|
AT ORACLE: Resources
OTN Community Bulletin
Upcoming audit? Get prepared via Project Lockdown.
Database Security Best Practices in a Box
Has there ever been a better time to educate yourself about best practices for maintaining database security? If the recent stories in the media about information security breaches haven't motivated you to do so, perhaps the shadow of an impending security audit will. (If neither is motivating you, then you have even bigger challenges.) Fortunately, OTN's new "Project Lockdown" technical article series has arrived to serve this purpose.
"Project Lockdown," published in partnership with Oracle ACE Arup Nanda—the author behind the "Oracle Database 10g: Top Features for DBAs" series—takes a unique and actionable approach. If you had a single day to secure your Oracle Database using out-of-the-box features—or more realistically, a single week, month, or quarter—what would be on your action item checklist? In "Project Lockdown," Nanda provides the answers, not to mention the checklist PDFs themselves.
Just by way of example, Phase 1 (duration of one day) includes simple but detailed instructions for removing default passwords, configuring Oracle binary permissions, securing the Listener (a popular hacker target), and trimming back sweeping privileges such as DROP ANY TABLE. For those of you committed to an extended project over the course of a quarter, Phase 4 offers guidance for creating a Virtual Private Database, implementing transparent data encryption, creating secure backups, and more.
A key point is that although many of these best practices are designed to foil external attacks, several of them, such as auditing, are useful for containing internal threats (which are your most likely risks, in fact) as well. (Of course, Oracle Database Vault, the new option to Oracle Database 10g Release 2 Enterprise Edition, is potentially your best solution for preventing malicious superusers from accessing applications or performing tasks outside their authorized responsibilities.)
Get your own "lockdown" project started at oracle.com/technology/pub/articles/project_lockdown.
The Rising Stars of blogs.oracle.com
It's been three or four months since blogs.oracle.com launched, and the response has been awesome—at the time of this writing, there have been more than half a million page views (collectively). The blog launch has motivated scores of Oracle employees to take advantage of this new platform to more easily communicate and interact with Oracle users, resulting in an incredibly content-rich environment for newcomers and experts alike.
Many new employee blogging "stars" have risen at blogs.oracle.com. Here are just a few, along with the names of their blogs:
- Steven Chan, Oracle E-Business Suite Technology. This is perhaps the best of the bunch. The volume of information here for Oracle E-Business Suite users is simply incredible, not to mention straight from the technology team behind the suite.
Sample post: "In-Depth: Demilitarized Zones and the E-Business Suite"
- Nishant Kaushik, the Identity Corner. Identity management is a hot technology, and Kaushik does an excellent job demystifying it—explaining business drivers and technical underpinnings equally well.
Sample post: "Analyzing Microsoft's Approach to Provisioning"
- Christopher Jones, Christopher Jones on OPAL. The Oracle-PHP-Apache-Linux (OPAL) stack gives LAMP (Linux-Apache-MySQL-Perl/PHP/Python/Primate) a run for its money, and Jones is consistently adept at explaining why.
Sample post: "Getting Oracle Connection Errors Faster in PHP"
- Matt Wright, Matt Wright's Blog. This blog is simply overflowing with useful information about developing and deploying Business Process Execution Language (BPEL)-based business flows.
Sample post: "Sharing XML Schemas across BPEL Processes"
With blogs.oracle.com, these and other talented Oracle employee and nonemployee bloggers have the opportunity to forge a new "trusted relationship" with their respective communities. Score one for corporate blogging.
Read more Oracle blogs for DBAs and developers at blogs.oracle.com.
Justin Kestelyn, OTN Editor in Chief
justin.kestelyn@oracle.com
|
Most Popular* Content on OTN
For DBAs/Sysadmins:
1. "Installing Oracle Database 10g on Linux x86," by John Smiley
2. "Oracle Database 10g: Top 20 Features for DBAs," (series), by Arup Nanda
3. "Build Your Own RAC Cluster on Linux and FireWire," by Jeffrey Hunter
4. "Project Guide for Oracle RAC Implementation," by Christopher Haskins
5. "Oracle Database 10g Express Edition: Not Just for Learners," by Lewis Cunningham
For Developers:
1. "A Hype-Free Introduction to Ajax," by Chris Schalk
2. "Ruby on Rails on Oracle: A Simple Tutorial," by Richard Monson-Haefel
3. "SOA Best Practices: The BPEL Cookbook," by various authors
4. "Installing PHP and the Oracle 10g Instant Client for Linux and Windows," by Christopher Jones
5. "'Hello Ajax!' How to Do the Ajax Thing with Oracle JDeveloper," by Frank Nimphius
*For the two-month period ending May 31, 2006
|
New Tech Articles, Columns, & Notes
For Developers
"Build an Online Reporting Application Using Oracle XML Publisher"
by Mark Rittman
Oracle ACE Mark Rittman explains how to create an online reporting environment using XML Publisher technology, step by step.
"'Hello Ajax!' How to Do the Ajax Thing with Oracle JDeveloper"
by Frank Nimphius
Oracle ACE Frank Nimphius provides a quick-start introduction to Asynchronous JavaScript and XML (Ajax) by creating a simple "Hello World" application.
"A Hype-Free Introduction to Ajax"
by Chris Schalk
Get an overview of the core fundamentals of Ajax (as well as its relationship to JavaServer Faces) from Oracle ACE Chris Schalk, without the usual hype.
"Ruby on Rails on Oracle: A Simple Tutorial"
by Richard Monson-Haefel
Learn the basics of Ruby on Rails—the dynamic framework that's taking the Web development community by storm—with Oracle on the back end.
(Full cookbook at oracle.com/technology/pub/articles/oracle_php_cookbook.)
"Grails on Oracle for Java Developers"
by Tug Grall
Learn how to quickly build a Grails application on Oracle Database 10g Express Edition, and then deploy it to Oracle Application Server 10g.
"Adding Google-like Search Operators to Simple Search Boxes"
by Nick Bollweg
Give your users instant access to your most important information. From the "Oracle+PHP Cookbook."
For DBAs/Sysadmins
"Project Lockdown: Database Security Best Practices"
by Arup Nanda
Learn a practical, phased approach to securing your database infrastructure using built-in Oracle Database security features—over one day, week, month, and quarter.
"Project Guide for Oracle RAC Implementation"
by Christopher Haskins
Get a step-by-step guide for defining, designing, and delivering a successful Oracle Real Application Clusters (Oracle RAC) project in your organization.
New OTN TechCasts (Podcasts)
All OTN TechCasts (podcasts) are available at oracle.com/techcasts
"The Developer's Guide to Oracle Fusion Middleware and Microsoft Office"
Oracle Fusion Middleware Product Strategy Director Frank Knifsend chats with Peter Lubbers, author of the Oracle Application Server Developer's Guide for Microsoft Office Interoperability, 10g Release 3, about the various ways developers can integrate Oracle Fusion Middleware functionality with Microsoft Office functionality and the technologies that make it possible.
"SOA Best Practices Roundtable Series"
In this multipart Oracle TechCast series, hear directly from Oracle customers who have successfully deployed service-oriented architectures (SOAs) at their organizations—and about all the attendant pitfalls and opportunities.
| 
Bookmark
