ISBN : 1430238313
Publisher : Apress
Expert Oracle and Java Security: Programming Secure Oracle
Database Applications with Java provides resources that every Java and
Oracle database application programmer needs to ensure that they have
guarded the security of the data and identities entrusted to them.
You’ll learn to consider potential vulnerabilities, and to apply best
practices in secure Java and PL/SQL coding. Author David Coffin shows
how to develop code to encrypt data in transit and at rest, to
accomplish single sign-on with Oracle proxy connections, to generate and
distribute two-factor authentication tokens from the Oracle server
using pagers, cell phones (SMS), and e-mail, and to securely store and
distribute Oracle application passwords.
Early chapters lay the foundation for effective security in an
Oracle/Java environment. Each of the later chapters brings example code
to a point where it may be applied as-is to address application security
issues. Templates for applications are also provided to help you bring
colleagues up to the same secure application standards. If you are less
familiar with either Java or Oracle PL/SQL, you will not be left behind;
all the concepts in this book are introduced as to a novice and
addressed as to an expert.
Helps you protect against data loss, identity theft, SQL injection, and address spoofing
Provides techniques for encryption on network and disk, code
obfuscation and wrap, database hardening, single sign-on and two-factor
Provides what database administrators need to know about secure
password distribution, Java secure programming, Java stored procedures,
secure application roles in Oracle, logon triggers, database design,
various connection pooling schemes, and much more