Access Control

Administration console

    home page

    managing instances

    managing requests

    managing workspaces

    monitoring activity

Advanced security option (ASO)

    network encryption

    TDE

APEX applications

APEX export reports

    column restrictions

        interactive reports

        standard reports

    drawbacks

    maximum row count

    restricting records

        with PL/SQL (see Restricting records)

        with ROWNUM

APEX instance

    APEX_ADMINISTRATOR_ROLE

    APEX_INSTANCE_ADMIN APIs

    configuration and management

    runtime mode

APEX listener

APEX security plan

Application context, views

Application Express (APEX)

    administration console

        home page

        managing instances

        managing requests

        managing workspaces

        monitoring activity

    application builder

    architecture

        jQuery

        PL/SQL and JavaScript

        schemas

    database application

    definition

    developer tools

    export reports (see APEX export reports)

    foundation components

    infrastructure

        APEX listener

        embedded PL/SQL gateway (EPG)

        Oracle HTTP server

    metadata-based architecture

        limitations

        views

    overview of

    schemas

        APEX_040200

        APEX_PUBLIC_USER

        FLOW_FILES

        FLOWS_FILES

    transactions

        fProcedure

        session state

        WWV_FLOW.ACCEPT procedure

        WWV_FLOW.SHOW

    workspaces

        components

        schema mappings

        users and roles

Application settings

    availability attribute

        to developers only

        with edit links

        restricted access

        SET_FLOW_STATUS procedure

        settings

        via SQL developer

        unavailable status

    build status

    compatibility mode attribute

    debugging

    definition section

    e-mails address

    feedback

    global notification attribute

    logging

    security attribute

        authorization scheme

        cache

        cleanup PL/SQL code

        deep linking

        embed in frames

        HTML escaping mode

        initialization PL/SQL code

        parsing schema setting

        public user and authentication scheme

        run on public pages option

        session state protection option

        session timeout

    substitution strings

    user interface attributes

Application threats

Authentication scheme

    Application Express users

    components

        login processing settings

        post logout URL

        session cookie attributes

        session not valid settings

        source region

    custom

    database accounts

    HTTP header variable

    LDAP directory

    login page

        in APEX 4.0 and prior versions

        APEX 4.2

        companies

        developers

        get username cookie

        logout

        security attributes section

        session cookie

        set username cookie process

        user interfaces section

    no authentication scheme

    OASSSO

    open door credentials scheme

Authorization inconsistency

Authorization scheme

    access control

    attributes

    gatekeeper authorization scheme

    inconsistencies

    methods

    page-level authorization scheme

    role location

    subscriptions

    table-based roles

    utilization report

Blacklisting

Clickjacking

Column-level encryption

Column masking and obfuscation

    reports

    types

Cross-site scripting (XSS) attack

    anatomy of

    data sanitization

        APEX_ESCAPE

        column formatting

        cookies

        frames

        HTML regions and items

        restricted characters attribute

    persistent XSS attacks

    reflexive XSS attacks

Custom authentication scheme

    APIs

        APEX_AUTHENTICATION

        APEX_CUSTOM_AUTH

        APEX_LDAP

        APEX_UTIL

        SET_AUTHENTICATION_RESULT

    attributes

    invalid session procedure

    legacy attributes section

    restriction

    sentry function

DATA and SHADOW schemas

Database access descriptor (DAD)

DBMS_CRYPTO package

Embedded PL/SQL gateway (EPG)

Encryption

    APEX

        application computations

        collections

        data encryption

        DBMS_CRYPTO package

        encrypt_data and decrypt_data

        item-level attribute

        session state

    ASO (see Advanced security option (ASO))

    HTTPS

        instance admin console/application development environment

        packet peeper

        secure cookie attributes section

Enkitec eSERT

Fine-grained access control

Gatekeeper authorization scheme

Health Insurance Portability and Accountability Act (HIPAA)

HTTP Header Variable

HTTPS

Instance administration console

    manage workspaces (see Manage Workspaces section)

    Monitor Activity (see Monitor Activity section)

    Manage Instance (see Manage Instance section)

Instance settings

    APEX_ADMINISTRATOR_ROLE

    APEX_INSTANCE_ADMIN APIs

    configuration and management

    Manage instance section

        feature configuration

        main page

    runtime mode

    security

    workspace login

Lightweight directory access protocol (LDAP)

Manage Instance section

    application activity log

    Database Monitoring

    demonstration objects

    enable application tracing

    enable service requests

    feature configuration

        packaged application

        PL/SQL program units

        SQL Workshop

        Websheet objects

    Instance Settings section

        delete uploaded files after (days) feature

        E-mail provisioning status

        E-mail section

        encrypted tablespaces

        message setting

        notification E-mail address

        provisioning status setting

        purge sessions region

        recent sessions report

        report printing options

        require new schema

        self service sign up

        session state

        session state statistics report

        verification code

        wallet password

        wallet path

    packaged application

    PL/SQL program units

    main page

    security attributes

        account password lifetime (days) setting

        allow public file upload setting

        allow RESTful Access

        disable administrator login

        disable workspace login

        domain names

        failed login

        File Browser APEX

        HTTPS setting

        inbound proxy servers

        instance proxy setting

        login controls section

        maximum session length and idle time in seconds

        method for computing the delay setting

        Outbound HTTPS setting

        password reset and locking policy

        restrict access, IP address

        set workspace cookie option

        workspace password policy setting

    Session State

        logs and files section

        message setting

        Purge Sessions region

        Recent Sessions report

        Self Service Sign Up

        session state statistics report

    SQL workshop

    websheet objects

    workspace purge settings

    workspaces

Manage workspaces section

    application attributes, status report

    component availability

    create multiple workspaces

    create workspace option

    export and import

    lock workspace

    manage developers and users section

        APEX account types

        forgot passwords

        internal workspace

        users

    remove workspace

    reports

        existing workspace report

        workspace database privileges

    schema assignments

Mobile applications

    HTML-based application

    native application development

    security

    shadow schema

Monitor Activity section

    archived activity reports

    dashboard reports

    realtime monitor reports

        calendar reports

        developer activity

        login attempts

        page views

Network encryption

No authentication scheme

Open door credentials scheme

Oracle Application Server Single Sign-On (OASSSO) authentication scheme

Oracle Enterprise Manager (OEM)

    registration

    security options

Oracle HTTP Server

Packet peeper

Page-level authorization scheme

Page settings

    authentication attribute

    authorization scheme

    browser cache

    deep linking attribute

    duplicate submission

    form auto complete attribute

    page access protection

    read only attribute

    server cache

Persistent XSS attacks

PL/SQL package, views

Preventable threats

    cross-site scripting

    SQL injection

    URL tempering

Reflexive XSS attacks

Region settings

    APEX conditions

    authorization schemes

    caching

    read only setting

Report settings

Restricting records

    with PL/SQL

        application item

        application process

        authorization checks

        custom_export procedure

        disable built-in export controls

        download link

        error handling

        error message

        fetching static ID

        p1_emp_classic procedure

        PL/SQL package

        shortcuts

        static ID

    with ROWNUM

Secure views

    in APEX

    benefits and drawbacks

    components

        application context

        attributes

        PL/SQL procedure

        SQL

Security plan

    assessments

        access control

        application management

        auditing and monitoring

        data access

        risk analysis

    breach simulation

    categories

    contingency

    design phase

    development

    review process

        automated

        manual

Shadow schema

    components

        APEX application

        database

        data schema

        DML APIs and processes

        grants and synonyms

        revoke system privileges

        system and user event triggers function

        table API processes

    concept of

    securing data

        application context

        PL/SQL initialization code

        synonym

        views

SQL injection attack

    anatomy of

    in APEX, bind variables and dynamic SQL

    ename

    EXECUTE IMMEDIATE

    PL/SQL procedure

    value KING

SYS_CONTEXT procedure, views

Tablespace-level encryption

Threats

    assessment

        application security

        data and privileges

        home security

    categories

    preventable threats

        cross-site scripting

        SQL injection

        URL tempering

    unpreventable threats

Transparent data encryption (TDE)

    column-level encryption

    tablespace-level encryption

Unpreventable threats

URL tampering

    authorization inconsistency

    page and item protection

    Virtual Private Database and secure views

User authentication

User authorization

Users and groups management

    account privileges section

    attribute–developer/administrator password

    developers

    end users

    expire password

    password region

    user groups region

    user identification section

    workspace administrators

Views. See also Secure views

    Application context

    PL/SQL package

    SYS_CONTEXT procedure

Virtual private database (VPDs)

    APEX integration

        column masking and obfuscation

        VPD policy function

    column-level policies

    evolution of

    in OEM

Whitelisting

Workspace(s)

    components

        application builder

        SQL workshop

        team development

        websheets

    drawbacks

    schema mappings

    subscriptions

    technical benefits

    users and roles

        developers

        end user

        workspace administrator

Workspace administrators

    best practices

    Manage Service

    manage users and groups (see Users and groups management)

    monitor activity

Workspace settings

    manage meta data

        build status report

        session state section

        troubleshooting process

    service requests, accessible schemas

    workspace preferences

        account login control

        module access