Common
Criteria Evaluated Oracle Products |
Oracle
Database
Oracle Enterprise Linux
Oracle Application Server
Oracle Internet Directory
Oracle Identity and Access Management
Oracle Business Intelligence
Oracle Primavera
Oracle AquaLogic
Oracle WebLogic
Other
Oracle Products
Copies of the Evaluated Configuration Guides may also be obtained by emailing seceval_us@oracle.com. |
|
Oracle
Database
|
| Oracle
Database 11g Release 1 (11.1.0.7) Standard Edition / Standard Edition 1 |
Oracle
DatabaseVault 11g Release 1 (11.1.0.7) |
Oracle Database 11g is an object-relational database management system (O-RDBMS), providing advanced security functionality for multi-user distributed database environments. Oracle Database 11g Release 1 (11.1.0.7) is evaluated against the U.S. Government Protection Profile for Database Management Systems in Basic Robustness Environments, Version 1.2.
The following overview applies to the Oracle Database 11g Release 1 Standard Edition:
- Standard Edition and Standard Edition One support up to 4 CPUs (including CPUs in a cluster used with Real Application Clusters).
- Standard Edition supports up to 1000 users, Standard Edition One supports up to to 400 users.
- Standard Edition and Standard Edition One support databases up to a size of 500 GB.
- Standard Edition One does not support Real Application Clusters
Standard Edition is targetted at medium sized organizations and Standard Edition One is targetted at small to medium sized organizations. |
Oracle Database Vault is a security
option for the Oracle Database 11g Enterprise Edition, Release 1
(11.1.0.7). It is evaluated against the U.S. Government Protection Profile for Database Management Systems in Basic Robustness Environments, Version 1.2.
Oracle Database Vault extends the security functionality of the Oracle Database and provides additional fine grained access control functionality for separation of duties and access protection even from highly privileged users. In addition it extends the auditing functionality with specific auditing and audit evaluation functions related to the additional access control functionality. There are further additions to the management functionality with new roles defined by Database Vault and the management functionality for managing the additional access control and audit functions. |
|
|
|
| Oracle
Database 11g Release 1 (11.1.0.7) Enterprise Edition |
Oracle Label
Security 11g Release 1 (11.1.0.7 ) |
Oracle Database 11g is a relational database management system designed for Grid Computing, providing advanced security and functionality for multi-user, distributed database environments. Oracle Database 11g Release 1 (11.1.0.7) is evaluated against the U.S. Government Protection Profile for Database Management Systems in Basic Robustness Environments, Version 1.2.
Oracle Database 11g Release 1 (11.1.0.7) Enterprise Edition supports:
- Real Application Clusters
- Fine-grained Access Conrol and Partitioned Fine-grained Access Conrol
- Enterprise Users and the authentication with the support of a external LDAP directory
- Partitioning
- Fine-grained Auditing
|
Oracle11g Label Security (OLS) is a security
option for the Oracle Database 11g Enterprise Edition, Release 1
(11.1.0.7). It is evaluated against the U.S. Government Protection Profile for Database Management Systems in Basic Robustness Environments, Version 1.2. OLS mediates users access to data via their assigned
authorities and labels, allowing data separation by sensitivity
within single databases.
OLS augments traditional government-centred
Multilevel Security and B1 products. It extends classifications
and compartments with groups and, exploiting facilities within
Oracle11g's Virtual Private Database feature, provides for
multiple policies on the same database.
Interfaces are provided for creating and managing
policies, enforcement options, data labels and user label
authorisations, and for protecting individual tables or schemas.
OLS also supports releasabilities (or nationality caveats). |
|
|
|
| Oracle
Database 10g Release 2 (10.2.0.3) Enterprise Edition, Standard Edition, Standard Edition1 |
Oracle Label
Security 10g Release 2 (10.2.0.3 ) |
Oracle Database 10g is the first relational database management system designed for Grid Computing, providing advanced security and functionality for multi-user, distributed database environments. Oracle10g, Release 2 (10.2.0.3) is evaluated against the U.S. Government Protection Profile for Database Management Systems in Basic Robustness
Environments, Version 1.1.
Oracle Database 10g Release 2 (10.2.0) has been evaluated in three editions: Enterprise Edition, Standard Edition, and Standard Edition One. The following differences between the editions with respect to security functionality that has been evaluated should be noted:
- Enterprise Edition and Standard Edition support Real Application Clusters
- Only Enterprise Edition supports
- Fine-grained Access Conrol and Partitioned Fine-grained Access Conrol
- Enterprise Users and the authentication with the support of a external LDAP directory
- Partitioning
- Fine-grained Auditing
|
Oracle10g Label Security (OLS) is a security
option for the Oracle Database 10g Enterprise Edition, Release
10.2.0.3. It is evaluated against the U.S. Government Protection Profile for Database Management Systems in Basic Robustness Environments, Version 1.1. OLS mediates users access to data via their assigned
authorities and labels, allowing data separation by sensitivity
within single databases.
OLS augments traditional government-centred
Multilevel Security and B1 products. It extends classifications
and compartments with groups and, exploiting facilities within
Oracle10g's Virtual Private Database feature, provides for
multiple policies on the same database.
Interfaces are provided for creating and managing
policies, enforcement options, data labels and user label
authorisations, and for protecting individual tables or schemas.
OLS also supports releasabilities (or nationality caveats). |
|
|
|
Oracle
Database 10g Enterprise Edition (10.1.0) |
Oracle Label
Security 10g (10.1.0 ) |
Oracle Database 10g Enterprise Edition is the
first relational database management system designed for Grid
Computing, providing advanced security and functionality for
multi-user, distributed database environments. Oracle10g, Release
10.1.0 is evaluated against the Database Management System
protection profile. In addition to the security functions listed
for Oracle9i, Release 2, Oracle10g supports Enterprise User
Security including Enterprise Privilege Administration and
Password Authenticated Enterprise Users. It has extensible
fine-grained auditing and enhanced administrator auditing. Oracle
10g supports secure connections from Oracle 10g databases to older
database versions. |
Oracle10g Label Security (OLS) is a security
option for the Oracle Database 10g Enterprise Edition, Release
10.1.0. It mediates users access to data via their assigned
authorities and labels, allowing data separation by sensitivity
within single databases.
OLS augments traditional government-centred
Multilevel Security and B1 products. It extends classifications
and compartments with groups and, exploiting facilities within
Oracle10g's Virtual Private Database feature, provides for
multiple policies on the same database.
Interfaces are provided for creating and managing
policies, enforcement options, data labels and user label
authorisations, and for protecting individual tables or schemas.
OLS also supports releasabilities (or nationality caveats). |
|
|
|
Oracle9i
Enterprise Edition (9.2.0) |
Oracle9i
Label Security (9.2.0) |
Oracle9i is an Object/Relational Database
Management System, providing advanced security and functionality
for multi-user, distributed database environments. Oracle9i,
Release 9.2.0.1.0 has been evaluated against the Database
Management System protection profile. In addition to the security
functions listed for Oracle8i, Release 8.1.7., Oracle9i supports
secure application roles (roles that can only be enabled by
authorised PL/SQL packages) and adds new privileges. Oracle9i also
extends the auditing facilities offered by supporting fine-grained
auditing and by increasing the auditing performed on the SYS.user
and users connected as SYSDBA and SYSOPER. The product was
initially certified on Sun Solaris 8, Microsoft Windows NT 4.0 and
then additionally on SuSE Linux. |
Oracle9i Label Security (OLS) is a security option
for the Oracle9i Release 2 Object/Relational Database Management
System (Enterprise Edition). It mediates users access to data via
their assigned authorities and labels, allowing data separation by
sensitivity within single databases. OLS augments traditional
government-centred Multilevel Security and B1 products. It extends
classifications and compartments with groups and, exploiting
facilities within Oracle9i's VPD, provides for multiple policies
on the same database. Interfaces are provided for creating and
managing policies, enforcement options, data labels and user label
authorisations, and for protecting individual tables or schemas.
OLS also supports releasabilities (or nationality caveats). The
product was initially certified on Sun Solaris 8, Microsoft
Windows NT 4.0 and then additionally on SuSE Linux. |
|
Oracle9i Enterprise Edition on SuSE Linux
(9.2.0)
|
Oracle9i Label Security on SuSE Linux
(9.2.0)
|
Oracle8i
Database Server Enterprise Edition (8.1.7) |
Oracle8i
Label Security (8.1.7) |
Oracle8i is an
Object/Relational Database Management System, providing advanced
security and functionality for multi-user, distributed database
environments. Oracle8i, Release 8.1.7.0.0, has been evaluated
against the Database Management System protection profile. In
addition to the security functions listed for Oracle8, Release
8.0.5.0.0, Oracle8i also supports security policies for fine
grained access control, application specific security context,
invoker's and definer's rights to permit separation of programmed
logic from privileges and data and integration with LDAP-based
directory services. |
Oracle8i
Label Security (OLS) is a security option for the evaluated
Oracle8i Object/Relational Database Management System (Enterprise
Edition). It mediates users access to data via their assigned
authorities and labels, allowing data separation by sensitivity
within a single database.
OLS adds to traditional government-centred
Multi Level Security and B1 products. It extends classifications
and compartments with groups and, exploiting the facilities
provided by Oracle8i's VPD, provides for multiple policies on the
same database.
Interfaces are provided for creating and managing
policies, enforcement options, data labels and user label
authorizations, and for protecting individual tables or schemas. |
|
|
|
Oracle8
Database Server (8.0.5) - No longer supported |
Oracle7
Database Server (7.2.2.4.13) - No longer supported |
Oracle8 is an
Object/Relational Database Management System, providing advanced
security and functionality for multi-user, distributed database
environments. Oracle8, Release 8.0.5.0.0, when used in conjunction
with an operating system incorporating the Controlled Access
Protection (or the equivalent ITSEC F-C2 functionality) provides
database security for systems that require C2 functionality.
Oracle8, Release 8.0.5.0.0, was evaluated against the Database
Management System protection profile. In addition to the security
functions listed for Oracle7, Release 7.3.4.0.0, Oracle8 also
supports mutual authentication of databases, single sign-on,
password management, data dictionary protection, global roles and
X.509 certificate based authentication. |
Oracle7 is a
Relational Database Management System, providing advanced security
and functionality for multi-user, distributed database
environments. Oracle7, Release 7.2.2.4.13, when used in
conjunction with an operating system of ITSEC F-C2 or greater,
provides database security for systems that require F-C2
functionality. Oracle7, Release 7.2.2.4.13, was evaluated against
the Commercial Database protection profile. The main security
functions are identical to those given in the Oracle7, Release
7.2.2.4.13, ITSEC E3 evaluation entry. |
|
|
|
Bookmark
