Directory
+ 1. Overview of database Security control policies
+ 2. User Management
+ 3. Resource Restriction and password management
+ 4. Rights Management
+ 5. Role Management
+ 6. Audit
1. Overview of database Security control policies
Security is an important metric for evaluating a database, and the Oracle database takes a security control policy from 3 levels:
- System security. At the system level, control the access and usage mechanism of the database, including the valid user name and password, whether the database can be connected, what system operations the user can perform, etc.
- Data security. Control the access and use mechanisms of the database at the database schema object level. To operate a schema object, the user must have permission to operate;
- Network security. Oracle guarantees network transport security for the database by distributing wallet, digital certificates, SSL Secure sockets, and data keys.
The security of a database can be managed in a few ways:
- User account Management
- User identity authentication Mode management. Oracle provides multiple levels of database user authentication, including system, database, and network 3 types of identity authentication methods
- Permissions and role management. Restrict user access and operations to a database by managing permissions and Roles
- Data encryption management. Secure network transmission with data encryption
- Table space settings and quotas. By setting the user's storage table space, temporary tablespace, and quotas that users use on the tablespace, you can effectively control the user's use of the database storage space
- User resource limits. Profile settings allow you to limit the user's use of database resources
- Database audits. Monitor and record activities in the database, including auditing all SQL statements, auditing SQL permissions, auditing mode objects, and auditing network activities.
The following is a one by one discussion of database security management methods.
2. User Management
The user is the consumer and manager of the database, and Oracle controls user access to the database by setting user and security attributes. Oracle's users are divided into two categories: a system-predefined user when the database is created, and a user created by the DBA for the tool application.
2.1 Pre-defined users
Users created at Oracle creation, which we call pre-defined users, are divided into 3 categories depending on the role:
[Oracle] Oracle Database Security Management