Oracle Audit Protection Guarantee
The thought of being chosen for an Oracle Audit brings on moments of panic for even the most seasoned CIO or DBA. There is a whole industry of companies (Software Licensing Consultants) that will assist you in the event of an Oracle Audit. They will help you try to mitigate the risk of a current audit. Up till now not a single one of these firms would offer you an Oracle Audit Protection Guarantee. That has all just changed, and will be revealed later in this article. There are a number of lawyers who have booming practices dealing with software license issues. The internet is full of stories of companies who have been through the ugly process of an Oracle audit or had to deal with Oracle aggressive sales techniques associated with the audit.
A client ran into a recovery scenario recently that made me realize that some of the simpler scenarios are often forgotten. So this is a quick post just as a reminder some recovery scenarios can be easy. And it emphasizes how Oracle works to ensure that recovery is quick and painless.
PL/SQL applications consist – generally – of many procedures, functions and packages. A group of them can be invoked directly by applications as entry points of their user requirements while others are invoked by other packages as part of application business design.
Before Oracle 12c – in terms of database security – there was no difference between these two groups, and a granted user was able to execute any of these many units irrestrictively.
Oracle 12c introduces a new optional ACCESSIBLE BY clause that enables you to prevent package executions from outside the business logic, specifying a whitelist of predefined known elements that can only access a specific PL/SQL unit.
Until Oracle Database 12c, Oracle processes did not run as threads on UNIX and Linux systems. Every dedicated connection was represented by an operating system process and, in systems where high workload was an issue, the only way to reduce CPU and memory usage was to switch from dedicated connections to shared connections using the multithreaded server (MTS) feature.