Oracle Database Management

I. Oracle's (Resource limit) profile

to control the use of system resources , resources can be used to limit profiles. Resource restriction profiles are an important part of Oracle's security policy, and resource restriction profiles allow you to base resource restrictions on database users and manage passwords for users.
1. Use resource limit profiles to limit the use of the following resources

• CPU time per session or per statement (in 1%-second meter)
• Concurrent database sessions per user
• Maximum link events and idle time per session (in minutes)
• The maximum server memory that can be used by a multithreaded server session.

2. Use resource limit profiles to set up each user account that specifies this profile

• Allows the user to enter the number of bad passwords consecutively, after which Oracle will lock the account
• Expiration of password (in days)
• The number of days that a user is allowed to use an expired password, after which Oracle will lock the account
• Whether to check the complexity of an account password to prevent the account from using a clear password

3. Each Oracle database has a default resource profile named Default.

When you create a new database user and do not assign a specific profile to the user, Oracle automatically assigns the user the DEFAULT profile for the database. By default, all resource limits for the database default profile are set to unlimited.

Second, the mode:

• Schema: A logical concept of organizing related database objects, regardless of the physical storage of database objects. a schema can belong to only one database user, and the schema name is the same as the user's name.
• Each user of the Oracle database has a unique pattern. By default, all schema objects created by the user are saved in their own mode. The relationship between schema and user account one by one in Oracle database
• If you want to refer to an object in another pattern from one schema, you can use dot notation. object names in different schemas can be duplicated.

　　User Wanyne to access the EMP table of the Scott user, scott.emp

Three, schema objects and non-modal objects

• An object that can be contained in a pattern is called a pattern object.
• There are many types of objects in the Oracle database, but not all objects can be organized in the schema. Objects that can be organized in a pattern are: tables, indexes, triggers , and so on.
• There are some database objects that are not part of any schema, called Non-modal objects. such as: table space, user accounts, roles, profiles and so on.

Iv. default table space for users

• A tablespace is a logical storage device for a database that organizes database information into physical storage space.
• The tablespace consists of a data file. the user's various schema objects (such as tables, indexes, procedures, triggers, etc.) are placed in a tablespace .
• For each database user, you can set a default tablespace. When a user creates a new database object, such as a table, and does not explicitly specify a tablespace for this object, Oracle stores the new database object that is created in the user's default tablespace.
• If you do not specify a default tablespace for the user, the user's default tablespace is the users table space.

V. Temporary table space for users

• Generally, SQL statements require a scratch workspace when completing a task. For example, a query that connects and sorts a large number of queries requires a temporary workspace to hold the results. Unless otherwise specified, the user's temporary tablespace is typically the temp table space.
• If the temp table space is not created in the database, the user's temporary tablespace is the SYSTEM table space.
• Because the system tablespace is the internal system table and view----data dictionary that is used to hold database information (the database itself), the source code of all PL/SQL programs----including functions, triggers, and so on). If users use this tablespace to store their own data, it will affect the system's Execution efficiency . Therefore, it is generally not recommended that users use the SYSTEM table space

VI. Rights Management

• After creating a user for an Oracle database system, these users can neither connect to the database server nor do anything unless they have permission to perform specific database operations.
• There are two types of database access rights in Oracle:

1, system permissions : A powerful permission, he provides users with the ability to perform one or a type of database operations.
2. Object Permissions : Controls whether a user can perform a specific type of operation on a particular database object, such as a table, view, or stored procedure.

①, common system permissions

②, using System permissions

• The user must have create session permission to connect to the database.
• If the user has the Create any procedure system permission, they can create, modify, delete, or execute any stored procedures, packages, and functions
• If the user has the Create any table system permission, they can create, modify, delete, or query any table in their own mode
• Developers typically need create TABLE, create view, and create type system permissions.

③, Common object permissions

Vii. Use ofroleFor Rights Management

• Database applications require a lot of system permissions and object permissions. In order to make "security management" a relatively easy job, you can take advantage of the role
• Role: A collection of system permissions and object permissions. You can grant a role to a user, and the user who is granted the role automatically has the permissions that the role has. If you modify the permissions that the role has, the permissions of the user who is granted the role are automatically modified as well.

Oracle Database Management