Presentation is loading. Please wait.

Presentation is loading. Please wait.

© 2007 by Prentice Hall12-1 Introduction to Oracle 10g Chapter 12 Maintaining Database Security James Perry and Gerald Post.

Published byGyles McDaniel Modified over 8 years ago

Similar presentations

Presentation on theme: "© 2007 by Prentice Hall12-1 Introduction to Oracle 10g Chapter 12 Maintaining Database Security James Perry and Gerald Post."— Presentation transcript:

1 © 2007 by Prentice Hall12-1 Introduction to Oracle 10g Chapter 12 Maintaining Database Security James Perry and Gerald Post

2 © 2007 by Prentice Hall12-2 Chapter Outline Creating and Editing User Accounts Controlling User Access to Objects Enforcing Privileges through Views and Procedures Protecting Data with Encryption Auditing the Database

3 © 2007 by Prentice Hall12-3 12.1 Creating a user with Enterprise Manager Creating and editing user accounts

4 © 2007 by Prentice Hall12-4 User Accounts Role: Agent Permissions: Add customer Add listings Add offers … Database StewartM Role: Agent 12.2 User roles

5 © 2007 by Prentice Hall12-5 Table 12.1 Some common system privileges ALTER SESSION ALTER SYSTEM ALTER USER AUDIT ANY BACKUP ANY TABLE CREATE PROCEDURE CREATE ROLE CREATE SEQUENCE CREATE TABLE CREATE TRIGGER CREATE TYPE CREATE USER CREATE VIEW DROP USER FORCE TRANSACTION

6 © 2007 by Prentice Hall12-6 Table 12.2 Common object privileges PrivilegeTableViewSequenceProcedure, Function, or Package User Defined Type ALTERXX DELETEXX EXECUTEXX DEBUGXXXX FLASHBACKXX INDEXX INSERTXX ON COMMIT REFRESHX QUERY REWRITEX REFERENCESXX SELECTXXX UNDERXX UPDATEXX

7 © 2007 by Prentice Hall12-7 Purchasing clerk places order Purchasing manager verifies new supplier Supplier Supplier Table INSERT Purchase Table Purchase Item Table INSERT Receiving clerk accepts items UPDATE Quantity Received Accounting clerk authorizes payment SELECT AccountsPayable Cash INSERT 12.3 Separation of duties

8 © 2007 by Prentice Hall12-8 12.4 Using a DBA system table to list roles granted to a user

9 © 2007 by Prentice Hall12-9 Table 12.3 Desired permissions by object and role Database ObjectAgent roleManager role Tables Agents ContactReason CustAgentList Customers LicenseStatus Listings Properties SaleStatus Select All Select? All Select All Forms AgentContacts AgentListings Agents ContactReason Customers LicenseStatus ListingActivity Listings Management Properties SaleStatus Search4 Startup All None All None All None All None All Database ObjectAgent roleManager role Reports AgentSales CustomerList ListingsAndOffers SalesByCityAndAgent SalesByMonthAndAgent Maybe for self All Maybe for self All

10 © 2007 by Prentice Hall12-10 12.5 Results for MarcouxListings view

11 © 2007 by Prentice Hall12-11 Management button is not available 12.6 Startup form run by an agent without the Manager role

12 © 2007 by Prentice Hall12-12 https://server Client Browser Server Server’s public key Data encrypted with server’s public key Data decrypted with server’s private key Public key Private key Certificate Authority Security certificate Database Data 12.7 Public key encryption Securing Internet transmissions

13 © 2007 by Prentice Hall12-13 12.8 Encryption test results

14 © 2007 by Prentice Hall12-14 Table 12.4 Oracle auditing types Type of AuditingDescription Statement AuditingTracks activity by the type of statement. For example, AUDIT TABLE tracks several DDL statements regardless of the table involved. A broad- based tracking but it can be applied to individual users or to everyone. Privilege AuditingMonitors the use of system privileges such as AUDIT CREATE TABLE. Can be assigned to track individual users or everyone. Schema Object AuditingRecords the usage of specific statements on individual objects. For instance, AUDIT SELECT ON customers records a note every time someone retrieves data from the customer table. Always applies to all users. Fine-Grained AuditingThe most detailed specifications, you can create any Boolean condition based on individual columns or specific rows of data. Or example, you might track all orders with a value > 100,000. Auditing the database

15 © 2007 by Prentice Hall12-15 12.9 Audit log results Auditing the database

16 © 2007 by Prentice Hall12-16 12.10 Changes stored from trigger code Creating triggers for audits

Download ppt "© 2007 by Prentice Hall12-1 Introduction to Oracle 10g Chapter 12 Maintaining Database Security James Perry and Gerald Post."

Similar presentations

Chapter 23 Database Security and Authorization Copyright © 2004 Pearson Education, Inc.

Chapter 23 Database Security and Authorization Copyright © 2004 Pearson Education, Inc.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 8 Application Data Auditing.

Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 8 Application Data Auditing.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 8 Application Data Auditing.

Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 8 Application Data Auditing.
DAVID M. KROENKE’S DATABASE PROCESSING, 10th Edition © 2006 Pearson Prentice Hall 9-1 COS 346 Day 20.

DAVID M. KROENKE’S DATABASE PROCESSING, 10th Edition © 2006 Pearson Prentice Hall 9-1 COS 346 Day 20.
Chapter 9 Auditing Database Activities

Chapter 9 Auditing Database Activities
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 5 Database Application Security Models.

Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 5 Database Application Security Models.
System Administration Accounts privileges, users and roles

System Administration Accounts privileges, users and roles
DBSYSTEMS 1 of 13 Chapter 10 DB System Administration (Part II) 1 Based on G. Post, DBMS: Designing & Building Business Applications University of Manitoba.

DBSYSTEMS 1 of 13 Chapter 10 DB System Administration (Part II) 1 Based on G. Post, DBMS: Designing & Building Business Applications University of Manitoba.
A Guide to Oracle9i1 Advanced SQL And PL/SQL Topics Chapter 9.

A Guide to Oracle9i1 Advanced SQL And PL/SQL Topics Chapter 9.
Concepts of Database Management Sixth Edition

Concepts of Database Management Sixth Edition
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 4 Profiles, Password Policies, Privileges, and Roles.

Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 4 Profiles, Password Policies, Privileges, and Roles.
Chapter 5 Database Application Security Models

Chapter 5 Database Application Security Models
DAVID M. KROENKE’S DATABASE PROCESSING, 10th Edition © 2006 Pearson Prentice Hall 7-1 David M. Kroenke’s Chapter Seven: SQL for Database Construction and.

DAVID M. KROENKE’S DATABASE PROCESSING, 10th Edition © 2006 Pearson Prentice Hall 7-1 David M. Kroenke’s Chapter Seven: SQL for Database Construction and.
MD807: Relational Database Management Systems Introduction –Course Goals & Schedule –Logistics –Syllabus Review RDBMS Basics –RDBMS Role in Applications.

MD807: Relational Database Management Systems Introduction –Course Goals & Schedule –Logistics –Syllabus Review RDBMS Basics –RDBMS Role in Applications.
ORACLE DATABASE SECURITY

ORACLE DATABASE SECURITY
Adapted from Afyouni, Database Security and Auditing DB Auditing Examples (Ch. 9) Dr. Mario Guimaraes.

Adapted from Afyouni, Database Security and Auditing DB Auditing Examples (Ch. 9) Dr. Mario Guimaraes.
Adapted from Afyouni, Database Security and Auditing Database Application Auditing – Ch. 8.

Adapted from Afyouni, Database Security and Auditing Database Application Auditing – Ch. 8.
Overview What is SQL Server? Creating databases Administration Security Backup.

Overview What is SQL Server? Creating databases Administration Security Backup.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 3 Administration of Users.

Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 3 Administration of Users.
Chapter 101. 2 Oracle Server An Oracle Server consists of an Oracle database (stored data, control and log files.) The Server will support SQL to define.

Chapter Oracle Server An Oracle Server consists of an Oracle database (stored data, control and log files.) The Server will support SQL to define.

Similar presentations

Ads by Google