And other insurance 2.0 includes hardware, storage, middleware, security norms in all aspects of the database, is associated with the Oracle database contents are summarized as follows, for reference:
A secure computing environment
1, authentication:
a, respond to user login identification and authentication of identity, identity is unique, identifying information has complexity requirements and change them regularly;
b, should have failed login processing functions, you should configure and enable the end of the session, to limit the number of illegal landing and landing when the connection times out automatically exit and other related measures;
c, when remote management, should take the necessary measures to prevent eavesdropping identification information transmission in the network;
Second, access control:
a, respond to user accounts and assign permissions landing;
b, should rename or delete the default account, modify the default account default password;
c, should promptly remove or disable unwanted, expired accounts, to avoid the presence of shared accounts;
d, the minimum required permissions should be granted administrative user, manage the user's permission separation;
Third, the credible verification:
Fourth, data integrity:
Fifth, the remaining information protection:
Sixth, the Personal Information Protection:
Seven security audit:
a, should enable the security audit function, the audit coverage to each user, the user behavior on important events and important safety audits;
b, audit records should include the date and time of the event, user, type of event, whether the event is successful and other audit-related information;
c, to deal with audit records protection, regular backups, avoid receiving unexpected delete, modify or cover and so on;
d, to deal with the audit process is protected against unauthorized interruption;
Eight, Intrusion Prevention:
a, should follow the principle of minimum installation, and install only the components required by the application;
b, should be shut down unnecessary system services, and high-risk default shared port;
c, should be able to find known vulnerabilities that may exist, and after sufficient testing and evaluation, timely repair loopholes;
d, should be able to detect the behavior of an important node invasion, and provide intrusion alarm when critical events occur;
Nine, malicious code prevention:
Ten, data backup and recovery:
a, shall provide local data backup and recovery of critical data;
B, should provide remote backup embodiments, using the communication network in real-time critical data backup to the backup site;
C, heat should provide important redundancy data processing system to ensure high availability of the system;