security

Dr. Ouyang, CS 543, Fall 2000

The protection of the database against intentional or

unintentional threats using computer-based or non-

computer-based controls.

Database Security


The granting of a right or privilege, which enables a subject to

have legitimate access to a system or a system’s object.

The term “object” represents a database table, view,

application, procedure, or any other object that can be created

within the system.

Closed systems vs. open system.

Ownership of objects gives the owner all appropriate privileges

on the objects owned.

The DBMS needs to keep track of all privileges granted to users,

and by whom, in order to maintain the correct set of privileges.

Authentication refers to a mechanism that determines whether a

user is who he or she claims to be.

Authorization


Database administrator (DBA) –manages the system and its

users by performing administrative duties.

Security officer –enrolls users, controls and monitors user access

to the database, and maintains system security.

Application developer – designs and implements database

applications.

Application administrator – responsible for the administration

needs of a particular application.

Database users – interact with the database via applications or

utilities.

Network administrators – responsible for administering Oracle

networking products, such as Net8.

Type of Oracle Users


A predefined role, named "DBA", is automatically created with

every Oracle database. This role contains all database system

privileges. Therefore, it is very powerful and should be granted

only to fully functional database administrators.

Two user accounts are automatically created with the database

and granted the DBA role: SYS – CHANGE_ON_INSTALL

and SYSTEM – MANAGER.

The database administrator usernames need a more secure

authentication scheme.

Network administrators – responsible for administering Oracle

networking products, such as Net8.

Database Administrator


Database Administrator Authentication Methods


Tablespaces – logical storage units that group related logical

structures together.

Schema objects – the logical structures that directly refer to the

database's data such as tables, views, sequences, stored

procedures, synonyms, indexes, clusters, and database links.

Data block –a specific number of bytes of physical database

space on disk. Its size is specified for each Oracle database when

the database is created.

Extent –a specific number of contiguous data blocks, obtained

in a single allocation, used to store a specific type of

information.

Segment –a set of extents allocated for a certain logical

structure.

Logical Database Structure


Databases, Tablespaces, and Datafiles


Datafiles and Tablespaces


The Relationships Among Segments, Extents, and Data Blocks


Data files – Every Oracle database has one or more physical

datafiles. One or more datafiles form a logical unit of database

storage called a tablespace.

Redo log files – Every Oracle database has a set of two or more

redo log files. The set of redo log files for a database is

collectively known as the database's redo log.

Control files – Every Oracle database has a control file. A

control file contains entries that specify the physical structure of

the database such as database name, names and locations of the

data files and redo log files, time stamp of database creation,

etc.

Physical Database Structure


Database user and schema – each user has a security domain

that determines the privileges and roles, the tablespace quota,

and the system resource limits for the user.

Privilege – a right to execute a particular type of SQL

statement.

Roles – named groups of related privileges that are granted to

users or other roles.

Storage settings and quotas – Oracle provides means for

directing and limiting the use of disk space allocated to the

database on a per user basis.

Resource limits – Each user is assigned a profile that specifies

limitations on several system resources available to the user

Auditing – aid in the investigation of suspicious database use.

Oracle Security Mechanism


Oracle Security Features


A view is the dynamic result of one or more relational

operations operating on the base relations to produce

another relation.

Views hide irrelevant attributes and/or rows from

those users who don’t need to know them.

A user can be granted privilege to use a view that is

generated from several base tables but not privilege to

use the base tables.

Views (Subschemas)


The process of periodically taking a copy of the database and log

file (and possibly programs) onto offline storage media.

A DBMS should provide logging facilities referred to as

journaling, which keep track of the current state of transactions

and database changes, to provide support for recovery

procedures.

A DBMS should provide a checkpoint facility, which enables

updates to the database which are in progress to be made

permanent. When a checkpoint is taken, the DBMS ensures that

all the data in main memory is written out to disk and a special

checkpoint record is written to the journal.

Backup


A backup is a copy of data. You can make physical backups using either the Oracle8i

Recovery Manager utility

(http://technet.oracle.com/doc/oracle8i_816/server.816/a76990/toc.htm) or operating

system utilities

(http://technet.oracle.com/doc/oracle8i_816/server.816/a76993/osbackup.htm#7605).

A physical backup is a copy of a datafile, tablespace, or database made at a specific

time.

Backup in Oracle


Whole Database Backup Options


Online Redo Log File Use in ARCHIVELOG Mode


You can only restore the database to the point of the most recent

full database backup.

You can only perform an operating system backup of the

database when it is shut down cleanly.

You can only restore a whole database backup and then open the

database when the backup was taken while the database was

closed cleanly.

You cannot perform online tablespace backups.

You cannot take use the online tablespace backup previously

taken while the database operates in the ARCHIVELOG mode.

NONARCHIVELOG Mode


Tablespace Backups in NOARCHIVELOG Mode


To restore a physical backup is to reconstruct it and make it

available to the Oracle database server.

To recover a restored datafile is to update it using redo records,

that is, records of changes made to the database after the backup

was taken.

Oracle performs crash recovery and instance recovery

automatically after an instance failure. Instance recovery is an

automatic procedure that involves two distinct operations: rolling

forward the backup to a more current time by applying online

redo records and rolling back all changes made in uncommitted

transactions to their original state.

Media recovery requires you to issue recovery commands.

Recovery in Oracle


Restoring and Recovering a Database


Static Data Dictionary Views - change only when a change is

made to the data dictionary, for example, when a new table is

created or a user is granted new privileges. (http://technet.oracle.com/doc/oracle8i_816/server.816/a76961/ch2.htm)

Oracle contains a set of underlying views that are maintained by

the server and accessible to the database administrator user SYS.

These views are called dynamic performance views because they

are continuously updated while a database is open and in use, and

their contents relate primarily to performance. (http://technet.oracle.com/doc/oracle8i_816/server.816/a76961/ch3.htm)

Information for DBA

security

Documents

oracle database

database users

database security

database applications

database changes

database table

database links

database administratordba