[Search for users]
[Overall Top Noters]
[List of all Conferences]
[Download this site]
| Title: | DEC Rdb against the World |
|
| Moderator: | HERON::GODFRIND |
|
| Created: | Fri Jun 12 1987 |
| Last Modified: | Thu Feb 23 1995 |
| Last Successful Update: | Fri Jun 06 1997 |
| Number of topics: | 1348 |
| Total number of notes: | 5438 |
1171.0. "Trusted Oracle announcement" by MRKTNG::SILVERBERG (Mark Silverberg DTN 264-2269 TTB1-5/B3) Wed Jul 15 1992 13:37
Oracle Corporation Announces Trusted ORACLE7
Multilevel Secure Database extends ORACLE7 Cooperative-Server Technology
WASHINGTON, D.C., July 14, 1992 -- Oracle Corporation today announced Trusted
ORACLE7, Oracle's new high security database management product. Trusted
ORACLE7 includes all of the impressive features and functionality of Oracle's
revolutionary new cooperative-server database technology, ORACLE7, and adds
advanced multilevel security features to protect sensitive enterprise data.
Trusted ORACLE7 provides multilevel security to protect data of various
sensitivities during the concurrent storage, manipulation, and retrieval by
users with the corresponding authorizations and clearances. Trusted ORACLE7
provides portability to the quickly expanding range of open and proprietary
multilevel secure (MLS) operating systems as well as data sharing and
connectivity to MLS servers running Trusted ORACLE7 and even non-MLS servers
running ORACLE7 or ORACLE Version 6. Trusted ORACLE7 protects customer's
existing investment in applications, tools, and training by utilizing the same
open application development tools as non-MLS sites, such as Oracle's
SQL*Forms, SQL*ReportWriter, or other Oracle and third-party tools.
"When we built Trusted ORACLE7 for high security, we included all the
things that users demand from an open, portable, high performance, full
functionality DBMS," said Lawrence J. Ellison, President and Chief Executive
Officer of Oracle Corporation. "Security without compromise; with Trusted
ORACLE7, users can have it all. Anything less would have been unacceptable to
Oracle and to our customers."
Trusted ORACLE7 is in the Design Analysis Phase (DAP) of the U.S.
National Computer Security Center's (NCSC) Trusted Product Evaluation Program,
targeted for Class B1 of the U.S. government's Trusted Computer System
Evaluation Criteria or "Orange Book". Similarly, ORACLE7 is in DAP at Class
C2. These products are also designed to meet the F-B1, E3 and F-C2, E3
requirements, respectively, of the European Information Technology Security
Evaluation Criteria (ITSEC).
Oracle also announced today that Trusted ORACLE7 has successfully
completed testing and certification by the U.S. National Institute of Standards
and Technology (NIST) and is 100% compliant with the U.S. Federal Information
Processing Standard (FIPS PUB 127-1), including the integrity enhancement
option. Trusted ORACLE7 is the only multilevel secure (MLS) DBMS to have
passed all the NIST ISO/ANSI SQL89 tests.
Oracle's announcement of its multilevel secure DBMS comes at a time
when many government procurements are requiring multilevel security. Both
ORACLE7 and Trusted ORACLE7 are part of several U.S. and European procurements,
including the U.S. Department of the Navy's TAC-3 program, recently awarded to
Hughes Data Systems.
"TAC-3 provides our customers with leading edge workstation hardware
and software technology in performance, functionality, security and open
architecture standards," said Steve Kellum of Hughes Data Systems. "These new
Oracle products are key components. Our customers are extremely excited about
the TAC-3 program."
Trusted ORACLE7 builds upon the security policy and labels defined to
the underlying MLS operating system by applying the policy to database objects,
such as tables, views, or even individual rows. Mandatory access control (MAC)
provides increased security by the use of labels to identify the sensitivity of
data and the clearances of users. A user's session label must match or
dominate the label of the data he is attempting to access in order for access
to be granted by the system. Since the sensitivity label remains associated
with the data, inappropriate dissemination of the data is automatically
controlled instead of relying on any user's "discretion".
Normally, users can read only the information that is dominated by
their session label and can insert, update or delete information at the same
level as their session label. However, Trusted ORACLE also permits
sufficiently privileged users, such as security officers and other site-defined
personnel or trusted applications, to be granted readup, writedown, or writeup
(upgrade and downgrade) privileges. An example of the use of these special
privileges is to have a program or procedure stored in the database that will
automatically downgrade certain records after 90 days.
Additionally, Trusted ORACLE7 reduces the need to maintain physical
isolation and separation of systems, or to store redundant data, by maintaining
controlled separation of sensitive data while simultaneously allowing sharing
of other data stored in the database. For example, proprietary financial data
can be separated from proprietary engineering data, but financial and
engineering applications can simultaneously access and share non-proprietary
information as required, with all the information stored on a single machine.
In older systems, sensitive financial and engineering data may have been stored
on separate, non-networked machines which required separate maintenance and
prevented on-line sharing of data.
While Trusted ORACLE7 can replace such inefficient non-shared or
segregated systems, this does not preclude the need for networked systems and
distributed databases. Therefore, Trusted ORACLE7 has also addressed MLS
network interface issues so that the full power of cooperative-server
technology, present in ORACLE7, can be utilized in an MLS environment. This is
achieved by providing support via Trusted ORACLE7 and SQL*Net, Oracle's
networking product, for secure network protocols such as MaxSix. The Trusted
ORACLE7 Developer's Release currently available on HP-UX BLS is the first MLS
database to include support for this new MLS network protocol being implemented
by many OS vendors. Additionally, many hardware vendors are now making robust
multilevel secure platforms available.
"HP shares Oracle's commitment to secure computing," said Thomas
Steipp, general manager of HP's Federal Computer Operation. "The fact that
Trusted ORACLE7 is currently undergoing NCSC B1 evaluation and has successfully
completed NIST SQL testing on our HP-UX BLS platform demonstrates HP and
Oracle's commitment to secure computing in the Federal market."
"DEC has a history of providing secure, open solutions for its
customers, as demonstrated by our B1 target Security Enhanced OpenVMS product,
and our recently announced B1/CMW target Ultrix MLS+ product," said Pete
Hatfield, Industry Marketing Manager of DEC's Defense Agencies Group. "The
availability of Trusted ORACLE7 on both of these platforms will give our
customers a wide range of secure solutions that meet their business
objectives."
"We are excited about the synergistic multilevel security products
coming from Sun Microsystems and from Oracle, both leading suppliers of secure
solutions to the Federal marketplace," said George Sullivan, Secure Products
Manager for Sun Federal. "The high functionality of Trusted ORACLE7, running
on our SunOS CMW Compartmented Mode Workstation, will ensure that our users
have a powerful and complete secure computing environment."
Trusted ORACLE7 is designed so that database developers can build new
applications and/or migrate existing applications to take advantage of the
benefits provided by multilevel security. Trusted ORACLE7 provides many other
new features, such as database roles, resource limits, stored procedures, and
database triggers, that allow database developers to implement even more
granular site-specific security, integrity, audit, and other relevant business
policies in a consistent and declarative manner. Under the product's developer
and beta release programs, users have already seen the advantages of these
capabilities.
"CACI uses ORACLE as the underlying database for our C%GATE
Configuration Management products in support of our CALS (Computer Aided
Acquisition and Logistics Support) clients," said George Mahelona, CACI
International's Vice President of Logistic Engineering. "Trusted ORACLE7 now
provides a direct path for migrating our commercial and DOD applications and
data to multilevel secure environments, increasingly a critical CALS
requirement."
Trusted ORACLE7 is currently installed at a number of customer sites,
including major system integrators. Reaction from these early sites so far has
been very positive. One of these sites is General Electric Aerospace Military
and Data Systems of Valley Forge, PA. "It looks like Oracle really did their
homework on this one," said Bob Verenna, database expert, General Electric
Aerospace. "Initial indications are that they have provided a flexible yet
robust secure relational DBMS for the B1 environment that is required by many
of the new procurements."
Product Availability
The developer's release of Trusted ORACLE7 is currently available on
DEC SEVMS and Hewlett-Packard HP-UX BLS, and will be available on DEC ULTRIX
MLS+ compartmented mode workstation (CMW) within 60 days. Availability on
emerging MLS systems such as SunOS CMW, IBM RS6000 AIX CMW, and ICL DRS/NX V4.0
Security Option is expected within 90 days of full production availability of
the respective platforms.
| T.R | Title | User | Personal
Name | Date | Lines |
|---|
| 1171.1 | Trusted Oracle7 support for ULTRIX MLS+ | MRKTNG::SILVERBERG | Mark Silverberg DTN 264-2269 TTB1-5/B3 | Wed Oct 14 1992 19:21 | 99 |
|
Dan Potter
Oracle Corp.
Manager, Marketing Programs
Midrange Systems
(415) 506-6264
---- Included Message ----
Received: 10-13-92 20:53 Sent: 10-13-92 17:46
From: sm3.US
To: SENDMAIL
Subject: ORACLE ANNOUNCES TRUSTED ORACLE7 FOR RISC ULTRIX MLS+
Reply-To: KDOBBS.US
Original-To-List: ORACORP
*******************************************************************************
ORACLE ANNOUNCE TRUSTED ORACLE7 FOR RISC ULTRIX MLS+
Multilevel Secure Database Extends ORACLE7 Cooperative-Server Technology
REDWOOD SHORES, Calif., October 14, 1992 -- Oracle Corporation today announced
the availability of the Developer's Release of the Trusted ORACLE7(tm) Database
Management System (DBMS), Oracle's new high security database product for
Digital Equipment Corporation's RISC Ultrix MLS+(tm). The developer's release
of Trusted ORACLE7 for RISC Ultrix MLS+ joins the company's recently announced
support for Digital's SEVMS.
Trusted ORACLE7 includes all of the features and functionality of the
ORACLE7(tm) cooperative-server database and adds advanced multilevel security
(MLS) features to protect sensitive enterprise data.
Trusted ORACLE7 provides MLS to protect data during concurrent storage,
manipulation, and retrieval by users with the corresponding authorizations and
clearances. Trusted ORACLE7 is portable and can be quickly expanded to a wide
range of open and proprietary MLS operating systems. This allows data
sharing, connectivity to MLS servers running Trusted ORACLE7 and non-MLS
servers running ORACLE7 or ORACLE Version 6. Trusted ORACLE7 for RISC Ultrix
MLS+ protects customer's existing investment in applications, tools, and
training by using the same application development tools as non-MLS sites, such
as Oracle's SQL*Forms(tm), SQL*ReportWriter(tm), and other Oracle and
third-party tools.
"The Developer's Release of Trusted ORACLE7 for both RISC Ultrix MLS+
and SEVMS is in response to the strong demand from our Digital customers who
were looking for an enterprise-wide secure database solution," said Nimish
Mehta, vice president of midrange products division at Oracle Corporation.
"The availability of Trusted ORACLE7 for RISC Ultrix MLS+ and SEVMS offers
customers all the functionality of ORACLE7 without compromising database
security."
"DEC has a history of providing secure, open solutions for its
customers, as demonstrated by our B1 target Security Enhanced OpenVMS product,
and our recently announced B1/CMW target Ultrix MLS+ product," said Pete
Hatfield, industry marketing manager of DEC's Defense Agencies Group. "The
availability of Trusted ORACLE7 on both of these platforms will give our
customers a wide range of secure solutions that meet their business
objectives."
Trusted ORACLE7 is in the Design Analysis Phase (DAP) of the U.S.
National Computer Security Center's (NCSC) Trusted Product Evaluation Program,
targeted for Class B1 of the U.S. government's Trusted Computer System
Evaluation Criteria or "Orange Book". Similarly, ORACLE7 is in DAP at Class
C2. These products are also designed to meet the F-B1, E3 and F-C2, E3
requirements, respectively, of the European Information Technology Security
Evaluation Criteria (ITSEC).
Trusted ORACLE7 has successfully completed testing and certification by
the U.S. National Institute of Standards and Technology (NIST) and is 100%
compliant with the U.S. Federal Information Processing Standard (FIPS PUB
127-1), including the integrity enhancement option. Trusted ORACLE7 is the
only multilevel secure (MLS) DBMS to have passed all the NIST ISO/ANSI SQL89
tests.
Trusted ORACLE7 is designed so that database developers can build new
applications and/or migrate existing applications to take advantage of the
benefits provided by MLS. Trusted ORACLE7 features include database roles,
resource limits, stored procedures, and database triggers. Database triggers
allow developers to implement even more granular site-specific security,
integrity, audit, and other relevant business policies in a consistent and
declarative manner. Under the product's developer and beta release programs,
users have already seen the advantages of these capabilities.
Trusted ORACLE7 will be demonstrated on RISC Ultrix MLS+ at the NCSC
Conference in Baltimore, Maryland from October 13-15, 1992.
About Oracle
Oracle Corporation, headquartered in Redwood Shores, California, is the
world's largest supplier of database software.
Oracle develops and markets an integrated family of software products
for database management; tools for CASE, application development, and office
automation; and application packages for accounting and manufacturing. Oracle
software runs on PCs, workstations, minicomputers, mainframes and massively
parallel computers.
The company offers its products, along with related consulting,
education and support services, in 92 countries around the world. Oracle is a
publicly-held corporation whose shares are traded on NASDAQ/NMS with the ticker
symbol ORCL.
For further information about Oracle, call Oracle corporate
headquarters at 415/506-7000, or write to Oracle Corporation, 500 Oracle
Parkway, Box 659509, Redwood Shores, CA 94065.
###
ORACLE is a registered trademark of Oracle Corporation. ORACLE7 and Trusted
ORACLE7 are trademarks of Oracle Corporation. Ultrix and OpenVMS are
trademarks of Digital Equipment Corporation.
|