The following new features affect Oracle Database 2 Day + Security Guide:

• New initialization parameter to secure user accounts

  Starting with this release, you can use the INACTIVE_ACCOUNT_TIME parameter to automatically lock the account of a database user who has not logged in to the database instance in a specified number of days.

  See Parameters Used to Secure User Accounts for more information.

• The following parameters have been changed to accommodate the Security Technical Implementation Guide (STIG) requirements, which standardize protocols that are used to enforce security:

  • The default for SEC_PROTOCOL_ERROR_FURTHER_ACTION is now (DROP,3).

  • The default for SEC_MAX_FAILED_LOGIN_ATTEMPTS is now 3.

  • The default for SQL92_SECURITY PARAMETER is now TRUE.

  See Oracle Database Reference for more information about initialization parameters.

• Oracle Data Redaction enhancements

  Oracle Data Redaction provides several new features for this release, including the ability to redact column data by replacing it with null values, and the ability to create a central library of regular expressions used in Data Redaction policies.

  See About Oracle Data Redaction for more information.

The following feature has been desupported for this release:

• MAX_ENABLED_ROLES initialization parameter, because it has not been used since Oracle Database Release 10g