advanced databases dba: security 1. advanced databases agenda understand the need for security....
TRANSCRIPT
![Page 1: Advanced Databases DBA: Security 1. Advanced Databases Agenda Understand the need for security. Learn about System Permissions and Object permissions](https://reader036.vdocuments.us/reader036/viewer/2022082518/5697c01e1a28abf838cd0ca9/html5/thumbnails/1.jpg)
Advanced Databases 1
DBA: Security
![Page 2: Advanced Databases DBA: Security 1. Advanced Databases Agenda Understand the need for security. Learn about System Permissions and Object permissions](https://reader036.vdocuments.us/reader036/viewer/2022082518/5697c01e1a28abf838cd0ca9/html5/thumbnails/2.jpg)
Advanced Databases 2
Agenda
• Understand the need for security.• Learn about System Permissions
and Object permissions.• Understand the purpose of Roles.• Explore Security-focused SQL.
![Page 3: Advanced Databases DBA: Security 1. Advanced Databases Agenda Understand the need for security. Learn about System Permissions and Object permissions](https://reader036.vdocuments.us/reader036/viewer/2022082518/5697c01e1a28abf838cd0ca9/html5/thumbnails/3.jpg)
Advanced Databases
Guide to Oracle 10g
3
Data Admin –vs- DB Admin
Data Administration
• Owns the DATA• High-level function• Policy & Procedure
Planning• DBMS independent• Strategic• Maps out Security
Plans
Database Administration
• Owns the Database• Technical function• Policy &Procedure
Enforcement• DBMS dependent• Tactical• Carries out Security
Plans
![Page 4: Advanced Databases DBA: Security 1. Advanced Databases Agenda Understand the need for security. Learn about System Permissions and Object permissions](https://reader036.vdocuments.us/reader036/viewer/2022082518/5697c01e1a28abf838cd0ca9/html5/thumbnails/4.jpg)
Advanced Databases
Guide to Oracle 10g
4
Data Admin Matrix
• Data Security documentation tool.• Crafted by DA, Carried out by DBA.
Role Object(s) Permissions
OrderEntry
OrdersOrder Items
Insert, Read
Credit Approval
Customers Update
![Page 5: Advanced Databases DBA: Security 1. Advanced Databases Agenda Understand the need for security. Learn about System Permissions and Object permissions](https://reader036.vdocuments.us/reader036/viewer/2022082518/5697c01e1a28abf838cd0ca9/html5/thumbnails/5.jpg)
Advanced Databases 5
Security Explained via Cheezy Graphic
UserSystemPrivilege
RoleObject
![Page 6: Advanced Databases DBA: Security 1. Advanced Databases Agenda Understand the need for security. Learn about System Permissions and Object permissions](https://reader036.vdocuments.us/reader036/viewer/2022082518/5697c01e1a28abf838cd0ca9/html5/thumbnails/6.jpg)
Advanced Databases 6
Specifying System Privileges
• System privilege– Right to perform a specific action– DBA grants system privileges to users or roles– Use System Privileges page in Create User
page
• Object privilege– Associated permissions of an object– DBA or users grant to users or roles
• Admin Option- gives user permissions to grant rights.
![Page 7: Advanced Databases DBA: Security 1. Advanced Databases Agenda Understand the need for security. Learn about System Permissions and Object permissions](https://reader036.vdocuments.us/reader036/viewer/2022082518/5697c01e1a28abf838cd0ca9/html5/thumbnails/7.jpg)
Advanced Databases 7
System Privileges Reference
http://docs.oracle.com/cd/B28359_01/server.111/b28286/statements_9013.htm#sthref8513
![Page 8: Advanced Databases DBA: Security 1. Advanced Databases Agenda Understand the need for security. Learn about System Permissions and Object permissions](https://reader036.vdocuments.us/reader036/viewer/2022082518/5697c01e1a28abf838cd0ca9/html5/thumbnails/8.jpg)
Advanced Databases 8
System Privileges Example
Let’s check out OEM and do a demo.GRANTREVOKE
![Page 9: Advanced Databases DBA: Security 1. Advanced Databases Agenda Understand the need for security. Learn about System Permissions and Object permissions](https://reader036.vdocuments.us/reader036/viewer/2022082518/5697c01e1a28abf838cd0ca9/html5/thumbnails/9.jpg)
Advanced Databases
Guide to Oracle 10g
9
Roles
• Special database object • Represents collection of system
privileges • Can be assigned to multiple users• Create role– Can inherit privileges from other roles
• Simpler than assigning system privileges to each user.
![Page 10: Advanced Databases DBA: Security 1. Advanced Databases Agenda Understand the need for security. Learn about System Permissions and Object permissions](https://reader036.vdocuments.us/reader036/viewer/2022082518/5697c01e1a28abf838cd0ca9/html5/thumbnails/10.jpg)
Advanced Databases 10
Role Examples
Let’s checkout OEM and do a demo.CREATE ROLE
GRANT
![Page 11: Advanced Databases DBA: Security 1. Advanced Databases Agenda Understand the need for security. Learn about System Permissions and Object permissions](https://reader036.vdocuments.us/reader036/viewer/2022082518/5697c01e1a28abf838cd0ca9/html5/thumbnails/11.jpg)
Advanced Databases 11
Group Activity Data / DB AdminWith Fudgemart
Data Administrator’s Hat• Construct a Data
Administrator’s Matrix of Role, Object(s) and Permissions(s) for Customers on the Fudgemart website.
Database Administrator’s Hat• Carry out the security
role set by the data administrator.
• Write CREATE / GRANT statements to make a role for the WEB user to be included in.
Recall Fudgemart Has: Customers, Employees, Products, Orders, Departments, Vendors, and Timesheets.
![Page 12: Advanced Databases DBA: Security 1. Advanced Databases Agenda Understand the need for security. Learn about System Permissions and Object permissions](https://reader036.vdocuments.us/reader036/viewer/2022082518/5697c01e1a28abf838cd0ca9/html5/thumbnails/12.jpg)
Advanced Databases 12
Questions