tailieunhanh - Applied Oracle Security: Developing Secure Database and Middleware Environments- P47
Applied Oracle Security: Developing Secure Database and Middleware Environments- P47:Computer security is a field of study that continues to undergo significant changes at an extremely fast pace. As a result of research combined with increases in computing capacity, computer security has reached what many consider to be “early adulthood.” From advances in encryption and encryption devices to identity management and enterprise auditing, the computer security field is as vast and complex as it is sophisticated and powerful | 434 Part IV Applied Security for Oracle APEX and Oracle Business Intelligence n this chapter we look at the Application Express APEX architecture and how to configure it securely. This chapter focuses on solutions at the installation and configuration level. The next chapter is dedicated to secure coding practices. Introduction to the APEX Environment APEX is a web development environment that lives completely inside the database. Understanding the APEX environment both development and runtime is critical to your understanding of how to secure it. Client-server developers have worked in environments in which each user connects to the database as a true database user or schema. Web developers working with technologies such as Java 2 Platform Enterprise Edition J2EE are accustomed to connecting as a single database user and executing all queries and database logic as that user. APEX falls somewhere in between these two approaches and this causes a great deal of confusion for developers new to the APEX environment. Components and Configurations I m going to make a few assumptions to try and keep the examples in this chapter as simple as possible. All content in this book is based on Application Express the most current version at the time of writing. The base architecture has not changed since the first public release of APEX and is unlikely to change in such a way that dramatically affects the concepts. APEX offers a number of major enhancements in the area of security and is therefore the minimum version that you should select when you re starting a new project. Some of these enhancements are exposed as documented features or options available to the developer but many of them are at the core of the APEX engine itself. Starting with Oracle 10g Express Edition and Oracle 11g Standard and Enterprise Editions you can use the Embedded PL SQL Gateway EPG instead of Oracle HTTP Server OHS . Since this book s focus is security all examples are based on OHS with .
đang nạp các trang xem trước