1 / 30

To Presentation on SECURITY By Office of the A.G. (A&E) Punjab, Chandigarh

Welcome. To Presentation on SECURITY By Office of the A.G. (A&E) Punjab, Chandigarh. Security features in Oracle and its implementation in existing application. Security features in ORACLE. Different levels of security in Oracle Account security for validation of users

linh
Download Presentation

To Presentation on SECURITY By Office of the A.G. (A&E) Punjab, Chandigarh

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Welcome ToPresentationonSECURITY By Office of the A.G. (A&E) Punjab, Chandigarh

  2. Security features in Oracleand its implementation in existing application

  3. Security features in ORACLE

  4. Different levels of security in Oracle • Account security for validation of users • Access security for database objects • System-level security for managing global privileges.

  5. Users & Security Security Domain Default Tablespace & Temporary Table Space Tablespace Quota Resource Limit Direct Privileges Role Privileges Account Locking

  6. Creating New Users • Authentication with user name • Decide quotas for each Tablespece • Default Tablespace and Temporary Tablespace • Grant privileges and roles to the user • Use Profile to place limits on database resources available to users • Use a standard password initially • Use the Expire keyword to force user to reset their password • Restrict quotas to few users – use Quota Unlimited with caution • Educate users

  7. Tools for DBA to monitor users • DBA_TS_QUOTAS • USERNAME • TABLESPACE_NAME • BYTES • MAX_BYTES • BLOCKS • MAX_BLOCKS • DBA_USERS • USERNAME • USER_ID • CREATED • ACCOUNT_STATUS • LOCK_DATE • EXPIRY_DATE • DEFAULT_TABLESPACE • TEMPORARY_TABLESPACE

  8. Privileges for Oracle Users Two types of privileges: System: Enable users to perform particular action in the database Object: Enable users to access and manipulate a specific object

  9. System Privileges There are about 126 System Privileges ANY keyword in the privileges signifies that users have the privilege in every schema. CREATE ANY TABLE DROP ANY TABLE UPDATE ANY TABLE CREATE ANY INDEX Contd….

  10. System Privileges GRANT command adds a privilege to user or a group of users grant CREATE SESSION, CREATE TABLE to SCOTT; grant CREATE SESSION to JANE WITH ADMIN option; Contd….

  11. System Privileges REVOKE command deletes the privileges from users/group of users revoke CREATE TABLE from SCOTT; revoke CREATE SESSION from JANE;

  12. Tools to monitor System Privileges Database DBA_SYS_PRIVS - GRANTEE - PRIVILEGE - ADMIN OPTION Session SESSION_PRIVS - PRIVILEGE

  13. Object Privileges Object Privileges can be granted/revoked on different objects like Tables, View, Sequence, Procedure etc. and are : ALTER INSERT DELETE SELECT EXECUTE REFERENCES INDEX UPDATE Contd…

  14. Object Privileges GRANT command adds a privilege to user or a group of users grant EXECUTE on EMPLOYEE to SCOTT; grant UPDATE (first_name, salary) on EMPLOYEE to SCOTT with grant option; Contd….

  15. Object Privileges REVOKE command deletes the privileges from users/group of users revoke delete on EMPLOYEE from SCOTT; revoke all on EMPLOYEE from JANE;

  16. Tools to monitor Object Privileges DBA_TAB_PRIVS GRANTEE OWNER TABLE_NAME GRANTOR PRIVILEGE GRANTABLE DBA_COL_PRIVS GRANTEE OWNER TABLE_NAME COLOUMN_NAME GRANTOR PRIVILEGE GRANTABLE

  17. AGVLC THE EXISTING APPLICATION

  18. Features of Security Module of VLC Package developed by NIIT Security module has 10 different options which are as follows: Set AGVLC Password Map User/Section Change AGVLC Role password Map Module/Function Application User Map Role/Module Role Status Map Role/User AG dealing Section Map Function

  19. Set AGVLC Password

  20. Change AGVLC Role password

  21. Application user

  22. Role Status

  23. AG Dealing Section

  24. Map User/Section

  25. Map Module/Function

  26. Map Role/Module

  27. Map Role/User

  28. Map Function

  29. VLC APPLICATION ADDITIONAL SECURITY User Profiles SESSION_PER_USER IDLE_TIME FAILED_LOGIN_ATTEMPTS PASSWORD_LIFE_TIME PASSWORD_LOCK_TIME PASSWORD_GRACE_TIME

  30. Thanks

More Related