Whitepaper

All Oracle E-Business Suite implementations that "store, process, or transmit cardholder data" must comply with Payment Card Industry (PCI) Data Security Standard 3.0 regardless of size or transaction volume. The PCI Data Security Standard (DSS) 3.0...

IOUG COLLABORATE 2011 - Credit card data breaches are headline news thus organizations must properly protect credit card data or risk being tomorrow's headline. If an Oracle Database "stores processes or transmits credit card numbers" it must comply...

IOUG COLLABORATE 2011 - You did everything by the book followed the database security checklists and implemented security best practices but one day you find significant security issues in one of your databases. How did this happen? After auditing...

OAUG COLLABORATE 2011 - You did everything by the book, followed the database security checklists, and implemented security best practices, but one day you find significant security issues in your Oracle E-Business Suite implementation. How did this...

IOUG 2009 COLLABORATE Presentation - Database auditing is one of the most misunderstood and neglected database features, however, database auditing is becoming a key requirement for many organizations compliance activities. This presentation will...

Oracle Database session information includes database user name, operating system user name, host, terminal, IP address, module, program, timestamps, session ID, and other details. These values are critical to auditing and identifying the actual end...

Sarbanes-Oxley’s section 404 requires a company’s key systems be audited. However, many companies have 'unauditable' systems and don’t even know it. This paper explores methods by which companies can create an auditable system by implementing...

Cryptographic hash functions seem to be an ideal method for protecting and securely storing credit card numbers in e-commerce and payment applications. A hash function generates a secure, one-way digital fingerprint that is irreversible and meets...

Most Oracle Applications 11i implementations are vulnerable to a significant security weakness in the encryption of passwords within the application where an insider may be able to circumvent all application controls by accessing any application...

Most application developers underestimate the risk of SQL injections attacks against web applications that use Oracle as the back-end database. This paper is intended for application developers, database administrators, and application auditors to...