Oracle Database Security Policy Analysis (III)
Oracle Database Security Policy Analysis (III)
The ORACLE tutorial is: Oracle Database Security Policy Analysis (3 ).
Data security policy:
Data Generation considerations should be based on the importance of data. If data is not important, the data security policy can be relaxed. However, if data is very important, you should have a careful security policy to use it to maintain effective control over access to data objects.
User Security Policy:
(1) security of general users
A password security
If the user confirms the identity of the user through the database, we recommend that you use password encryption to connect to the database.
The method for setting this method is as follows:
In the oracle. ini file of the client, set
The number of ora_encrypt_login is true;
In the initORACLE_SID.ora file on the server side, set
The dbling_encypt_login parameter is true.
B permission management
For databases with many users and rich applications and data objects, the "role" mechanism should be used to effectively manage permissions. For complex system environments, roles can greatly simplify permission management.
(2) Terminal User Security
You must develop security policies for end users. For example, for a large-scale database with many users, the security manager can determine the user group category, create user roles for these user groups, and grant the required permissions and application roles to each user role, and assign corresponding user roles to users. When handling special application requirements, security managers must also explicitly grant specific permission requirements to users. You can use the role to manage the permissions of end users.