and B1 products. It extends classifications and compartments with groups and, exploiting facilities within Oracle10g's Virtual Private Database feature, provides for multiple policies on the same database. Interfaces are provided for creating and managing policies, enforcement options, data labels and user label authorisations, and for protecting individual tables or schemas. OLS also supports releasabilities (or nationality caveats).
Security Target Certification Report Certificate Evaluated Configuration Document	Security Target Certification Report Certificate Evaluated Configuration Document
Oracle9i Enterprise Edition (9.2.0)	Oracle9i Label Security (9.2.0)
Oracle9i is an Object/Relational Database Management System, providing advanced security and functionality for multi-user, distributed database environments. Oracle9i, Release 9.2.0.1.0 has been evaluated against the Database Management System protection profile. In addition to the security functions listed for Oracle8i, Release 8.1.7., Oracle9i supports secure application roles (roles that can only be enabled by authorised PL/SQL packages) and adds new privileges. Oracle9i also extends the auditing facilities offered by supporting fine-grained auditing and by increasing the auditing performed on the SYS.user and users connected as SYSDBA and SYSOPER. The product was initially certified on Sun Solaris 8, Microsoft Windows NT 4.0 and then additionally on SuSE Linux.	Oracle9i Label Security (OLS) is a security option for the Oracle9i Release 2 Object/Relational Database Management System (Enterprise Edition). It mediates users access to data via their assigned authorities and labels, allowing data separation by sensitivity within single databases. OLS augments traditional government-centred Multilevel Security and B1 products. It extends classifications and compartments with groups and, exploiting facilities within Oracle9i's VPD, provides for multiple policies on the same database. Interfaces are provided for creating and managing policies, enforcement options, data labels and user label authorisations, and for protecting individual tables or schemas. OLS also supports releasabilities (or nationality caveats). The product was initially certified on Sun Solaris 8, Microsoft Windows NT 4.0 and then additionally on SuSE Linux.
Security Target Certification Report Certificate Evaluation Configuration Document Oracle9i Enterprise Edition on SuSE Linux (9.2.0) Security Target Certification Report Certificate Evaluation Configuration Document	Security Target Certification Report Certificate Evaluation Configuration Document Oracle9i Label Security on SuSE Linux (9.2.0) Security Target Certification Report Certificate Evaluation Configuration Document
Oracle8i Database Server Enterprise Edition (8.1.7)	Oracle8i Label Security (8.1.7)
Oracle8i is an Object/Relational Database Management System, providing advanced security and functionality for multi-user, distributed database environments. Oracle8i, Release 8.1.7.0.0, has been evaluated against the Database Management System protection profile. In addition to the security functions listed for Oracle8, Release 8.0.5.0.0, Oracle8i also supports security policies for fine grained access control, application specific security context, invoker's and definer's rights to permit separation of programmed logic from privileges and data and integration with LDAP-based directory services.	Oracle8i Label Security (OLS) is a security option for the evaluated Oracle8i Object/Relational Database Management System (Enterprise Edition). It mediates users access to data via their assigned authorities and labels, allowing data separation by sensitivity within a single database. OLS adds to traditional government-centred Multi Level Security and B1 products. It extends classifications and compartments with groups and, exploiting the facilities provided by Oracle8i's VPD, provides for multiple policies on the same database. Interfaces are provided for creating and managing policies, enforcement options, data labels and user label authorizations, and for protecting individual tables or schemas.
Security Target Certification Report Certificate Evaluation Configuration Document	Security Target Certification Report Certificate Evaluation Configuration Document
Oracle8 Database Server (8.0.5) - No longer supported	Oracle7 Database Server (7.2.2.4.13) - No longer supported
Oracle8 is an Object/Relational Database Management System, providing advanced security and functionality for multi-user, distributed database environments. Oracle8, Release 8.0.5.0.0, when used in conjunction with an operating system incorporating the Controlled Access Protection (or the equivalent ITSEC F-C2 functionality) provides database security for systems that require C2 functionality. Oracle8, Release 8.0.5.0.0, was evaluated against the Database Management System protection profile. In addition to the security functions listed for Oracle7, Release 7.3.4.0.0, Oracle8 also supports mutual authentication of databases, single sign-on, password management, data dictionary protection, global roles and X.509 certificate based authentication.	Oracle7 is a Relational Database Management System, providing advanced security and functionality for multi-user, distributed database environments. Oracle7, Release 7.2.2.4.13, when used in conjunction with an operating system of ITSEC F-C2 or greater, provides database security for systems that require F-C2 functionality. Oracle7, Release 7.2.2.4.13, was evaluated against the Commercial Database protection profile. The main security functions are identical to those given in the Oracle7, Release 7.2.2.4.13, ITSEC E3 evaluation entry.
Security Target Certification Report Certificate Evaluated Configuration Document	Security Target Certification Report Certificate Evaluation Configuration Document

E-mail this page

Printer View

	About Oracle \| \| Careers \| Contact Us \| Site Maps \| Legal Notices \| Terms of Use \| Privacy