Oracle数据库安全架构

Oracle数据库技术（格局篇）Oracle 18c是Oracle新一代数据库，可以部署在本地或 Oracle 云中，运行在专用于 Oracle Exadata和Oracle 数据库机等数据库工作负载的通用硬件或工程系统上。

它为各种规模的企业提供了访问世界上最快，最具可扩展性和可靠性的数据库技术，以便在云，本地和混合云配置中安全，经济地部署事务和分析工作负载。

Oracle Database 18c是在以前Oracle Database 12c中引入的功能添加了新功能和增强功能，包括：1）多租户架构可大幅节省成本和灵活性。

2）内存列存储，可实现实时分析的性能提升。

3）本机数据库分片，可实现大规模 Web 应用程序的高可用性。

4）增强数据库性能，可用性，安全性，分析和应用程序开发的更多关键功能。

Oracle Database 18c 提供了一个高性能、高可靠和高安全的平台，可以在云，本地或混合云进行部署。

它提供了在本地和云中运行的相同熟悉的数据库软件，使客户能够使用其内部开发的 Oracle 应用程序和 ISV应用程序，并在 Oracle 云上运行它们，而不会导致任何应用程序更改。

Oracle Multitenant 是面向下一代数据库云的架构。

它提供了隔离、敏捷性和规模经济。

在这个架构中，一个多租户容器数据库可容纳多个可插拔数据库。

现有数据库可以直接采用，无需更改应用。

Oracle Multitenant 是对 Oracle Real Application Clusters 和Oracle Active Data Guard 等选件的全面补充。

内存优化，支持实时分析。

Oracle Database In-Memory 优化了分析和混合负载 OLTP，不仅提供出色的事务处理性能，还支持实时分析、商务智能和报告。

Oracle Database In-Memory 提供了一个独特的双格式架构，可以同时使用传统的行格式和新的内存中列格式在内存中表示表。

Oracle双机热备架构方案一想到Oracle双机热备，我脑海中立刻浮现出那些无数个夜晚，灯火通明的数据中心，以及那些为了保证数据安全、系统稳定而奋斗的工程师们。

在这个方案中，我们要解决的问题是如何确保关键业务数据的实时备份和快速恢复，下面就是我构思这个方案的过程。

我们需要明确Oracle双机热备的架构。

Oracle双机热备，顾名思义，就是两台服务器互为备份，一台为主机，另一台为备机。

当主机发生故障时，备机能够迅速接管主机的业务，保证业务的连续性。

1.架构设计（1）硬件设备我们需要两台性能相近的服务器，最好是同一型号，这样可以减少硬件兼容性问题。

服务器需要具备较高的处理能力，以满足业务需求。

（2）存储设备为了实现数据的实时备份，我们需要使用共享存储设备。

这里有两种选择：磁盘阵列和存储网络。

磁盘阵列可以提供较高的数据读写速度，但成本较高；存储网络则相对便宜，但性能略有不足。

根据实际需求，我们可以选择合适的存储方案。

（3）网络设备为了实现数据的实时同步，我们需要搭建一个高速网络。

这里建议使用万兆以太网，以保证数据传输速度。

2.软件配置（1）操作系统（2）Oracle数据库在两台服务器上安装Oracle数据库，并配置好数据库实例。

为了保证数据的一致性，我们需要使用OracleDataGuard来实现实时数据备份。

（3）集群管理软件为了实现故障切换，我们需要使用集群管理软件。

这里推荐使用OracleClusterware，它可以帮助我们实现快速的故障切换和恢复。

3.实施步骤（1）搭建硬件环境我们需要将两台服务器连接到共享存储设备，并配置好网络设备。

（2）安装操作系统在两台服务器上安装相同的操作系统，并配置好网络参数。

（3）安装Oracle数据库在两台服务器上安装Oracle数据库，并配置好数据库实例。

（4）配置OracleDataGuard在主机上创建一个物理备份，然后将备份传输到备机。

在备机上配置OracleDataGuard，实现实时数据备份。

Exadata Product Development98MTargetDEC ‘131B YahooDec ’16400M Friend Finder Dec ‘16150MeBayMay ‘14200M ExperianMar ’14 US Voters 191M, Dec 15150MAdobe Oct ‘1356MHome Depot Sep ‘1476M JPMCOct ‘1480M AnthemFeb ‘152M Vodafone Oct ‘1342M Cupid Media Jan ’13TBs IP Sony Nov ’14 2MOrangeFeb/Apr ‘1420MCredit Bureau 12MTelecomS. Korea Jan ‘1422MBenesse Education Jul ‘14Japan Espionage KasperskyJun ‘15400GB IP TheftHackingTeam Jul ‘15Carphone Warehouse Aug ’152.4M4MTalk TalkOct 1550MTurkish GovtApr ‘165M VTech Nov ‘1530M BSNL TelcoJournal Jul ‘15Kmart Oct ‘1511M PremeraBlue Cross Mar ‘1593M Mexico Voter Apr ‘16154MUS Voter Jun ‘1632M AshleyMadisonJul ’15US OPM, 22MJun ’15 15M T-MobileOct ’154.6MScottrade Oct ’1555M PhilippinesVoter list Apr ‘16Security Breaches: High Costs to Businesses and Customers (Records/Data Theft)3.2M Debit cardsOct ‘16SabreMar ‘16CIAApr ‘1777M Edmodo May ‘17143M EquifaxJuly ‘17 1.1B AadhaarJan ‘18340MExactisJun ‘18218M Zynga Sep ‘199M Easy JetMay ‘2098MTargetDEC ‘131B YahooDec ’16400M Friend Finder Dec ‘16150MeBayMay ‘14200M ExperianMar ’14 US Voters 191M, Dec 15150MAdobe Oct ‘1356MHome Depot Sep ‘1476M JPMC Oct ‘1480M AnthemFeb ‘152M Vodafone Oct ‘1342M Cupid Media Jan ’13TBs IP Sony Nov ’14 2MOrange Feb/Apr ‘1420MCredit Bureau 12MTelecomS. Korea Jan ‘1422MBenesse Education Jul ‘14Japan Espionage KasperskyJun ‘15400GB IP Theft HackingTeam Jul ‘15Carphone Warehouse Aug ’152.4M4MTalk TalkOct 1550MTurkish Govt Apr ‘165M VTech Nov ‘1530MBSNL TelcoJournal Jul ‘15Kmart Oct ‘1511M PremeraBlue Cross Mar ‘1593M Mexico Voter Apr ‘16154MUS Voter Jun ‘1632M AshleyMadisonJul ’15US OPM, 22MJun ’15 15M T-MobileOct ’154.6MScottrade Oct ’1555M PhilippinesVoter list Apr ‘16Security Breaches: High Costs to Businesses and Customers (Records/Data Theft) –Continuation Slide3.2M Debit cardsOct ‘16SabreMar ‘16CIAApr ‘1777M Edmodo May ‘17143M EquifaxJuly ‘17 1.1B Aadhaar Jan ‘18340MExactisJun ‘18218M Zynga Sep ‘199M Easy JetMay ‘203.2BCOMB Compilation of previously stolen credentials Jan ‘21Exadata security practices and built-in security protection is applicable to Exadata on-premises •Exadata Cloud (ExaDB-D, ExaDB-C@C and Autonomous Database) inherit the benefitsplus additional cloud software and securitycompliance is added•Additional security collateral for DB Cloud offerings can be found at:•https:///a/ocom/docs/en gineered-systems/exadata/exadata-cloud-at-customer-security-controls.pdf •https:///corporate/securit y-practices/cloud/Exadata Cloud in OCI attains the following compliances, certifications, and/or attestations:Audit Reports✓PCI DSS✓HIPAA✓ISO 27001✓SOC I/SOC II✓C5/CSA STAR✓FedRAMP Moderate/DISA IL5Exadata Platform provides the foundation for Exadata DB CloudAudit Data & EventLogsData SafeAudit VaultAlertsReportsPoliciesNetwork EncryptionOracleKey VaultTransparentData EncryptionDF11233 U*1$5Ha1qui %H1HSKQ112 A14FASqw34 £$1DF@£!1ah HH!DA45S& DD1Discover Sensitive DataData SafeData Masking and SubsettingTest DevData RedactionDatabase VaultUsersApplicationsDatabase FirewallVirtual Private DatabaseLabel SecurityReal Application SecurityEventsData Driven SecurityDatabase Security ControlsDetectPreventAssessDatabase SecurityOpen Season for Attacks on Hardware, Firmware and Supply Chain •Securing application and network perimeter is no longer sufficient •Attacks are more sophisticated and getting deeper into the hardware •Environments are more complex and distributed•Server subcomponents are more capable but “soft”•More interesting to hackers•More potential for vulnerabilities and exploits•Supply chains are at riskExadata End-to-End Security Through-Out The Supply Chain •Oracle supply chain is closely integrated and monitored •Oracle ownership of core Hardware and Firmware IP•Security audit for all design releases•Suppliers understand and adhere to Oracle security policies•Encrypted transmission of design data•Oracle controlled systems qualification tests and validation•All firmware and software is digitally signed and certified•Secure Trade Agreements Act (TAA) compliant manufacturing for system integrationEnd-to-End SecuritySecurity-optimized, Security-focused, Security-hardenedHighly Available ArchitectureOracle MAA Best Practices Built-InDatabase Aware System SoftwareUnique algorithms vastly improve OLTP, Analytics, ConsolidationExtreme Performance, Availability, and SecurityExadata Maximum Security Architecture (MSA) VisionMSA Solution Highlights✓Smaller Footprint✓Access Restrictions✓Principle of Least Privilege ✓Audit Rules✓System Hardening✓File Integrity Monitoring✓Security Administration Tool ✓Pre-scanned Full Stack✓Multi-tenet Isolation✓Boot Device Protection✓Fast Crypto Erase✓Security Enabled Linux✓Memory Protection KeysSecurityOptimizedSecurityFocusedSecurityHardenedExadata Security Value-Add Overview“The Oracle Autonomous Database, which completely automates provisioning, management, tuning, and upgrade processes of database instances without any downtime, not just substantially increases security and compliance of sensitive data stored in Oracle Databases but makes a compelling argument for moving this data to the Oracle Cloud.”KuppingerCole AnalystsExadata reduces the attack surface by only including the software components required specifically to run the Oracle database (e.g., minimum Linux distribution)Smaller Installation FootprintExadata OL8~1060 pkgs Standard OL8~8000 pkgsNano Linux Kernel InstallationSecurity: OptimizedExadata uses a custom, nano (micro) kernel with removed dependencies that reduce size and features that are not needed in an enterprise data center.•Fewer device drivers•Smaller footprint•Improved upgrade timeTypical OL8 UEK kernel::kernel-uek-5.4.17-2136.306.1.3.el8uek.x86_64•DomU kernel size 135MBExadata OL8 UEK kernel (23.1.0.0.0):kernel-ueknano-5.4.17-2136.315.5.8.el8uek.x86_64•DomU kernel size 77MBNetwork Access to Storage ServersSecurity: OptimizedSoftware includes the cellwallservice that implements afirewall on each storage server•The SSH server is configured torespond to connectionrequests only on themanagement network (NET0)and the RDMA Network Fabric•The Exadata Storage Servershave no direct connectivity tothe client networkNo Unnecessary Services -Implement Principle of Least Privilege Security: FocusedUnnecessary insecure services such as telnet, ftp are disabled in the systemSecurity best practices require that each process run with the lowest privileges needed to perform the task. The following processes now run as non-privileged users:•Smart Scan processes: Performing a smart scan predicate evaluation does not require rootprivileges.•user cellofl and group celltrace•Select ExaWatcher processes: Some of the ExaWatcher commands that collect iostat, netstat, ps, top, and other information have been modified to run without requiring root user privilege•user exawatch and group exawatchAccess Control For RESTful ServiceSecurity: FocusedOracle Exadata System Software release 19.1.0 introduces a new capability for users to configure access control lists on the HTTPs access to the RESTful service•Specify a list of IP addresses or subnet masks to control access to the RESTful service via HTTPs •If not used, RESTful service can be disabled altogether•Applies to both Oracle Exadata Database and Storage Server# lsof -i -P -n | grep LISTEN | grep javajava<pid> dbmsvc55u IPv4 40193 0t0 TCP *:7879 (LISTEN)# dbmcli -e alter dbserver httpsAccess=noneThis command requires restarting MS. Continue? (y/n): yStopping MS services...The SHUTDOWN of MS services was successful.Updating HTTPs access control list.Starting MS services...The STARTUP of MS services was successful.DBServer successfully altered# lsof -i -P -n | grep LISTEN | grep javaOperating System Activity MonitoringSecurity-Focused•Each Exadata server is configured with auditd to audit system-level activity•manage audits and generate reports use the auditctl command.•Exadata specific audit rules are stored in the /etc/audit/rules.d/01-exadata_audit.rules file[root@vm01 ~]# auditctl -l-a always,exit -F arch=b32 -Schmod,lchown,fchmod,fchown,chown,setxattr,lsetxattr,fsetxattr,removexattr,lremovexattr,fremovexattr,fchownat ,fchmodat -F auid>=1000 -F auid!=-1 -F key=perm_mod-a always,exit -F arch=b64 -Schmod,fchmod,chown,fchown,lchown,setxattr,lsetxattr,fsetxattr,removexattr,lremovexattr,fremovexattr,fchownat ,fchmodat -F auid>=1000 -F auid!=-1 -F key=perm_mod-a always,exit -F arch=b32 -S open,creat,truncate,ftruncate,openat,open_by_handle_at -F exit=-EPERM -F auid>=1000 -F auid!=-1 -F key=access-a always,exit -F arch=b64 -S open,truncate,ftruncate,creat,openat,open_by_handle_at -F exit=-EPERM -F auid>=1000 -F auid!=-1 -F key=access…Encrypting System Log Information (rsyslog)Security-Focused•Management Server (MS) on database and storage servers supports the syslogconf attribute.•The syslogconf attribute extends syslog rules for a database server.•The attribute can be used to designate that syslog messages be forwarded to a specific remote syslogd service.•On the MS, the forwarded messages are directed to a file, console, or management application, depending on the syslog configuration on the MS.•This enables system logs from different servers to be aggregated and mined in a centralized logging server for security auditing, data mining, and so on.•Use certificates and the syslogconf attribute to configure encryption of the syslog informationOracle Exadata Deployment Assistant (OEDA)Resecure MachinePassword Complexity Password AgingResecure MachinePassword Expiration PermissionsSecurity-HardenedImplement the available features and security plan post deployment via host_access_control/opt/oracle.cellos/host_access_control apply-defaults --strict_compliance_only•INACTIVE=0•Deny on login failure count set to 5•Account lock_time after one failed login attempt set to 600•Password history (pam_unix remember) set to 10•Password strength set to pam_pwquality.so minlen=15 minclass=4 dcredit=-1 ucredit=-1 lcredit=-1 ocredit=-1 difok=8 maxrepeat=3 maxclassrepeat=4 local_users_only retry=3 authtok_type=•PermitRootLogin no•hard maxlogins 10•hmac-sha2-256,hmac-sha2-512 for both server and client•Password aging -M 60, -m 1, -W 7Subset of commands•access -User access from hosts, networks, etc.•auditd-options -Options for auditd•banner -Login banner management•fips-mode -FIPS mode for openSSH•idle-timeout -Shell and SSH client idle timeout control •pam-auth -PAM authentication settings •password-aging -Adjust current users' password aging •rootssh -Root user SSH access control•ssh-access -Allow or deny user and group SSH access •sshciphers -SSH cipher support control•ssh-macs -SSH supported MACs•sudo -User privilege control through sudoPre-scanned full stackSecurity-HardenedEvery Exadata release includes security and emergency fixes to address zero-day vulnerabilities discovered by our internal scanning tools.•Static/Dynamic code analyzing•Malware scans•Third-party software checks•Vulnerability scans•How to research Common Vulnerabilities and Exposures (CVE) for Exadata packages (Doc ID 2256887.1)•System hardening reviews (STIG)•Exadata OL8 System Hardening for STIG Security Compliance (Doc ID 2934166.1)•Exadata OL7 System Hardening for STIG Security Compliance (Doc ID 2614471.1)Customers take advantage of these fixes out of the box by just upgrading to the latest release •Number of issues reported should be much less compared to a custom configurationSecurity: Hardened Monthly Exadata Security Software Updates:•Security fixes •CVE mitigations•Future releases and dates are estimates only Exadata Releases CY2023JAN:22.1.721.2.20APR:23.1.122.1.1021.2.23JUL:23.1.422.1.13OCT:23.1.722.1.16FEB:22.1.821.2.21MAY:23.1.222.1.1121.2.24 (end)AUG:23.1.522.1.14NOV:23.1.822.1.17MAR:23.1.0 (new) 22.1.921.2.22JUN:23.1.322.1.12SEP:23.1.622.1.15DEC:23.1.922.1.18Common Vulnerabilities and Exposures (CVE) IDs issued across the international IT marketplace.That’s ~73 per day!Exadata Security Value Add:•Scanned images•Monthly releases26,448Oracle Linux CVE Mitigations for Exadata 22.1.xSecurity-Hardened0510152025303522.1.122.1.222.1.322.1.422.1.522.1.622.1.722.1.822.1.9N u m b e r o f M i t i g a t i o n s Exadata Release CVE Mitigations Per Release LOW MEDIUM HIGH CRITICALSecurity: Hardened “The Oracle Linux 8 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of the Department of Defense (DoD) information systems”Secure from Factory –Oracle Linux 8 STIG SCAP BenchmarkX9M KVM Guest on 23.1.0.0.0Delivered straight from the FACTORY!Standard Linux installation✓New (and existing) Security Features in ExadataMaximize Security, Maximize Performance, Maximum AvailabilityOracle Linux 8New in Exadata 23.1Oracle Exadata System Software 23.1.0 uses Oracle Linux 8 with the UEK6 kernel•Storage servers, bare-metal database servers, KVM hosts/guests, and OVM guests (DomU).•OVM management domains (Dom0) do not require Oracle Linux 8 and remain on Oracle Linux 7 with UEK5.•Rolling upgrade is supported from Oracle Linux 7 to Oracle Linux 8.OL8 Key security features:•Various SELinux improvements•Crypto-policies covers TLS, IPSec, SSH, DNSSec, and Kerberos protocols.•Modulus size for Diffie-Hellman parameters has been changed to 2048 bits.•DSA public key algorithms are disabled by default.•How to setup RSA SSH equivalence on Oracle Exadata nodes (Doc ID 2923095.1)•Default RSA key size increased to 3072 bits for the ssh-keygen toolCentralized Identification and Authentication of OS Users New in Exadata 23.1Database and storage server support for:•LDAP identity management systems•Kerberos authentication•Linux System Security Services Daemon (SSSD)•Pre-configured with Exadata-specific custom security profile•Customizations preserved across upgradesCentralizes accounts for enhanced security•Easier administration provisioning/deprovisioning•Easier password management•Enterprise security controlsSecurity Enabled Linux (SELinux)Feature Available in Exadata Software 21.2 onwards•The SELinux enhancement to the Linux kernel implements the Mandatory Access Control (MAC) policy, which allows defining a security policy that provides granular permissions for all users, programs, processes, files, and devices.•The system should first be placed in permissive mode to see if any Access Vector Cache (AVC) denials would need to be addressed BEFORE going to enforcing mode./opt/oracle.cellos/host_access_control selinux --helpOptions:-h, --help show this help message and exit-e, --enforcing set the SELinux state to enforcing-p, --permissive set the SELinux state to permissive-d, --disabled set the SELinux state to disabled (Exadata default)-r, --relabel Set the system for relabling-c, --config Display the configured SELinux state-s, --status Display the current SELinux statusFeature Available in Exadata Software 20.1 onwards Exadata Secure Fabric for RoCE systems implements network isolation for Virtual Machines while allowing access to commonExadata Storage Servers•Each Exadata VM Cluster is assigned a private network •VMs cannot communicate with each other•All VMs can communicate to the shared storage infrastructure •Security cannot be bypassed•Enforcement done by the network card on every packet•Rules programmed by hypervisor automaticallyExadata Secure RDMA Fabric Isolation for RoCEFIPS 140-2 for Oracle Linux Kernel/SSH on Exadata Database Nodes Feature Available in Exadata Software 20.1 onwards/opt/oracle.cellos/host_access_control fips-mode --enable•Requires a reboot•STIG mitigation: The Oracle Linux operating system must implement NIST FIPS-validatedcryptography for the following: to provision digital signatures, to generate cryptographic hashes, and to protect data requiring data-at-rest protections in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards.•STIG mitigation: The Oracle Linux operating system must use a FIPS 140-2 approved cryptographic algorithm for SSH communications./opt/oracle.cellos/host_access_control ssh-macs --secdefaults•STIG mitigation: The Oracle Linux operating system must be configured so that the SSH daemon is configured to only use Message Authentication Codes (MACs) employing FIPS 140-2 approved cryptographic hash algorithms.Management Server App Engine UpdateNew in Exadata Software 20.1Exadata 20.1 -Eclipse Jetty•Light-weight web server•Consumes considerably fewer system resources•Basic functionalities supported, extensible modules•Fewer CVE vulnerabilities –smaller attack vectors•Does not require a dedicated HTTP port for configuration purposesIntroduced in Exadata 19.3 for X7 and newerStorage Server Software Memory is partitioned with 16 colors •Four bits in each page table entry used to identify the color •Each thread is allowed to read/write and enable/disable to its matching color•Any access to a piece of memory that does not have the correct color traps the process•Protects against inadvertent software defects •Enabled out of the box with no tuning needed •Eliminates a class of potential memory corruptionsSecuring Storage Server Processes with Memory Protection KeysStorage BufferStorage BufferStorage BufferThread ThreadOther Security Processes for Storage ServersSecure Computing (seccomp) feature in Oracle Linux Kernel used to restrict system calls that can be made•Kernel has hundreds of system calls, most not needed by any given process•A seccomp filter defines whether a system call is allowed•Seccomp filters installed for cell server and offload processes automatically during upgrade •White-list set of system calls are allowed to be made from these processes•Seccomp performance additional validation of the argumentsDisabling SSH•Storage servers can be “locked” from SSH access•ExaCLI can still be used to perform operations•Communicates using HTTPS and REST APIs to a web service running on the server•Temporary access can be enabled for operational access if requiredExadata installs the system/software on alternating partitions•e.g. when upgrading to a newer version, the software is installed on the inactive partition and then booted to that partition This ensures a complete OS refresh is completed at each upgrade which minimizes the propagation of infected files.OS data is separate from database data •Database is safe from OS corruptionStorage Server Partition InstallationActive System Active SoftwareInactive SystemInactive Software M .2 S S DM .2 S S DAdvanced Intrusion Detection Environment (AIDE)•Help guard against unauthorized access to the files on your Exadata system.•AIDE creates a database of files on the system, and then uses that database to ensure file integrity and to detect system intrusions.# /opt/oracle.SupportTools/exadataAIDE -statusAIDE: daily cron is currently enabled.To add additional rules:Edit the file /etc/aide.confUpdate the AIDE database metadata.# /opt/oracle.SupportTools/exadataAIDE -uDatabase and Storage Server Secure Boot•Secure Boot is a method used to restrict which binaries can be executed to boot the system.•With Secure Boot, the system UEFI firmware will only allow the execution of boot loaders that carry the cryptographic signature of trusted entities•With each reboot of the server, every executed component is verified•This prevents malware from hiding embedded code in the boot chain•Intended to prevent boot-sector malware or kernel code injection•Hardware-based code signing•Extension of the UEFI firmware architecture•Can be enabled or disabled through the UEFI firmware•Restrict access to only the grid disks used by the Oracle ASM disk groups associated with a Oracle ASM cluster.•Restrict access for an Oracle Database instance to a specific set of grid disks.“Oracle Exadata Cloud@Customer uses the superior technology of Oracle Database as a cloud service delivered in our own data centers, meeting all of our data sovereignty and compliance requirements for the Regional Revitalization Cloud.”Norihito SendaNagoya BranchAdvanced Solution DepartmentCorporate Business HeadquartersNippon Telegraph and Telephone West Corporation (NTT WEST)Security Best PracticesThe security of a system is only as good as its weakest link•Regular scans should be run by YOU the owner of the system to ensure against any deviations from the delivered configurations•Maintaining the latest Software Update ensures the latest security vulnerabilities are mitigated•Tools and processes are there to assist in creating a secure environment, but must be used to actually create the secure environmentSecure Eraser•Provide a secure erasure solution for every component within Oracle Exadata Database Machine •Crypto-erase is used whenever possible and is fully compliant with the NIST SP-800-88r1 standard. Component Make or Model Erasure MethodCrypto eraseHard drive•8 TB hard drives on Oracle Exadata Database Machine X5•All hard drives on Oracle Exadata Database Machine X6 or laterHard drive All other hard drives1/3/7-Pass erase Flash device Flash devices on Oracle Exadata Database Machine X5 or later Crypto eraseFlash device All other flash devices7-pass eraseM.2 device Oracle Exadata Database Machine X7-2 or later Crypto eraseSecurity ReferencesOracle Exadata Database Machine Security FAQ•My Oracle Support (MOS) note: Doc ID 2751741.1Oracle Corporate Security Practices•https:///corporate/security-practices/Critical Patch Updates, Security Alerts and Bulletins•https:///technetwork/topics/security/alerts-086861.htmlOracle Corporate Security Blog•https:///security/Oracle Exadata Documentation•https:///en/engineered-systems/exadata-database-machine/books.htmlExadata Product Development Oracle CorporationSecurity MAA TeamThank You!。

摘要:0^。

位数据库在各类应用系统中负责存储平台所有的用户数据，数据库的可靠性及安全性直接影响平台的安全运行，目前采用的Oracle Replication方式来实现的数据库高可靠性已经显示出了弊端，本文介绍并分析了目前比较流行的几种数据库高可用性的架构：Oracle Replication、Oracle Rac、Oracle主机HA等，希望给大家一个参考。

1什么是高可用性（High Availability高可用（HA）性有两种不同的含义，在广义环境中是指整个系统的高可用性，在狭义方面一般指主机、服务的冗余，如主机HA、应用程序的HA等，无论那种情况，高可用性都可以包含如下一些方面：0系统失败或崩溃0应用层或者中间层错误0 网络失败0 介质失败：指一些存放数据的媒体介质故障0 人为错误0 系统的容灾备份0 计划内的维护或者重启可见，高可用性不仅包含了系统本身故障、应用层的故障、网络故障、认为操作的错误等，还包含数据的冗余、容灾及计划的维护时间等，也就是说一个真正的高可用环境，不仅能避免系统本身的问题，还应该能防止天灾、人祸，并且有一个可靠的系统升级及计划维护操作。

本文探讨的Oracle数据库层面的高可用性，不可避免也会涉及到一些主机、存储、操作系统方面的高可用性，因为要实现Oracle服务的连续性保障是离不开硬件层面的支持的。

随着Oracle技术的发展（Oralce 8i/9i/10g/11g），高可用性越来越完善、越来越可靠，本文介绍了四种Oracle高可用性的相关产品，并通过其实现方式和性能的比较得到在现在和未来的Vas2000系统中更适合的数据库高可用性方案：0 Oracle Parallel Server/Oracle Real Application Cluster (Oracle Rac ) 0 Oracle Standby Database/Oracle Data Guard0 Oracle Advanced Replication/Oracle Stream0 Oracle Server HA2 Oracle 并行数据库OPS/RACOPS 从Oracle 8i 开始提供，从Oracle 9i 开始成为RAC ,并且随着高性能PC SERVER 的普 及，Oracle Rac 也成为Oracle 高可用性产品最流行的一种架构，Oracle Rac 通过组织多个服 务器的Cluster 来获得更大的计算处理能力和故障处理能力的集群。