Introduction to Db Security

Database security entails allowing or disallowing user actions on the database and the objects within it. Oracle uses schemas and security domains to control access to data and to restrict the use of various database resources.

Oracle provides comprehensive discretionary access control. Discretionary access control regulates all user access to named objects through privileges. A privilege is permission to access a named object in a prescribed manner; for example, permission to query a table. Privileges are granted to users at the discretion of other users.

• Secrecy: Users should not be able to see things they are not supposed to.

• E.g., A student can’t see other students’ grades.

• Integrity: Users should not be able to modify things they are not supposed to.

• E.g., Only instructors can assign grades.

• Availability: Users should be able to see and modify things they are allowed to.

Database Users and Schemas

Each Oracle database has a list of user names. To access a database, a user must use a database application and attempt a connection with a valid user name of the database. Each user name has an associated password to prevent unauthorized use.

Security Domain

Each user has a security domainвЂ"a set of properties that determine such things as:

• The actions (privileges and roles) available to the user

• The tablespace quotas (available disk space) for the user

• The system resource limits (for example, CPU processing time) for the user

Each property that contributes to a user's security domain is discussed in the following sections.

Privileges

A privilege is a right to run a particular type of SQL statement. Some examples of privileges include the right to:

• Connect to the database (create a session)

• Create a table in your schema

• Select rows from someone else's table

• Run someone else's stored procedure

Roles

Oracle provides for easy and controlled privilege management through roles. Roles are named groups of related privileges that you grant to users or other roles.

Storage Settings and Quotas

You can direct and limit the use of disk space allocated to the database for each user, including default and temporary tablespaces and tablespace quotas.

Auditing Policy

Security administrators should define a policy for the auditing procedures of each database. You may decide to have database auditing disabled unless questionable activities are suspected. When auditing is required, decide what level of detail to audit the database; usually, general system auditing is followed by more specific types of auditing after the origins of suspicious activity are determined. Auditing is discussed in the following section.

Overview of Database Auditing

Auditing is the monitoring and recording of selected user database actions. It can be based on individual actions, such as the type of SQL statement run, or on combinations of factors that can include name, application, time, and so on. Security policies can cause auditing when specified elements in an Oracle database are accessed or altered, including content.

Auditing is generally used to:

• Enable future accountability for current actions taken in a particular schema, table, or row, or affecting specific content

• Investigate suspicious activity. For example, if an unauthorized user is deleting data from tables, then the security administrator could audit all connections to the database and all successful and unsuccessful deletions of rows from all tables in the database.

• Monitor and gather data about specific database activities. For example, the database administrator can gather statistics about which tables are being updated, how many logical I/Os are performed, or how many concurrent users connect at peak times.

You can use Enterprise Manager to view and configure audit-related initialization parameters and administer audited objects for statement auditing and schema object auditing. For example, Enterprise Manager shows the properties for current audited statements, privileges, and objects. You can view the properties of each object, and you can search audited objects by their properties. You can also turn on and turn off auditing on objects, statements, and privileges.

Types and Records of Auditing

Oracle allows audit options to be focused or broad. You can audit:

• Successful statement executions, unsuccessful statement executions, or both

• Statement executions once in each user session or once every time the statement is run

• Activities of all users or of a specific user

Oracle auditing enables the use of several different mechanisms, with the following features

Access Controls

• A security policy specifies who is authorized to do what.

• A security mechanism allows us to enforce a chosen security policy.

• Two main mechanisms at the DBMS level:

• Discretionary access control

• Mandatory access control

Discretionary Access Control

• Based on the concept of access rights or privileges for objects (tables and views), and mechanisms for giving users privileges (and revoking privileges).

•