book

Oracle Security

by William Heney, Marlene Theriault

October 1998

Intermediate to advanced

456 pages

12h 42m

English

O'Reilly Media, Inc.

Read now

Unlock full access

Oracle Security
Dedication
Preface
What This Book IsPart IPart IIPart III
What This Book Is Not
Audience for This Book
Conventions Used in This Book
Platforms and Versions of Oracle
Comments and Questions
Acknowledgments
From Both of UsFrom Marlene TheriaultFrom William Heney
I. Security in an oracle System

1. Oracle and Security
What’s It All About?Potential ThreatsWhat’s the Harm?
The Oracle Security Model
Layers of SecurityThe Physical EntitiesThe Oracle system filesThe detached processes and the SGAThe Logical EntitiesThe Oracle Data DictionaryOracle from the OutsideOracle from the InsideConnecting to the DatabaseBackup and RecoveryMore Complex ApproachesWeb Sites
Procedures, Policies, and Plans
Security Policies and Security PlanAuditing Plan and ProceduresA Problem with Auditing—and a SolutionBackup and Recovery Plan and Procedures
If I Had a Hammer...
What’s “Free”?What Isn’t Free?
2. Oracle System Files
What’s in the Files?
The Instance and the Database: Starting an Oracle Database
Types of Database Files
Tablespace and Tablespace DatafilesTablespace namesCreating a tablespaceCreating a table within a tablespaceCreating an index for a table in a tablespaceFile placement and namingTablespace securityRedo Log FilesLog switchesHow redo log files are createdUsing redo log groupsMAXDATAFILES parameterControl FileModifying control filesA sample control fileHow Oracle uses control filesInitialization FileOracle’s sample initialization fileEvolution of an initialization fileConfiguration FileContents of the configuration file
3. Oracle Database Objects
The User Interface: User Versus SchemaThe Schema ConceptAbout Quotas
Objects
Tables
Table ParametersWhat Happens When a Table Is CreatedAs the Table GrowsTable Ownership
Table Triggers
About Creating a TriggerHow the Trigger WorksNaming TriggersWhat Cannot Be Trapped by a Trigger
Views
Using ViewsUsing Views for SecurityA Caution About Using ViewsUpdating Views
Stored Programs
Executing a Procedure or FunctionWhy Use Packages?Using the PL/SQL WrapperProcedure Ownership and PrivilegesPrivileges, Procedures, and Roles
Synonyms
How Synonyms Are UsedWhy Synonyms Are Used
Privileges
About System and Object PrivilegesSystem privilegesObject privileges
Roles
Determining Privileges Granted to a UserDetermining Privileges Granted to a RoleEstablishing Classes of UsersOracle-Supplied Roles
Profiles
4. The Oracle Data Dictionary
Creating and Maintaining the Data Dictionary
The Data Dictionary Views
The DICTIONARY ViewAbout Row-Level SecurityExamining the code for the first queryExamining the code for the second and third queriesAbout CATALOG.SQLApplying the Concepts
About SQL.BSQ
SQL.BSQ and CATALOG.SQL LocationsHow SQL.BSQ Is UsedUser and Role NamesSQL.BSQ and Database CreationInside SQL.BSQ
Views Used for Security
Tables Used to Build the ViewsViews and AuditingA Closer Look at the Views for Security
The Composition of the Views
The DBA_PROFILES ViewThe DBA_ROLE_PRIVS ViewThe DBA_ROLES ViewThe DBA_SYS_PRIVS ViewThe DBA_TAB_PRIVS ViewThe object grantsAbout the outputThe DBA_USERS ViewThe ROLE_ROLE_PRIVS ViewThe ROLE_SYS_PRIVS ViewThe ROLE_TAB_PRIVS View
5. Oracle Default Roles and User Accounts
About the Defaults
The CONNECT Role
System Privileges for the CONNECT RoleProblems with the CONNECT RoleThe situation begins to compoundGetting further into troubleThe plot thickensName of the role
The RESOURCE Role
System Privileges for the RESOURCE RoleProblems with the RESOURCE RoleThe Oracle-supplied roles can be moving targetsUNLIMITED TABLESPACE accessAbout the CREATE TRIGGER privilege
The DBA Role
System Privileges for the DBA RoleWho Gets the DBA Role?
The SYSDBA and SYSOPER Roles
Remote Database AdministrationSystem Privileges for the SYSDBA and SYSOPER RolesAbout OSOPER and SYSOPERAbout OSDBA and SYSDBAAbout CONNECT INTERNAL
Using the Default Roles
Creating Roles with Meaningful NamesAdvantages of Customized Roles
Default User Accounts
Default Users and Their RolesScott and his tigerDemo, dbsnmp, and po8Example queriesWhen to allow default usersChecking on users and accessGrants to “public”
Segmenting Authority in the Database
6. Profiles, Passwords, and Synonyms
ProfilesProduct ProfilesPRODUCT_PROFILE and USER_PROFILE tablesDisabling SQL privilegesUsing PRODUCT_PROFILE to enforce securitySystem Resource ProfilesThe DEFAULT profileImposing limits on a user
Passwords
Password Composition and ComplexityBasic rulesWriting your own functionPassword Aging and ExpirationThe Password Life CycleAccount LockingPassword Enhancements in the Data Dictionary ViewsPasswords and Data EncryptionPassword Scripts and CommandsSwapping passwordsThe Oracle8 PASSWORD command
Synonyms
About Public and Private SynonymsExamples Using Public and Private SynonymsHiding the tables and ownerUsing private synonyms and path namesUsing public synonyms without user grantsUsing no synonyms/user grants and private synonyms with no grants
II. Implementing Security
7. Developing a Database Security Plan
About the Security Policy and Security PlanManagement ConsiderationsWho’s on the team?Establishing overall requirementsOperating System Security MechanismsIdentifying Key Components
Types of Accounts
Administrator AccountsSecurity ManagerApplication ManagerNetwork ManagerApplication Schema (User) AccountsGeneral User Accounts
Standards for Accounts
Possible Account RequestsContents of the FormWays to Create an Account
Standards for Usernames
Advantages and DisadvantagesSuggested Username Standards
Standards for Passwords
Password DecisionsChanging Passwords
Standards for Roles
Oracle-Supplied RolesGranting Access to the Database
Standards for Views
Standards for the Oracle Security Server
Standards for Employees
Employee ProceduresPre-employment trackingNew hiresChanging positionsThe disgruntled employeeWhen an Employee LeavesTermination typesWhen an employee gives noticeThe curious employeeUser Tracking
Sample Security Plan Index
Sample Security Plan Checklist
8. Installing and Starting Oracle
Segmenting Application ProcessingDirect Connection to a Database ServerClient/Server (Two-Tier) ArchitectureThin Client (Three-Tier) Architecture
Installing Oracle Securely
Security and the Operating SystemOracle and Operating System AuthenticationThe OSDBA and OSOPER rolesFrom the operating systemOSOPEROSDBAOperating System AccountsUsing CONNECT INTERNAL and CONNECT /
Connecting to the Database Without a Password
OPS$ AccountsIdentified externally accountsOS_AUTHENT_PREFIX and OPS$OPS$ in version 7Another approachTwo problems with REMOTE_OS_AUTHENTThe ORAPWD UtilitySteps to setting up the password file
Installing and Configuring SQL*Net
Required FilesInstallation is easyAbout the Names ServerThe listener and passwords
Setting Up Initialization Parameters for Security
Viewing the Parameters
9. Developing a Simple Security Application
The Application OverviewAbout Enterprise TablesEnterprise Tables Used by the Credit Card System
Preparing the Role-Object Matrix
Review the Security PlanRole-Object Access MatrixNaming Conventions
Views
View SyntaxCreating the ViewsThe APPROVERS_V viewThe CARD_HOLDER_V view
Roles
Grants
Grant the Roles to the UsersLimitation of Grants and Roles
Application Control of Access
Startup ControlApplication Row Access ControlUsing Password-Protected RolesCreate the APP_ROLES tableCreate the security userCreate the PL/SQL program that sets rolesImplementation logicExecution
10. Developing an Audit Plan
Why Audit?Auditing to Confirm SuspicionsAuditing to Analyze Performance
Where to Audit
About the SYS.AUD$ TableA ProblemDefault Auditing Privileges
How Auditing Works
The Auditing ViewsThe DBA as a ClairvoyantAvailable Audit ActionsAuditing OptionsFrom the DICTIONARY ViewViews Related to SYS.AUD$What’s stored in SYS.AUD$?Creating a summary tableEliminating the Audit Views
Auditing and Performance
Default Auditing
Auditing During Database StartupAuditing During Database ShutdownAuditing During Database Connection with PrivilegesAuditing During Database Structure Modification
Types of Auditing
Statement-Level AuditingEnabling and viewing statement-level auditingConnect and disconnect auditingPrivilege AuditingEnabling audit by privilegesObject-Level AuditingEnabling audit by objectCapturing “before” dataCapturing “after” dataAuditing Shortcuts
Purging Audit Information
Removing All the Data from SYS.AUD$Removing Selected Data from SYS.AUD$
11. Developing a Sample Audit Application
About the Audit Trail ApplicationA Few LimitationsTracking InsertsThe First Sequence Creation Script (SEQ-RID)The First Trigger Creation Script (Before-Insert)Tracking Updates and DeletionsThe Three Table Creation ScriptsThe AUDIT_ROW tableThe AUDIT_COLUMN tableThe AUDIT_DELETE tableThe Second Sequence Creation Script (SEQ_AUDIT)The Second Trigger Creation Script (After-Update)The Third Trigger Creation Script (After-Delete)The Package and Procedure Creation Scripts
About Performance and Storage
Storage SuggestionsPerformance Suggestions
Using the Audit Data in Reports
The Audit Trail Data DisplayThe AUDIT_ROW Table Report
SQL Scripts to Generate Scripts
Generating a Before-Insert Trigger ScriptGenerating an After-Update Trigger ScriptGenerating an After-Delete Trigger Script
12. Backing Up and Recovering the Database
What Are the Backup Options?About Archivelog ModeCold Database BackupsHot Database BackupsLogical Database Backups (Exports)Enterprise Backup Utility
What’s New for Oracle8?
The Oracle8 Recovery ManagerThe Recovery CatalogBackups Supported by Recovery ManagerTypes of datafile backupsUsing backup levels
What Are the Recovery Options?
Online RecoveryOffline Recovery
13. Using the Oracle Enterprise Manager
What Is the OEM?The OEM ComponentsThe DBA ToolkitSpecifying the Database RepositoryA Potential Security ProblemRunning the Oracle Enterprise Manager
The DBA Toolkit and Security
The Oracle Backup ManagerThe Oracle Data ManagerThe Oracle Instance ManagerThe Oracle Replication ManagerThe Oracle Schema ManagerThe Oracle Security MangerThe Oracle SQL WorksheetThe Oracle Storage ManagerThe Oracle Software Manager
OEM and the Job Scheduler
Back Up Tablespaces, Export, Import, and Load DataRun SQL Scripts and SQL*PlusStart Up and Shut Down Your DatabaseBroadcast MessagesRun OS Commands and Tcl CommandsDeinstall, Delete, Distribute, and Install Products
OEM and the Event Management System
Fault Management eventsSpace Management eventsResource Management eventsPerformance Management events
14. Maintaining User Accounts
Application Design Requirements
Running the Application
Initial DisplaySelecting or Creating a UserAssigning RolesCreating a New RoleAdding System Privileges to RolesReserving the Security of the Security Maintenance FormHow Does the Code Work?About the mg_usr packageAbout the mg_usr package bodyCreate user button code
Documenting the User State
A Sample Script
III. Enhanced Oracle Security
15. Using the Oracle Security Server
About CryptographyA Simple CodeAlgorithms, Plaintext, and Ciphertext
Ways to Authenticate Users
Private KeysThe problem with private keysPublic KeysPrivate keys, public keys, and authenticationAdvantages of a public key systemDigital SignaturesCertificates of AuthorityCertificate formatPeriod of validity and revocationDistinguished names
What’s in the OSS?
The OSS ArchitectureThe OSS RepositoryThe OSS ManagerThe OSS Authentication AdapterProtocols and AlgorithmsGlobal users and global roles with OSSCreating a global user and global role
Configuring and Using the OSS
Creating and Deleting the OSS RepositoryA Known ProblemSecuring the OSS RepositoryCreating the OSS certificate authorityCreating the repository identityCreating other identitiesDefining a serverDefining a Server AuthorizationDefining an Enterprise AuthorizationCreating/downloading a walletMore about ossloginRevoking and restoring credentialsRemoving an identityRemoving the Oracle Security Server Repository
16. Using the Internet and the Web
Web BasicsAbout NetworkingLANs and WANsMoving data around a networkInternet and intranet terminologyThe Java language and security
Evaluating Web Assets and Risks
Viruses = disaster!It was here just a minute ago...Loss of competitive edgeWhere did the time go?Breach of privacy
Protecting a Web Site
CookiesCapturing an IP addressA dual approachFirewallsFirewalls to protect privacySQL*Net and firewallsOracle Security ServerControlling Access from the Operating SystemUsing a password fileAccess by IP address or hostAccess by group
Getting Users Involved
Educating UsersEnforcing PoliciesCommunicating with Other Sites
17. Using Extra-Cost Options
Trusted OracleHow Trusted Oracle WorksAccessing a Trusted Oracle DatabaseCertifications
Advanced Networking Option
About Sniffers and SnoopersHow ANO Works
Oracle Application Server
Constant-State Versus Stateless ConnectionsRunning a form using the OASRunning a dynamic HTML applicationHow the OAS WorksOAS Security
A. References
Oracle BooksOf General Oracle InterestDatabase AdministrationSystem and Database TuningTools and LanguagesData WarehousingOracle and the Web
Security Books
General Computer Security and RisksComputer VirusesNetwork Administration and SecurityUNIX Administration and SecurityWindows NT Administration and SecurityWeb and Java Security
Oracle Electronic References
Oracle Web SitesOracle CorporationOraWorldOracle User GroupsInternational Oracle User Group - AmericasEuropean Oracle User GroupFar East Oracle User GroupsOracle Usenet Groups
Security Electronic References
Security Web SitesCOASTFIRSTCERT-CCWorld Wide Web ConsortiumWeb securityWindows NT securitySecurity Usenet Groups
Index
Colophon

Content preview from Oracle Security

The RESOURCE Role

The RESOURCE role grants a user the privileges necessary to create procedures, triggers and, in Oracle8, types within the user’s own schema area. Granting a user RESOURCE without CONNECT, while possible, does not allow the user to log in to the database. Therefore, if you really must grant a user RESOURCE, you have to grant CONNECT also — or, at least, CREATE SESSION — so the user can log in.

System Privileges for the RESOURCE Role

The system privileges for the RESOURCE role are shown in Table 5.2.

Table 5-2. RESOURCE Role System Privileges

Privilege
CREATE CLUSTER
CREATE PROCEDURE
CREATE SEQUENCE
CREATE TABLE
CREATE TRIGGER
CREATE TYPE (new in Oracle8)

Problems with the RESOURCE Role

There are several potential problems with the use of the RESOURCE role.

The Oracle-supplied roles can be moving targets

As we mentioned earlier in the section “About the Defaults,” the system privileges of an Oracle-supplied role may change with a new version or upgrade release. For example, the privileges listed in Table 5.2 are from an Oracle8 RESOURCE role. Note that in an Oracle7 database, the CREATE TYPE privilege does not exist. There is another problem that has as much or more impact on your database security, which we examine next.

UNLIMITED TABLESPACE access

Another issue with the RESOURCE role is that the UNLIMITED TABLESPACE system privilege is explicitly granted. This privilege gives the user unlimited quotas on any tablespace in the database. Even if an explicit quota ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Publisher Resources

ISBN: 1565924509Catalog Page Errata

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills

Oracle Security

by William Heney, Marlene Theriault

The RESOURCE Role

System Privileges for the RESOURCE Role

Problems with the RESOURCE Role