So its finally here.
The Great announcement from openworld 10gr2 is really here .
The feature set is interesting and the fact that Oracle is focusing on security which is a key buzzword in the data marketspace with the HiIPAA and fair accounting proactices stuff.
It is yet to to be seen whatpotiiental the dbms_crypto package can bring. though i wasnt out there in openworld the online presentations did give an outlook of what is in store for us this next year.
Since 10g still isnt very big in the production market. people as usual will take a very cautious note as and when 10g r2 ships.
as a further note this blog also ellaborates a lot of the new features elaborated in this blog
Oracle Database 10g Release 2 keynote at Oracle Open World

Today at Open World one of the key notes was about the introduction of Oracle 10g Release 2. With Release 2 the main thrust is improving efficiency and reducing the cost of management. Its all about Grid computing and automation and self managing databases. What’s in it for us Oracle security aficionados?

Well the most direct points from the "Oracle database 10g Release 2: new feature highlights" document are the quotes to say 10g grid provides 24*7 data access whilst being secure. They don't go to say how the data is secure!, lots of 24*7, such as clusterware redundancy and higher availability, integrated tape backup and recovery (These facts are important for data security), fast failover and most interestingly integrated transparent data encryption and key management in the database. This helps to allow customers to protect their data seamlessly without changing applications - they say. This sounds a very interesting addition, one of which I am keep to get my hands on 10gR2 to test and run through its paces. Encryption of data in the database is an interesting problem. There are three main commercial players in this space - see the links on my Oracle Security Tools page. The fact that Oracle say they will support the handling of keys seamlessly in the database is very interesting. I for one would like to know more.

The backup and high availability functions and improvements are also key features for those interested in security. Backups and recovery processes and also high availability strategies should be a key part of any Oracle security policies and procedures.

One other key item of note in the note in the second page that Oracle are now proving statistics collection from the SGA directly from memory. This means that direct SGA access methods are being used. I have some links to papers written by Kyle Hailey and Miladin Modrakovic on my Oracle Internals page that readers may find very interesting to see how Oracle are doing this. I also talked about Direct SGA access in a couple of previous blog entries.

Posted by Pete On 08/12/04 At 10:40 PM