Cloud, Database, Apps and AI Workshop

  I have a small confession: I have never been fond of security metaphors borrowed from construction. We talk about firewalls, perimeters, gates, moats, and now, increasingly, vaults. The trouble is that most of these analogies stopped being accurate decades ago. A real-world vault is a heavy steel box that does exactly one thing — it keeps people out. An Oracle Database Vault, on the other hand, is a programmable policy engine baked into the kernel of an AI database, deciding in microseconds who is allowed to do what, from where, with which credential, on which row of which table. So while I am not entirely sold on the name, the thing behind it has quietly become one of the more interesting pieces of database security on the market — and with the Oracle AI Database 26ai release it has been pushed into a new role that the original 2006-era Database Vault (introduced in Oracle Database 10g Release 2) was never designed for: protecting data against AI agents that can write their own...

  A practitioner's guide to building reliable, high-performance virtual networks on OL10 — from the kernel's bridge layer and TAP devices to virtio-net, VLAN trunking, NIC bonding, and production-grade troubleshooting. Table of Contents Networking Architecture Overview KVM Networking Modes in OL10 Linux Bridges on OL10 TAP Devices and VM Connectivity Virtio Networking and Performance VLAN Tagging and Trunking Network Bonding and High Availability Security Considerations Troubleshooting KVM Networking Best Practices Summary Virtualization is only as powerful as its networking model. On Oracle Linux 10 (OL10) , KVM provides a robust, flexible networking stack capable of supporting everything from simple NAT-based lab environments to high-performance, production-grade bridged and VLAN-backed networks. This blog explores how networking works on OL10 with KVM, how the components fit together, and how to design reliable and scalable virtual networks. Each section pairs concept-level ...

A step-by-step implementation of column-level, session-aware redaction across multiple tables in a Pluggable Database — without altering a single row of stored data. 1. Introduction In modern database environments, securing sensitive data is a critical requirement for compliance, privacy, and regulatory standards. Oracle Data Redaction enables real-time masking of sensitive data at query execution time — without modifying the actual stored data. The feature is implemented through the DBMS_REDACT package, which lets database administrators define policies that dynamically redact sensitive information such as identification numbers, customer names, and dates of birth based on session context. Unlike traditional data masking, which permanently alters data, Oracle Data Redaction guarantees a clean separation between authorized and unauthorized visibility: Authorized users can view actual data. Unauthorized users see masked (redacted) data. In this implementation, redaction policies are ...