Presentation is loading. Please wait.

Presentation is loading. Please wait.

To Presentation on SECURITY By Office of the A.G. (A&E) Punjab, Chandigarh.

Published byLeon Hamilton Modified over 9 years ago

Similar presentations

Presentation on theme: "To Presentation on SECURITY By Office of the A.G. (A&E) Punjab, Chandigarh."— Presentation transcript:

1 To Presentation on SECURITY By Office of the A.G. (A&E) Punjab, Chandigarh

2 Security features in Oracle and its implementation in existing application

3 Security features in ORACLE

4 Different levels of security in Oracle Account security for validation of usersAccount security for validation of users Access security for database objectsAccess security for database objects System-level security for managing global privileges.System-level security for managing global privileges. Different levels of security in Oracle Account security for validation of usersAccount security for validation of users Access security for database objectsAccess security for database objects System-level security for managing global privileges.System-level security for managing global privileges.

5 Users & Security Security Domain Default Tablespace & Temporary Table Space Tablespace Quota Resource Limit Direct Privileges Role Privileges Account Locking Security Domain Default Tablespace & Temporary Table Space Tablespace Quota Resource Limit Direct Privileges Role Privileges Account Locking

6 Creating New Users Authentication with user nameAuthentication with user name Decide quotas for each Tablespece Decide quotas for each Tablespece Default Tablespace and Temporary TablespaceDefault Tablespace and Temporary Tablespace Grant privileges and roles to the userGrant privileges and roles to the user Use Profile to place limits on database resources available to usersUse Profile to place limits on database resources available to users Use a standard password initiallyUse a standard password initially Use the Expire keyword to force user to reset their passwordUse the Expire keyword to force user to reset their password Restrict quotas to few users – use Quota Unlimited with cautionRestrict quotas to few users – use Quota Unlimited with caution Educate usersEducate users Authentication with user nameAuthentication with user name Decide quotas for each Tablespece Decide quotas for each Tablespece Default Tablespace and Temporary TablespaceDefault Tablespace and Temporary Tablespace Grant privileges and roles to the userGrant privileges and roles to the user Use Profile to place limits on database resources available to usersUse Profile to place limits on database resources available to users Use a standard password initiallyUse a standard password initially Use the Expire keyword to force user to reset their passwordUse the Expire keyword to force user to reset their password Restrict quotas to few users – use Quota Unlimited with cautionRestrict quotas to few users – use Quota Unlimited with caution Educate usersEducate users

7 Tools for DBA to monitor users DBA_USERS USERNAMEUSERNAME USER_IDUSER_ID CREATEDCREATED ACCOUNT_STATUSACCOUNT_STATUS LOCK_DATELOCK_DATE EXPIRY_DATEEXPIRY_DATE DEFAULT_TABLESPACEDEFAULT_TABLESPACE TEMPORARY_TABLESPACETEMPORARY_TABLESPACEDBA_USERS USERNAMEUSERNAME USER_IDUSER_ID CREATEDCREATED ACCOUNT_STATUSACCOUNT_STATUS LOCK_DATELOCK_DATE EXPIRY_DATEEXPIRY_DATE DEFAULT_TABLESPACEDEFAULT_TABLESPACE TEMPORARY_TABLESPACETEMPORARY_TABLESPACE DBA_TS_QUOTAS USERNAME USERNAME TABLESPACE_NAME TABLESPACE_NAME BYTES BYTES MAX_BYTES MAX_BYTES BLOCKS BLOCKS MAX_BLOCKS MAX_BLOCKSDBA_TS_QUOTAS USERNAME USERNAME TABLESPACE_NAME TABLESPACE_NAME BYTES BYTES MAX_BYTES MAX_BYTES BLOCKS BLOCKS MAX_BLOCKS MAX_BLOCKS

8 Privileges for Oracle Users Two types of privileges: System : Enable users to perform particular action in the database Object: Enable users to access and manipulate a specific object Two types of privileges: System : Enable users to perform particular action in the database Object: Enable users to access and manipulate a specific object

9 System Privileges There are about 126 System Privileges ANY keyword in the privileges signifies that users have the privilege in every schema. CREATE ANY TABLE DROP ANY TABLE UPDATE ANY TABLE CREATE ANY INDEX Contd…. There are about 126 System Privileges ANY keyword in the privileges signifies that users have the privilege in every schema. CREATE ANY TABLE DROP ANY TABLE UPDATE ANY TABLE CREATE ANY INDEX Contd….

10 System Privileges GRANT command adds a privilege to user or a group of users grant CREATE SESSION, CREATE TABLE to SCOTT; grant CREATE SESSION, CREATE TABLE to SCOTT; grant CREATE SESSION to JANE WITH ADMIN option; grant CREATE SESSION to JANE WITH ADMIN option;Contd…. GRANT command adds a privilege to user or a group of users grant CREATE SESSION, CREATE TABLE to SCOTT; grant CREATE SESSION, CREATE TABLE to SCOTT; grant CREATE SESSION to JANE WITH ADMIN option; grant CREATE SESSION to JANE WITH ADMIN option;Contd….

11 System Privileges REVOKE command deletes the privileges from users/group of users revoke CREATE TABLE from SCOTT; revoke CREATE TABLE from SCOTT; revoke CREATE SESSION from JANE; revoke CREATE SESSION from JANE; REVOKE command deletes the privileges from users/group of users revoke CREATE TABLE from SCOTT; revoke CREATE TABLE from SCOTT; revoke CREATE SESSION from JANE; revoke CREATE SESSION from JANE;

12 Tools to monitor System Privileges DatabaseDBA_SYS_PRIVS - GRANTEE - PRIVILEGE - ADMIN OPTION DatabaseDBA_SYS_PRIVS - GRANTEE - PRIVILEGE - ADMIN OPTION SessionSESSION_PRIVS - PRIVILEGE SessionSESSION_PRIVS

13 Object Privileges Object Privileges can be granted/revoked on different objects like Tables, View, Sequence, Procedure etc. and are : ALTER INSERT DELETE SELECT EXECUTE REFERENCES INDEX UPDATE Contd… Object Privileges can be granted/revoked on different objects like Tables, View, Sequence, Procedure etc. and are : ALTER INSERT DELETE SELECT EXECUTE REFERENCES INDEX UPDATE Contd…

14 Object Privileges GRANT command adds a privilege to user or a group of users grant EXECUTE on EMPLOYEE to SCOTT; grant UPDATE (first_name, salary) on EMPLOYEE to SCOTT with grant option; Contd…. GRANT command adds a privilege to user or a group of users grant EXECUTE on EMPLOYEE to SCOTT; grant UPDATE (first_name, salary) on EMPLOYEE to SCOTT with grant option; Contd….

15 Object Privileges REVOKE command deletes the privileges from users/group of users revoke delete on EMPLOYEE from SCOTT; revoke all on EMPLOYEE from JANE; REVOKE command deletes the privileges from users/group of users revoke delete on EMPLOYEE from SCOTT; revoke all on EMPLOYEE from JANE;

16 Tools to monitor Object Privileges DBA_TAB_PRIVS GRANTEE GRANTEE OWNER OWNER TABLE_NAME TABLE_NAME GRANTOR GRANTOR PRIVILEGE PRIVILEGE GRANTABLE GRANTABLEDBA_TAB_PRIVS GRANTEE GRANTEE OWNER OWNER TABLE_NAME TABLE_NAME GRANTOR GRANTOR PRIVILEGE PRIVILEGE GRANTABLE GRANTABLEDBA_COL_PRIVS GRANTEE GRANTEE OWNER OWNER TABLE_NAME TABLE_NAME COLOUMN_NAME COLOUMN_NAME GRANTOR GRANTOR PRIVILEGE PRIVILEGE GRANTABLE GRANTABLEDBA_COL_PRIVS GRANTEE GRANTEE OWNER OWNER TABLE_NAME TABLE_NAME COLOUMN_NAME COLOUMN_NAME GRANTOR GRANTOR PRIVILEGE PRIVILEGE GRANTABLE GRANTABLE

17 AGVLCTHE EXISTING APPLICATION AGVLCTHE

18 Features of Security Module of VLC Package developed by NIIT Security module has 10 different options which are as follows: Features of Security Module of VLC Package developed by NIIT Security module has 10 different options which are as follows: Set AGVLC Password Map User/Section Change AGVLC Role password Map Module/Function Application User Map Role/Module Role Status Map Role/User AG dealing Section Map Function Set AGVLC Password Map User/Section Change AGVLC Role password Map Module/Function Application User Map Role/Module Role Status Map Role/User AG dealing Section Map Function

19 Set AGVLC Password

20 Change AGVLC Role password

21 Application user

22 Role Status

23 AG Dealing Section

24 Map User/Section

25 Map Module/Function

26 Map Role/Module

27 Map Role/User

28 Map Function

29 VLC APPLICATION ADDITIONAL SECURITY User Profiles SESSION_PER_USER IDLE_TIME FAILED_LOGIN_ATTEMPTS PASSWORD_LIFE_TIME PASSWORD_LOCK_TIME PASSWORD_GRACE_TIME

30

Download ppt "To Presentation on SECURITY By Office of the A.G. (A&E) Punjab, Chandigarh."

Similar presentations

14-1 Copyright  Oracle Corporation, 1998. All rights reserved. Privileges Database security: – System security – Data security System privileges: Gain.

14-1 Copyright  Oracle Corporation, All rights reserved. Privileges Database security: – System security – Data security System privileges: Gain.
13 Copyright © Oracle Corporation, 2001. All rights reserved. Controlling User Access.

13 Copyright © Oracle Corporation, All rights reserved. Controlling User Access.
Oracle 10g Database Administrator: Implementation and Administration

Oracle 10g Database Administrator: Implementation and Administration
Oracle9i Database Administrator: Implementation and Administration 1 Chapter 12 System and Object Privileges.

Oracle9i Database Administrator: Implementation and Administration 1 Chapter 12 System and Object Privileges.
System Administration Accounts privileges, users and roles

System Administration Accounts privileges, users and roles
Backup The flip side of recovery. Types of Failures Transaction failure –Transaction must be aborted System failure –Hardware or software problem resulting.

Backup The flip side of recovery. Types of Failures Transaction failure –Transaction must be aborted System failure –Hardware or software problem resulting.
Oracle8 - The Complete Reference. Koch a& Loney1 By What Authority? Presented by Victor Matos.

Oracle8 - The Complete Reference. Koch a& Loney1 By What Authority? Presented by Victor Matos.
Administering User Security

Administering User Security
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 3 Administration of Users.

Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 3 Administration of Users.
Getting Started with Oracle11g Abeer bin humaid. Create database user You should create at least one database user that you will use to create database.

Getting Started with Oracle11g Abeer bin humaid. Create database user You should create at least one database user that you will use to create database.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 3 Administration of Users.

Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 3 Administration of Users.
By Lecturer / Aisha Dawood 1.  Administering Users  Create and manage database user accounts.  Create and manage roles.  Grant and revoke privileges.

By Lecturer / Aisha Dawood 1.  Administering Users  Create and manage database user accounts.  Create and manage roles.  Grant and revoke privileges.
CHAPTER 6 Users and Basic Security. Progression of Steps for Creating a Database Environment 1. Install Oracle database binaries (Chapter 1) 2. Create.

CHAPTER 6 Users and Basic Security. Progression of Steps for Creating a Database Environment 1. Install Oracle database binaries (Chapter 1) 2. Create.
9 Copyright © 2005, Oracle. All rights reserved. Administering User Security.

9 Copyright © 2005, Oracle. All rights reserved. Administering User Security.
Copyright س Oracle Corporation, 1998. All rights reserved. 14 Controlling User Access.

Copyright س Oracle Corporation, All rights reserved. 14 Controlling User Access.
Database Programming Sections 13–Creating, revoking objects privileges.

Database Programming Sections 13–Creating, revoking objects privileges.
Week 6 Lecture 2 System and Object Privileges. Learning Objectives  Identify and manage system and object privileges  Grant and revoke privileges to.

Week 6 Lecture 2 System and Object Privileges. Learning Objectives  Identify and manage system and object privileges  Grant and revoke privileges to.
Profiles, Password Policies, Privileges, and Roles

Profiles, Password Policies, Privileges, and Roles
IS 221: DATABASE ADMINISTRATION Lecture 6:Create Users & Manage Users. Information Systems Department 1.

IS 221: DATABASE ADMINISTRATION Lecture 6:Create Users & Manage Users. Information Systems Department 1.
INTRODUCTION TO ORACLE Lynnwood Brown System Managers LLC End User Management – Lecture 3 Copyright System Managers LLC 2007 all rights reserved.

INTRODUCTION TO ORACLE Lynnwood Brown System Managers LLC End User Management – Lecture 3 Copyright System Managers LLC 2007 all rights reserved.

Similar presentations

Ads by Google