DB Security Overview 2 Power Point

Download Report

Transcript DB Security Overview 2 Power Point

Database Security – Part 2
Details of Pfleeger’s overview in Part 1

The protection of the DB against intentional or
unintentional threats using computer-based or noncomputer-based controls.
Authorization

The granting of a right or privilege, which enables a subject to
have legitimate access to a system or a system’s object.

Many “object types”: table, view, application procedure, or any
other object that can be created within the system.

Ownership of objects gives the owner all appropriate privileges
on the objects owned.

The DBMS needs to keep track (in the DD) of
all privileges granted to users, and by whom, in order to
maintain the correct set of privileges

Authentication refers to a mechanism that determines whether a
user is who he or she claims to be.
Type of Oracle Users

Security officer –enrolls users, controls and monitors user access
to the database, and maintains system security.

Application developer – designs and implements database
applications.

Application administrator – responsible for the administration
needs of a particular application.

Database users – interact with the database via applications or
utilities.

Network administrators – responsible for administering Oracle
networking products, such as Net8 for: web, internet
Database Administrator

A predefined role, named "DBA", is automatically created with
every Oracle database. This role contains all database system
privileges. Therefore, it is very powerful and should be granted
only to competent + trusted DBAs.

Two user accounts are automatically created with the database
and granted the DBA role: SYS – CHANGE_ON_INSTALL and
SYSTEM – MANAGER.

The database administrator usernames need a more secure
authentication scheme.

Network administrators – responsible for administering Oracle
networking products, such as Net8.
Database Administrator Authentication Methods
Logical Database Structure

Tablespaces – logical storage units that group related logical
structures together.

Schema objects – the logical structures that directly refer to the
database's data such as tables, views, sequences, stored
procedures, synonyms, indexes, clusters, and database links.

Extent –a specific number of contiguous data blocks, obtained in
a single allocation from OS, and used to store a specific type
of information.

Segment –a set of extents allocated for a physical object
Segment data is Oracle-specific binary format, not OS format
Databases, Tablespaces, and Datafiles
Datafiles and Tablespaces
The
Relationships
Among
Segments,
Extents, and
Data Blocks
Physical Database Structure

Data files – Every Oracle database has one or more physical
datafiles. One or more datafiles form a logical unit of database
storage called a tablespace.

Redo log files – Every Oracle database has a set of two or more
redo log files. The set of redo log files for a database is
collectively known as the database's redo log.

Control files – Every Oracle database has a control file. A control
file contains entries that specify the physical structure of the
database such as database name, names and locations of the
data files and redo log files, time stamp of database creation, etc.
Used by Oracle at DB instance creation, to control the layout
of elements in this instance
Oracle Security Mechanism

Database user and schema – each user has a “security domain”
that determines the privileges and roles, the tablespace quota,
and the system resource limits for the user.

Privilege – a right to execute a particular type of SQL statement.

Roles – named groups of related privileges that are granted to:
- users or
- other roles

Storage settings and quotas – Oracle provides means for
directing and limiting the use of disk space allocated to the
database on a per user basis.

Resource limits – Each user is assigned a profile that specifies
limitations on several system resources available to the user
Oracle Security Features
Views (Subschemas)

A view SELECT query result =
the dynamic result of one or more relational
operations operating on the base relations to
produce another relation

Views hide irrelevant attributes and/or rows from
those users who don’t need to know them.

A user can be granted privilege to use a view that is
generated from several base tables but not privilege to
access the base tables.
Backup

The process of periodically taking a copy of the database and log
file (and possibly programs) onto offline storage media.

A DBMS should provide logging facilities referred to as
journaling, which keep track of the current state of transactions
and database changes, to provide support for recovery
procedures.

A DBMS should provide a checkpoint facility, which enables
updates to the database which are in progress to be made
permanent. When a checkpoint is taken, the DBMS ensures that
all the data in main memory is written out to disk and a special
checkpoint record is written to the journal.
Backup in Oracle
 A backup is a copy of data. You can make physical backups using either the
Oracle8i Recovery Manager utility
(http://technet.oracle.com/doc/oracle8i_816/server.816/a76990/toc.htm) or
operating system utilities
(http://technet.oracle.com/doc/oracle8i_816/server.816/a76993/osbackup.htm
#7605).
 A physical backup is a copy of a data file, tablespace, or database made at a
specific time.
Online Redo Log File
Use in ARCHIVELOG
Mode
NONARCHIVELOG Mode
Some operational Rules/Restrictions for this DB mode

You can only restore the database to the point of the most recent
full database backup.

You can only perform an operating system backup of the
database when it is shut down cleanly.

You can only restore a whole database backup and then open the
database when the backup was taken while the database was
closed cleanly.

You cannot perform online tablespace backups.
Tablespace Backups in NOARCHIVELOG Mode
Recovery in Oracle

To restore a physical backup is to reconstruct it and make it
available to the Oracle database server.

To recover a restored datafile is to update it using redo records,
that is, records of changes made to the database after the backup
was taken.

Oracle performs crash recovery and instance recovery
automatically after an instance failure. Instance recovery is an
automatic procedure that involves two distinct operations: rolling
forward the backup to a more current time by applying online
redo records and rolling back all changes made in uncommitted
transactions to their original state.

Media recovery requires you to issue recovery commands.
Restoring and Recovering a Database
Information for DBA

Static Data Dictionary Views - Change only when a change is made to
the DD, for example, when a new table is created or a user is granted
new privileges.
(http://technet.oracle.com/doc/oracle8i_816/server.816/a76961/ch2.htm)

Oracle contains a set of underlying views that are maintained by the
server and accessible to the database administrator user SYS. These
views are called dynamic performance views because they are
continuously updated while a database is open and in use, and their
contents relate primarily to performance.
(http://technet.oracle.com/doc/oracle8i_816/server.816/a76961/ch3.htm)