The protection of the DB against intentional or unintentional threats using computer-based or non- computer-based controls. Database Security – Part 2.

Slides:



Advertisements
Similar presentations
ITEC474 INTRODUCTION.
Advertisements

The Architecture of Oracle
Introduction to Oracle
INTRODUCTION TO ORACLE Lynnwood Brown System Managers LLC Backup and Recovery Copyright System Managers LLC 2008 all rights reserved.
5 Copyright © 2005, Oracle. All rights reserved. Managing Database Storage Structures.
Acknowledgments Byron Bush, Scott S. Hilpert and Lee, JeongKyu
Oracle9i Database Administrator: Implementation and Administration 1 Chapter 2 Overview of Database Administrator (DBA) Tools.
Oracle Architecture. Instances and Databases (1/2)
Database Administration and Security Transparencies 1.
Page Footer Keed Education Oracle Database Administration Basic Copyright 2009 Keed Education BV Version Concept.
1 - Oracle Server Architecture Overview
Harvard University Oracle Database Administration Session 2 System Level.
Chapter 8 Security Transparencies © Pearson Education Limited 1995, 2005.
Advanced Databases Basic Database Administration Guide to Oracle 10g 1.
A Guide to Oracle9i1 Introduction to Oracle9i Database Administration Chapter 11.
Database Backup and Recovery
Backup and Recovery Part 1.
CHAPTER 16 User-Managed Backup and Recovery. Introduction to User Managed Backup and Recovery Backup and recover is one of the most critical skills a.
Oracle Architecture Client Computer Application Server Oracle Database Lan Or Internet Lan Or Internet Client Server Environment Application By Java or.Net.
Backup Concepts. Introduction Backup and recovery procedures protect your database against data loss and reconstruct the data, should loss occur. The.
Introduction to Oracle Backup and Recovery
IS 4510 – Database Administration Module – 2 Database Backup 10/24/20141Compiled by: Zafar Iqbal Khan.
DATABASE SECURITY By Oscar Suciadi CS 157B Prof. Sin-Min Lee.
Backup & Recovery Concepts for Oracle Database
Chapter 19 Security Transparencies. 2 Chapter 19 - Objectives Scope of database security. Why database security is a serious concern for an organization.
II.I Selected Database Issues: 1 - SecuritySlide 1/24 II. Selected Database Issues Part 1: Security Lecture 1 Lecturer: Chris Clack 3C13/D6.
© Pearson Education Limited, Chapter 5 Database Administration and Security Transparencies.
Managing Multi-User Databases AIMS 3710 R. Nakatsu.
Chapter Oracle Server An Oracle Server consists of an Oracle database (stored data, control and log files.) The Server will support SQL to define.
CHAPTER 6 Users and Basic Security. Progression of Steps for Creating a Database Environment 1. Install Oracle database binaries (Chapter 1) 2. Create.
5 Copyright © 2004, Oracle. All rights reserved. Using Recovery Manager.
9 Copyright © 2005, Oracle. All rights reserved. Administering User Security.
Database Systems Slide 1 Database Systems Lecture 5 Overview of Oracle Database Architecture - Concept Manual : Chapters 1,8 Lecturer : Dr Bela Stantic.
7202ICT – Database Administration
Copyright © Oracle Corporation, All rights reserved. 1 Oracle Architectural Components.
An Oracle server:  Is a database management system that provides an open, comprehensive, integrated approach to information management.  Consists.
Anton TopurovIT-DB 23 April 2013 Introduction to Oracle2.
Chapter 1 Introduction to Databases. 1-2 Chapter Outline   Common uses of database systems   Meaning of basic terms   Database Applications  
Chapter 8Oracle9i DBA II: Backup/Recovery and Network Administration 1 Chapter 8 Complete Recovery with Recovery Manager.
IT Database Administration SECTION 01. Starting Up and Shutting Down the Database Database Administration Facilities – A number of tools are available.
Database structure and space Management. Database Structure An ORACLE database has both a physical and logical structure. By separating physical and logical.
Introduction to Oracle. Oracle History 1979 Oracle Release client/server relational database 1989 Oracle Oracle 8 (object relational) 1999.
CSCI 3140 Module 6 – Database Security Theodore Chiasson Dalhousie University.
7 Copyright © 2005, Oracle. All rights reserved. Managing Undo Data.
Database structure and space Management. Segments The level of logical database storage above an extent is called a segment. A segment is a set of extents.
1 Principles of Database Systems With Internet and Java Applications Today’s Topic Chapter 15: Reliability and Security in Database Servers Instructor’s.
Advanced Databases DBA: Security and Backups Guide to Oracle 10g 1.
IT Database Administration Section 09. Backup and Recovery Backup: The available options Full Consistent (cold) Backup Database shutdown, all files.
Database Storage Structures
Database Security. Multi-user database systems like Oracle include security to control how the database is accessed and used for example security Mechanisms:
14 Copyright © 2005, Oracle. All rights reserved. Backup and Recovery Concepts.
Backup Concepts. Introduction Backup and recovery procedures protect your database against data loss and reconstruct the data, should loss occur. The.
3 Copyright © 2006, Oracle. All rights reserved. Using Recovery Manager.
Chapter 1Oracle9i DBA II: Backup/Recovery and Network Administration 1 Chapter 1 Backup and Recovery Overview MSCD642 Backup and Recovery.
Overview of Oracle Backup and Recovery Darl Kuhn, Regis University.
12 Copyright © Oracle Corporation, All rights reserved. User-Managed Complete Recovery.
18 Copyright © 2004, Oracle. All rights reserved. Backup and Recovery Concepts.
Database Security. Multi-user database systems like Oracle include security to control how the database is accessed and used for example security Mechanisms:
6 Copyright © 2007, Oracle. All rights reserved. Performing User-Managed Backup and Recovery.
Oracle Architecture - Structure. Oracle Architecture - Structure The Oracle Server architecture 1. Structures are well-defined objects that store the.
18 Copyright © 2004, Oracle. All rights reserved. Recovery Concepts.
14 Copyright © 2005, Oracle. All rights reserved. Backup and Recovery Concepts.
Oracle Database Architectural Components
Database Administration
Table spaces.
Database structure and space Management
Backup and Recovery (1) Oracle 10g Hebah ElGibreen CAP364.
ISYS366, Oracle Disk Internals
Database administration
Presentation transcript:

The protection of the DB against intentional or unintentional threats using computer-based or non- computer-based controls. Database Security – Part 2 Details of Pfleeger’s overview in Part 1

The granting of a right or privilege, which enables a subject to have legitimate access to a system or a system’s object. Many “object types”: table, view, application procedure, or any other object that can be created within the system. Ownership of objects gives the owner all appropriate privileges on the objects owned. The DBMS needs to keep track (in the DD) of all privileges granted to users, and by whom, in order to maintain the correct set of privileges Authentication refers to a mechanism that determines whether a user is who he or she claims to be. Authorization

Security officer –enrolls users, controls and monitors user access to the database, and maintains system security. Application developer – designs and implements database applications. Application administrator – responsible for the administration needs of a particular application. Database users – interact with the database via applications or utilities. Network administrators – responsible for administering Oracle networking products, such as Net8 for: web, internet Type of Oracle Users

A predefined role, named "DBA", is automatically created with every Oracle database. This role contains all database system privileges. Therefore, it is very powerful and should be granted only to competent + trusted DBAs. Two user accounts are automatically created with the database and granted the DBA role: SYS – CHANGE_ON_INSTALL and SYSTEM – MANAGER. The database administrator usernames need a more secure authentication scheme. Network administrators – responsible for administering Oracle networking products, such as Net8. Database Administrator

Database Administrator Authentication Methods

Tablespaces – logical storage units that group related logical structures together. Schema objects – the logical structures that directly refer to the database's data such as tables, views, sequences, stored procedures, synonyms, indexes, clusters, and database links. Extent –a specific number of contiguous data blocks, obtained in a single allocation from OS, and used to store a specific type of information. Segment –a set of extents allocated for a physical object Segment data is Oracle-specific binary format, not OS format Logical Database Structure

Databases, Tablespaces, and Datafiles

Datafiles and Tablespaces

The Relationships Among Segments, Extents, and Data Blocks

Data files – Every Oracle database has one or more physical datafiles. One or more datafiles form a logical unit of database storage called a tablespace. Redo log files – Every Oracle database has a set of two or more redo log files. The set of redo log files for a database is collectively known as the database's redo log. Control files – Every Oracle database has a control file. A control file contains entries that specify the physical structure of the database such as database name, names and locations of the data files and redo log files, time stamp of database creation, etc. Used by Oracle at DB instance creation, to control the layout of elements in this instance Physical Database Structure

Database user and schema – each user has a “security domain” that determines the privileges and roles, the tablespace quota, and the system resource limits for the user. Privilege – a right to execute a particular type of SQL statement. Roles – named groups of related privileges that are granted to: - users or - other roles Storage settings and quotas – Oracle provides means for directing and limiting the use of disk space allocated to the database on a per user basis. Resource limits – Each user is assigned a profile that specifies limitations on several system resources available to the user Oracle Security Mechanism

Oracle Security Features

A view SELECT query result = the dynamic result of one or more relational operations operating on the base relations to produce another relation Views hide irrelevant attributes and/or rows from those users who don’t need to know them. A user can be granted privilege to use a view that is generated from several base tables but not privilege to access the base tables. Views (Subschemas)

The process of periodically taking a copy of the database and log file (and possibly programs) onto offline storage media. A DBMS should provide logging facilities referred to as journaling, which keep track of the current state of transactions and database changes, to provide support for recovery procedures. A DBMS should provide a checkpoint facility, which enables updates to the database which are in progress to be made permanent. When a checkpoint is taken, the DBMS ensures that all the data in main memory is written out to disk and a special checkpoint record is written to the journal. Backup

A backup is a copy of data. You can make physical backups using either the Oracle8i Recovery Manager utility ( or operating system utilities ( #7605). A physical backup is a copy of a data file, tablespace, or database made at a specific time. Backup in Oracle

Online Redo Log File Use in ARCHIVELOG Mode

Some operational Rules/Restrictions for this DB mode You can only restore the database to the point of the most recent full database backup. You can only perform an operating system backup of the database when it is shut down cleanly. You can only restore a whole database backup and then open the database when the backup was taken while the database was closed cleanly. You cannot perform online tablespace backups. NONARCHIVELOG Mode

Tablespace Backups in NOARCHIVELOG Mode

To restore a physical backup is to reconstruct it and make it available to the Oracle database server. To recover a restored datafile is to update it using redo records, that is, records of changes made to the database after the backup was taken. Oracle performs crash recovery and instance recovery automatically after an instance failure. Instance recovery is an automatic procedure that involves two distinct operations: rolling forward the backup to a more current time by applying online redo records and rolling back all changes made in uncommitted transactions to their original state. Media recovery requires you to issue recovery commands. Recovery in Oracle

Restoring and Recovering a Database

Static Data Dictionary Views - Change only when a change is made to the DD, for example, when a new table is created or a user is granted new privileges. ( Oracle contains a set of underlying views that are maintained by the server and accessible to the database administrator user SYS. These views are called dynamic performance views because they are continuously updated while a database is open and in use, and their contents relate primarily to performance. ( Information for DBA

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.