Oracle Database Security Policy

With the popularization and improvement of computer network application, Oracle database application in every field is changing rapidly, its performance is excellent, the operation is flexible and convenient, and it is one of the widely favored in the database system at present. However, with the deepening of the application and the increasing of data information, the security of the database has been mentioned on a very important agenda, which is a very concerned problem in the daily work of database administrators. Due to the computer hardware and software failure, the database system can not function properly, resulting in a large number of data loss, and even the database system crashes. To this end, the author around how to ensure that the Oracle database has high security, so that the database system in a stable and secure state, to talk about some understanding.

　　Management of user Roles

This is one of the important means to protect the security of database system. By establishing different user groups and user password authentication, it can effectively prevent illegal Oracle users from entering the database system, causing unnecessary trouble and damage, and in Oracle database, can restrict the operation of Oracle user by authorization. That allows some users to access the Oracle server, which means that the entire database has read and write rights, while most users can only read or write in the same group or have only the right to reading the entire database. In this context, special emphasis is placed on the confidentiality management of SYS and system two special accounts.

To protect the security of your Oracle server, you should ensure that all content under the $oracle_home/bin directory is owned by Oracle users.

To enhance the security of the database in the network, for remote users, you should use encryption to access the database through a password, to strengthen the DBA authority control on the network, such as denying remote DBA access.

　　Data protection

The data protection of the database is mainly the backup of the database, when the hardware and software of the computer fails, the database recovers with the backup to recover the damaged database files or control files or other files.

Another type of data protection is logs, and Oracle DB instances provide logs that record the various operations performed in the database, including modifications, tuning parameters, and the creation of a complete record of all jobs within the database.

Another is a backup of the control file, which is typically used to store the state of the database's physical structure, and some state information in the control file is used to boot the Oracle database during instance recovery and media recovery.

　Oracle Database Backup

In daily work, the database backup is a task that the database administrator must continue to do, and the Oracle 7 database is backed up in the following ways:

1. Logical Backup

A logical backup is one that reads and writes a record of a database to a file, which is often used as a backup method.

Export: This command can back up a data file, a user's data file, or the entire database.

Import: This command reads the dump file created by export into the database system, or it can be done by a data file, a user, or an entire database.

2. Physical Backup

Physical backups are also a backup method that database administrators often use. It can copy all the contents of an Oracle database, in many ways, with offline backup and online backup, each of which has its own strengths and should be chosen in practice based on the situation and the State in which it is located.

Offline backup

The operation is to backup the Oracle database after the Oracle database shuts down properly, including: All user's database files and tables, all control files, all log files, database initialization files, etc. You can take different backup methods, such as using the tape Dump command (TAR) to dump all files to tape, or copy all files as-is (COPY,RCP) to another backup disk or to another host's disk.

Online backup

This backup approach is also effective in that it can dump online log dumps and establish a detailed and accurate complete record of all processes and jobs within the Oracle database.

Another benefit of physical backups is that the Oracle database management system can be completely dumped and, in the event of a failure, easily and promptly restored to reduce the hassle of the database administrator reinstalling Oracle.

　　Recovery of database system

With the above several methods of backup, even if the computer fails, such as media corruption, software system anomalies and other situations, do not panic, can be backed up to varying degrees of recovery, so that the Oracle database system to restore to normal state as soon as possible.

1. Data file corruption

This can be done with a recent backup of the database files to restore the corresponding files in the backup to the original location and reload the database.

2. Control file corruption

If the control file in the database system is corrupted, the database system will not function properly, then only the database system should be shut down, then the corresponding control file will be restored to the original location from the backup, and the database system should be restarted.

3. entire file system corruption

In large operating systems, such as UNIX, due to unreliable or corrupt media on disk or disk arrays, this can cause the entire Oracle database system to crash:

Re-initialize the disk or disk array to remove invalid or unreliable bad blocks.

Re-create the file system.

Use Backup to restore the database system in its entirety.

Start the database system.

This article is from the "Big Meatball" blog, please make sure to keep this source http://12478147.blog.51cto.com/9663367/1586294

Oracle Database Security Policy