Please submit your 1 best candidate to [EMAIL PROTECTED]
Work location Houston 77060
Additional notes: This is for an Oracle expert. Advanced Security Option
(ASO) is a part of Oracle. The candidate needs Oracle V 10+.
Begin Date: 10/28/2008
End Date: 1/31/2009
Role: Project,Dev,Level II,Consultant
Work Description: Require consulting assistance with Advanced Security
Option (ASO) and Oracle Internet Directory (OID) Configuration/Deployment
More specifically, require assistance with the following:
1. Provide an assessment of the existing Advanced Security Option – Strong
Authentication configuration for all Advanced Security Option
("ASO")-enabled databases and listeners on a single shared server which will
include consideration and recommendations for:
a. Functionality and maintainability of the ASO for the Strong
Authentication server-side configuration in a shared server environment,
which includes both ASO and non-ASO databases.
b. Functionality and maintainability of the ASO for the Strong
Authentication client-side configuration on desktop, terminal server,
mid-tier server and Unix clients.
c. Verification that the configuration correctly supports data transfers
through current user database links between databases and recommendations
for maintaining the viability of the links as databases are added or
d. Assisting in designing reliable methods for re-initiation of the ASO
configuration after the database server is rebooted.
2. Provide an assessment in the existing Oracle Internet Directory ("OID")
deployment. The assessment will include the master node in a fan-out
replication configuration and at least one slave replica along with
consideration and recommendations for:
a. Security: To assess the security configuration of the Application Server
and recommend improvements to harden the configuration from intrusion.
b. Security Delegation: To assess the current delegation of OID
administration privileges and provide recommendations on the functions that
can safely be delegated to privileged accounts other than the OID
c. Secure Sockets Layer ("SSL") Security: To provide assistance in setting
up an environment where the OID administration account can be authenticated
with Public Key Infrastructure ("PKI") certificates in lieu of a password,
communicating with OID over encrypted network connections and also to
identify other opportunities
where SSL communications could be used.
d. Security audit: To review the current configuration for auditing at the
OID level (not the database level) and provide recommendations on managing
the information life cycle of audit data.
e. Performance: To assess the performance of the OID system as a naming
service as well as an authorization engine and to provide recommendations
for improving performance of those functions at both the client and
Lightweight Directory Access Protocol ("LDAP") server levels.
f. Scalability: To assess the current plan for scaling the OID
infrastructure to worldwide scope and provide recommendations on the
adequacy of the plan.
g. Replication: To assess the functionality of the current replication
topology for OID and provide recommendations for streamlining the process to
build new replicated nodes.
h. Database versioning: To provide recommendations in the development of a
database versioning plan that would allow you to upgrade the underlying OID
database to newer patch levels (both functional patches and security Central
Processing Units ("CPU"s) and to also assess which, if any, changes need to
be made to the OID infrastructure to support authorization of Oracle 11g
i. Application Server versioning: To assist in creation of a demonstration
implementation for the most-recently available version of OID. If possible,
this should include the ability to perform Windows Native Authentication in
a multi-domain Active Directory forest.
j. To assist with setting up Single –Sign-On (SSO) capability on one
existing Apex (Application Express) application.
k. To provide advice on detection methods and risk mitigation to deal with a
recurring problem where the Oracle Internet Directory "locks up" preventing
additional new connections to databases.
l. To investigate or recommend a method of registering a database in OID by
command line or script rather than using the Database Configuration
Assistant ("DBCA") interface. This would allow automation of what is now a
many step manual process.
Ph: 832 561 0634
You received this message because you are subscribed to the Google Groups
To post to this group, send email to [EMAIL PROTECTED]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at