19 Copyright © 2008, Oracle. All rights reserved. Security.

Slides:



Advertisements
Similar presentations
Managing User, Computer and Group Accounts
Advertisements

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
Lesson 17: Configuring Security Policies
Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.
11 SUPPORTING LOCAL USERS AND GROUPS Chapter 3. Chapter 3: Supporting Local Users and Groups2 SUPPORTING LOCAL USERS AND GROUPS  Explain the difference.
10.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
Hands-On Microsoft Windows Server 2003 Administration Chapter 5 Administering File Resources.
Administering User Security
11 WORKING WITH COMPUTER ACCOUNTS Chapter 8. Chapter 8: WORKING WITH COMPUTER ACCOUNTS2 CHAPTER OVERVIEW Describe the process of adding a computer to.
1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.
Working with Workgroups and Domains
2 Copyright © 2009, Oracle. All rights reserved. Getting Started with Warehouse Builder.
Sharing Resources Lesson 6. Objectives Manage NTFS and share permissions Determine effective permissions Configure Windows printing.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 3 Administration of Users.
Module 6: Designing Active Directory Security in Windows Server 2008.
9 Copyright © 2005, Oracle. All rights reserved. Administering User Security.
Copyright © 2007, Oracle. All rights reserved. Managing Concurrent Requests.
IOS110 Introduction to Operating Systems using Windows Session 8 1.
1 Chapter Overview Configuring Account Policies Configuring User Rights Configuring Security Options Configuring Internet Options.
IS 221: DATABASE ADMINISTRATION Lecture 6:Create Users & Manage Users. Information Systems Department 1.
MCTS Guide to Microsoft Windows Server 2008 Applications Infrastructure Configuration (Exam # ) Chapter Four Windows Server 2008 Remote Desktop Services,
7 Copyright © 2004, Oracle. All rights reserved. Administering Users.
© Wiley Inc All Rights Reserved. MCSE: Windows Server 2003 Active Directory Planning, Implementation, and Maintenance Study Guide, Second Edition.
Copyright © 2013 Curt Hill Database Security An Overview with some SQL.
17 Copyright © Oracle Corporation, All rights reserved. Managing Roles.
CHAPTER Creating and Managing Users and Groups. Chapter Objectives Explain the use of Local Users and Groups Tool in the Systems Tools Option to create.
Security Windows 2000 Richard Goldman © December 4, 2001.
Chapter 10: Rights, User, and Group Administration.
MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 11: Managing Access to File System Resources.
McGraw-Hill/Irwin The Interactive Computing Series © 2002 The McGraw-Hill Companies, Inc. All rights reserved. Microsoft Access 2002 Using Access Tools.
3 Copyright © 2004, Oracle. All rights reserved. Controlling Access to the Oracle Listener.
2. SQL Security Objectives –Learn SQL Server 2000 components Contents –Understanding the Authentication Process –Understanding the Authorization Process.
Managing Local Users & Groups. OVERVIEW Configure and manage user accounts Manage user account properties Manage user and group rights Configure user.
Permissions Lesson 13. Skills Matrix Security Modes Maintaining data integrity involves creating users, controlling their access and limiting their ability.
Database Security. Multi-user database systems like Oracle include security to control how the database is accessed and used for example security Mechanisms:
1 Chapter Overview Managing Object and Container Permissions Locating and Moving Active Directory Objects Delegating Control Troubleshooting Active Directory.
23 Copyright © 2009, Oracle. All rights reserved. Oracle Business Intelligence Answers: Advanced Features.
Privilege Management Chapter 22.
8 Copyright © 2011, Oracle and/or its affiliates. All rights reserved. BI Publisher Server: Administration and Security.
20 Copyright © 2008, Oracle. All rights reserved. Cache Management.
30 Copyright © 2009, Oracle. All rights reserved. Using Oracle Business Intelligence Delivers.
7 Copyright © 2007, Oracle. All rights reserved. Administering User Security.
22 Copyright © 2008, Oracle. All rights reserved. Multi-User Development.
Module 6: Administering Reporting Services. Overview Server Administration Performance and Reliability Monitoring Database Administration Security Administration.
1 Copyright © 2009, Oracle. All rights reserved. Controlling User Access.
21 Copyright © 2009, Oracle. All rights reserved. Working with Oracle Business Intelligence Answers.
Oracle Business Intelligence Foundation - Commonly Used Features in Repository.
Oracle Business Intelligence Foundation – Testing and Deploying OBI Repository.
29 Copyright © 2009, Oracle. All rights reserved. Administering the Oracle Business Intelligence Presentation Catalog.
22 Copyright © 2009, Oracle. All rights reserved. Filtering Requests in Oracle Business Intelligence Answers.
10.1 © 2004 Pearson Education, Inc. Lesson 10: Specifying Group Policy Settings Exam Microsoft® Windows® 2000 Directory Services Infrastructure.
21 Copyright © 2008, Oracle. All rights reserved. Enabling Usage Tracking.
5 Copyright © 2008, Oracle. All rights reserved. Testing and Validating a Repository.
6 Copyright © 2007, Oracle. All rights reserved. Managing Security and Metadata.
3 Copyright © 2006, Oracle. All rights reserved. Building an Analytic Workspace.
6/19/2016 أساسيات الأتصال و الشبكات Communication & Networks Fundamentals lab 4.
1 Copyright © 2008, Oracle. All rights reserved. Repository Basics.
2 Copyright © 2008, Oracle. All rights reserved. Building the Physical Layer of a Repository.
15 Copyright © Oracle Corporation, All rights reserved. Managing Users.
6 Copyright © 2005, Oracle. All rights reserved. Administering User Security.
Microsoft SQL Server 2014 for Oracle DBAs Module 8
Creating Oracle Business Intelligence Interactive Dashboards
CollegeSource Security Application &
Lesson 4: Configuring File and Share Access
Building the Physical Layer of a Repository
Lesson 16-Windows NT Security Issues
Security Schedule: Timing Topic 40 minutes Lecture 70 minutes Practice
Copyright © 2013 – 2018 by Curt Hill
Chapter 9: Managing Groups, Folders, Files, and Object Security
February 11-13, 2019 Raleigh, NC.
Presentation transcript:

19 Copyright © 2008, Oracle. All rights reserved. Security

Copyright © 2008, Oracle. All rights reserved Objectives After completing this lesson, you should be able to: Define users and groups Set permissions for users and groups to control access to repository objects Explain group inheritance Identify and describe the authentication methods used by Oracle BI Server Use query limits, timing restrictions, and filters to control access to repository information

Copyright © 2008, Oracle. All rights reserved Business Challenge Only qualified persons should have access rights to applications. Data needs to be protected so that only authorized employees can access sensitive information. Employees should automatically see the information that is relevant to their roles.

Copyright © 2008, Oracle. All rights reserved Business Solution: Oracle BI Security Provides ability to authenticate users through logon Controls user access to data Secures access control on object and data levels

Copyright © 2008, Oracle. All rights reserved Security Manager Is a utility in the Administration Tool that displays all the security information for a repository.

Copyright © 2008, Oracle. All rights reserved Working with Users User accounts can be defined explicitly in: –An Oracle BI Server repository –An external source (such as a database table or an LDAP server) Users must be authenticated by Oracle BI Server for a session to take place.

Copyright © 2008, Oracle. All rights reserved Adding a User to a Repository Name Password Logging level Group membership

Copyright © 2008, Oracle. All rights reserved Setting User Permissions and Logons Undefined Denied Read-only

Copyright © 2008, Oracle. All rights reserved Administrator Account Is a default, permanent user account in every Oracle BI Server repository Cannot be deleted or modified other than to change the password and logging level

Copyright © 2008, Oracle. All rights reserved Working with Groups A group is a set of security attributes. Use Security Manager to create groups and then grant membership in them to users or other groups. Groups Users and groups can belong to a group.

Copyright © 2008, Oracle. All rights reserved Administrators Group Is a predefined group with authority to access and modify any object in a repository Administrator user is automatically a member. Default member Defined members

Copyright © 2008, Oracle. All rights reserved Defined Groups You can create an unlimited number of groups in a repository. Each group can contain: –Explicitly granted privileges –Implicitly granted privileges through membership in another group Defined groups

Copyright © 2008, Oracle. All rights reserved Group Inheritance Privileges granted explicitly to a user have precedence over privileges granted through groups. Privileges granted explicitly to a group take precedence over any privileges granted through other groups. If security attributes conflict, a user or group is granted the least restrictive security attribute.

Copyright © 2008, Oracle. All rights reserved Group Inheritance: Example User 1 Member Group 1 Member Group 2 Group 1 DENY Table A Member Group 3 Member Group 4 Group 2 READ Table A Member Group 5 Group 3 READ Table B Group 4 READ Table C Group 5 DENY Table A

Copyright © 2008, Oracle. All rights reserved Adding a New Group Members include users and groups. Add members. Set permissions.

Copyright © 2008, Oracle. All rights reserved Viewing Member Hierarchies Click the hierarchy icon in the left pane of the Security Manager, and then expand the tree in the right pane.

Copyright © 2008, Oracle. All rights reserved Authentication Is the process by which a system verifies (with a user ID and password) that a user has the necessary permissions and authorizations to log on and access data Oracle BI Server authenticates each connection request that it receives.

Copyright © 2008, Oracle. All rights reserved Authentication Options Oracle BI Server supports the following authentication types: Operating system External table LDAP Database Internal

Copyright © 2008, Oracle. All rights reserved Operating System Authentication Oracle BI Server supports Windows Unified Logon. If a user is configured on a trusted Windows domain, an Oracle BI Server user of the same name does not need to be authenticated by Oracle BI Server. The user ID in the repository must match the user ID in the trusted Windows domain.

Copyright © 2008, Oracle. All rights reserved External Table Authentication Instead of storing IDs and passwords in a repository, maintain lists of users and passwords in an external database table. Use Oracle BI session variables to get values. External table

Copyright © 2008, Oracle. All rights reserved LDAP Authentication Instead of storing IDs and passwords in a repository, Oracle BI Server passes the user ID and password entered by the user to an LDAP server for authentication. Use Oracle BI session variables to get authentication values.

Copyright © 2008, Oracle. All rights reserved Database Authentication Authenticates users through database logons To set up database authentication: –Store user IDs (without passwords) in a repository. –Import database to the repository. –Specify authentication database in NQSConfig.ini. Add users to the repository. Import the database. Modify the NQSConfig.ini file.

Copyright © 2008, Oracle. All rights reserved Internal Authentication Maintain lists of users and passwords in the repository using the Administration Tool. Oracle BI Server authenticates against this list unless: –Another authentication method has already succeeded –Database authentication is specified in NQSConfig.ini User IDs are nonencrypted and non-case-sensitive. Passwords are encrypted and case-sensitive. Users can access any business model if they have the necessary access privileges. Users do not span repositories.

Copyright © 2008, Oracle. All rights reserved Order of Authentication 1.Operating system (OS): –No logon name –Turned on in NQSConfig.ini 2.LDAP or external database table –Populates session variables 3.Internal or database

Copyright © 2008, Oracle. All rights reserved Bypassing Oracle BI Security It is possible to bypass Oracle BI Server security and rely on the security that is provided by issuing user-specific database logons and passwords. Set in the NQSConfig.ini file.

Copyright © 2008, Oracle. All rights reserved Setting Query Limits Use Query Limits tab to: Control the number of rows received by a user or group Control the maximum query run time Enable or disable Populate Privilege Enable or disable Execute Direct Database Requests

Copyright © 2008, Oracle. All rights reserved Setting Timing Restrictions Restrict access to a database during particular time periods.

Copyright © 2008, Oracle. All rights reserved Setting Filters Limit queries by setting up filters on objects for a user or group.

Copyright © 2008, Oracle. All rights reserved Summary In this lesson, you should have learned how to: Define users and groups Set permissions for users and groups to control access to repository objects Explain group inheritance Identify and describe the authentication methods used by Oracle BI Server Use query limits, timing restrictions, and filters to control access to repository information

Copyright © 2008, Oracle. All rights reserved Practice 19-1 Overview: Creating Users and Groups This practice covers the following topics: Using the Security Manager to define users and groups Setting up group hierarchies Changing the default permission setting

Copyright © 2008, Oracle. All rights reserved Practice 19-2 Overview: Setting Permissions for Users and Groups This practice covers setting permissions for users and groups.

Copyright © 2008, Oracle. All rights reserved Practice 19-3 Overview: Authenticating Using an External Database This practice covers the following topics: Creating an initialization block to populate security session variables Verifying external database authentication

Copyright © 2008, Oracle. All rights reserved Practice 19-4 Overview: Authenticating Users with Database Authentication This practice covers the following topics: Importing an authentication database Adding a database user to the repository Editing the security section of NQSConfig.ini Verifying database authentication

Copyright © 2008, Oracle. All rights reserved Practice 19-5 Overview: Setting Query Limits and Timing Restrictions This practice covers the following topics: Setting query limits for users and groups Setting timing restrictions for users and groups

Copyright © 2008, Oracle. All rights reserved Practice 19-6 Overview: Setting Filters to Personalize Information This practice covers the following topics: Setting query filters Setting a query filter using a variable

Copyright © 2008, Oracle. All rights reserved

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.