Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-52241 | O112-C2-012000 | SV-66457r1_rule | Medium |
Description |
---|
Application recovery and reconstitution constitutes executing an information system contingency plan comprised of activities that restore essential missions and business functions. Database management systems and transaction-based processing systems are examples of information systems that are transaction-based. Transaction rollback and transaction journaling are examples of mechanisms supporting transaction recovery. A DBMS may be vulnerable to use of compromised data or other critical files during recovery. Use of compromised files could introduce maliciously altered application code, relaxed security settings or loss of data integrity. Where available, DBMS mechanisms to ensure use of only trusted files can help protect the database from this type of compromise during DBMS recovery. |
STIG | Date |
---|---|
Oracle Database 11.2g Security Technical Implementation Guide | 2019-12-10 |
Check Text ( C-54297r1_chk ) |
---|
Review DBMS recovery procedures and technical system features to determine if mechanisms exist and are in place to specify use of trusted files during DBMS recovery. If recovery procedures do not exist or are not sufficient to ensure recovery is done in a secure and verifiable manner, this is a finding. If system features exist and are not employed or not employed sufficiently, this is a finding. If circumstances that can inhibit a trusted recovery are not documented and appropriate mitigating procedures have not been put in place, this is a finding. Review the database backup strategy with the system administrator. Consider using Oracle RMAN with an encrypted backup to insure you have files that can be trusted not to be compromised. |
Fix Text (F-57057r1_fix) |
---|
Implement DBMS recovery procedures and employ technical system features to specify trusted files during DBMS recovery. Test the solution and review the site-specific criteria to ensure that the backup and recovery process uses trusted files. Ensure circumstances that can inhibit a trusted recovery are documented and appropriate mitigating procedures have been put in place. Oracle recommends using RMAN Backup and encrypting backup files. With encrypted files stored on a mount point with limited access, the integrity of the files can be trusted. - - - - - Notes on Oracle Backup and Recovery Solutions When implementing a backup and recovery strategy, you have the following solutions available: -- Recovery Manager (RMAN) Recovery Manager is fully integrated with the Oracle database to perform a range of backup and recovery activities, including maintaining an RMAN repository of historical data about backups. You can access RMAN through the command line or through Oracle Enterprise Manager. -- User-managed backup and recovery In this solution, you perform backup and recovery with a mixture of host operating system commands and SQL*Plus recovery commands. You are responsible for determining all aspects of when and how backups and recovery are done. -- Media management If you do not want to use RMAN with an encrypted backup, consider configuring RMAN to make backups to a media manager. On most platforms, to back up to and restore from sequential media such as tape, you must integrate a media manager with your Oracle database. You can use Oracle Secure Backup, which supports both database and file system backups to tape, as your media manager. See Oracle Secure Backup Administrator's Guide to learn how to set up RMAN for use specifically with Oracle Secure Backup. These solutions are supported by Oracle and are fully documented, but RMAN is the preferred solution for database backup and recovery. RMAN provides a common interface for backup tasks across different host operating systems, and offers several backup techniques not available through user-managed methods. -- Incremental backups: An incremental backup stores only blocks changed since a previous backup. Thus, they provide more compact backups and faster recovery, thereby reducing the need to apply redo during data file media recovery. If you enable block change tracking, then you can improve performance by avoiding full scans of every input data file. You use the BACKUP INCREMENTAL command to perform incremental backups. -- Block media recovery You can repair a data file with only a small number of corrupt data blocks without taking it offline or restoring it from backup. You use the RECOVER BLOCK command to perform block media recovery. -- Binary compression A binary compression mechanism integrated into Oracle Database reduces the size of backups. -- Encrypted backups -- RMAN uses backup encryption capabilities integrated into Oracle Database to store backup sets in an encrypted format. To create encrypted backups on disk, the database must use the Advanced Security Option. To create encrypted backups directly on tape, RMAN must use the Oracle Secure Backup SBT interface but does not require the Advanced Security Option. -- Automated database duplication Easily creates a copy of your database, supporting various storage configurations, including direct duplication between ASM databases. -- Cross-platform data conversion Whether you use RMAN or user-managed methods, you can supplement physical backups with logical backups of schema objects made with Data Pump Export utility. You can later use Data Pump Import to re-create data after restore and recovery. Logical backups are mostly beyond the scope of the backup and recovery documentation. |