tailieunhanh - Applied Oracle Security: Developing Secure Database and Middleware Environments- P50
Applied Oracle Security: Developing Secure Database and Middleware Environments- P50:Computer security is a field of study that continues to undergo significant changes at an extremely fast pace. As a result of research combined with increases in computing capacity, computer security has reached what many consider to be “early adulthood.” From advances in encryption and encryption devices to identity management and enterprise auditing, the computer security field is as vast and complex as it is sophisticated and powerful | 464 Part IV Applied Security for Oracle APEX and Oracle Business Intelligence For this example we ll use to generate a 16 byte key SYSTEM@AOS grant execute on dbms_crypto to sec_admin Grant succeeded. SEC_ADMIN@AOS select 16 salt from dual SALT 231F8E440E65B5C180FA184F94F55B71 Now we ll use following table to store usernames and passwords. The user SEC_ADMIN will own this table and related packages. create table application_users id raw 16 default sys_guid user_name varchar2 255 verification raw 128 constraint app_users_pk primary key id constraint app_users_uq unique user_name The following package will be used to create and authenticate users. Note the use of EXECUTE IMMEDIATE for any queries or DML against the APPLICATION_USERS table. In the event that someone does gain access to our table he cannot simply query one of the dictionary views such as DBA_DEPENDENCIES to determine the package used to set the password. This is certainly not a foolproof technique but does make it more challenging to dissect the logic associated with password hashes. create or replace package custom_apex_auth as procedure create_user p_username in varchar2 p_password in varchar2 function validate_user p_username in varchar2 p_password in varchar2 return boolean end custom_apex_auth create or replace package body custom_apex_auth as -- key from g_salt raw 256 231F8E440E65B5C180FA184F94F55B71 function get_mac p_password in varchar2 Chapter 12 Secure Coding Practices in APEX 465 return raw is begin return src typ key end get_mac p_password g_salt procedure create_user p_username in varchar2 p_password in varchar2 is l_mac raw 128 begin l_mac get_mac p_password execute immediate insert into application_users values user_name verifi a b cation using upper p_ username l_mac end create_user function validate user p_username in varchar2 p_password
đang nạp các trang xem trước