Skip to main content
SpringerLink
Log in
Book cover

ISSE 2008 Securing Electronic Business Processes pp 296–306Cite as

Managing vulnerabilities and achieving compliance for Oracle databases in a modern ERP environment

  • Chapter

  • 457 Accesses

Abstract

In this paper we summarize good practices on how to achieve compliance for an Oracle database in combination with an ERP system. We use an integrated approach to cover both the management of vulnerabilities (preventive measures) and the use of logging and auditing features (detective controls). This concise overview focusses on the combination Oracle and SAP and it’s dependencies, but also outlines security issues that arise with other ERP systems. Using practical examples, we demonstrate common vulnerabilities and coutermeasures as well as guidelines for the use of auditing features.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. SAP AG, TCP/IP Ports Used by SAP Applications: https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/ docs/library/uuid/4e515a43-0e01-0010-2da1-9bcc452c280b

    Google Scholar 

  2. Portscanner nmap: http://nmap.org

    Google Scholar 

  3. Oracle Auditing Tools: http://www.cqure.net/

    Google Scholar 

  4. SAP AG, SAP Security Guide: http://help.sap.com/saphelp_nw04/helpdata/en/ed/18cc38e6df4741a26 4bddcd4f98ae2/frameset.htm

    Google Scholar 

  5. SAP AG, SAP Note 1140644: http://service.sap.com/notes

    Google Scholar 

  6. ISO/IEC 27001:2005(E)

    Google Scholar 

  7. SAP AG, SAP Note 105047: http://service.sap.com/notes

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. KPMG Deutsche Treuhand-Gesellschaft Aktiengesellschaft Wirtschaftsprüfungsgesellschaft, Alfredstr. 277, D-45133, Essen

    Stefan Hölzner & Jan Kästle

Authors
  1. Stefan Hölzner
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jan Kästle
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Norbert Pohlmann Helmut Reimer Wolfgang Schneider

Rights and permissions

Reprints and permissions

Copyright information

© 2009 Vieweg+Teubner | GWV Fachverlage GmbH, Wiesbaden

About this chapter

Cite this chapter

Hölzner, S., Kästle, J. (2009). Managing vulnerabilities and achieving compliance for Oracle databases in a modern ERP environment. In: Pohlmann, N., Reimer, H., Schneider, W. (eds) ISSE 2008 Securing Electronic Business Processes. Vieweg+Teubner. https://doi.org/10.1007/978-3-8348-9283-6_31

Download citation

  • DOI: https://doi.org/10.1007/978-3-8348-9283-6_31

  • Publisher Name: Vieweg+Teubner

  • Print ISBN: 978-3-8348-0660-4

  • Online ISBN: 978-3-8348-9283-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation