Introduction to access control in Oracle

Oracle uses a variety of different mechanisms to manage database security, including two mechanisms: mode and user. The mode is a set of mode objects, such as tables, views, processes, and packages. The first database has a set of modes.

Each Oracle database has a combination of users who can access a database, run a database application, and use the user to connect to a database that defines the user. When you create a database user, create a mode for the user. The mode name is the same as the user name. Once a user connects to a database, the user can access all objects in the corresponding mode. A user is only associated with the mode with the same name, so the user and the mode are similar.

The user's access right is controlled by the user's security domain settings. When a new user creates a database or changes an existing user, the security administrator makes the following decisions on the user's security domain:

Whether the user authorization information is maintained by the database system or the operating system.

Set the user's default tablespace and temporary tablespace.

Lists user-selectable tablespaces and available space shares in tablespaces.

Sets the environment file for user resource restrictions, which specifies the total amount of system resources available to users.

Specifies the user's privileges and roles to access the corresponding objects.

Each user has a security domain, which is a set of features and can decide the following:

Available privileges and roles of users;

The user's available table space shares;

User system resource restrictions.

(1) user identification:

To prevent unauthorized database users from using them, ORACLE provides two methods for confirmation.

Confirm the operating system and the corresponding ORACLE database.

If the operating system permits, ORACLE can use the information maintained by the operating system to authenticate users. The advantages of operating system user identification are:

You can connect to ORACLE more easily without specifying the user name and password.

User authorization is controlled in the operating system. ORACLE does not need to store or manage user passwords. However, the user name must be maintained in the database.

Username and operating system in the database

1 2 Next Page