The Oracle tutorials that are being looked at are the facets of Oracle data security.
Oracle Data Security aspectsAuthor: づ★sl Ares with the popularization of computers and the development of the network, the database is no longer just the topic that the programmer is proprietary. and Oracle database is by virtue of its outstanding performance, easy to operate and flexible features, in the database market has occupied a place. But also with the continuous progress of network technology, the increasing data information, data security is no longer the old "long talk", and more than the previous books on those "elusive" rules.
Perhaps a long time ago, it was felt that Oracle database security was not a problem, since Oracle launched its database software last November with the slogan "Only oracle9i can be absolutely safe". But whether it's for promotional purposes or to broaden popularity, in short, in the wake of last December's security expert David Litchfield discovered a bug in 9iAS that caused a buffer overflow vulnerability and later, Pentest Limited and eeye Digital security each raised a small loophole, all the use of Oracle Company products are not the tension of the original loose brain-this for users, after all, related to their own "putting."
The following author will take you into the world of Oracle data security. Due to the author's limited level, so the deficiencies are inevitable, I hope we do not hesitate to enlighten.
(i) some basic knowledge of Oracle Databases
Here's just a few basics for future security, because we're going to use them later. Oh ~!
the components contained in 1.Oracle
In Oracle, the database refers to the entire Oracle RDBMS environment, which includes the following components:
· Oracle database processes and buffers (instances).
· The system tablespace contains a set of systems classes that can be composed of one or more data files.
• Other table spaces defined by the database Administrator (DBA) (optional), each consisting of one or more data files.
• More than two online recovery logs.
• Archive recovery log (optional).
• Other documents (control documents, Init.ora, Config.ora, etc.).
Each Oracle database is run in a central system class and data dictionary, which is located in the system table space.
2. About "Log"
Oracle databases use several structures to protect data: Database fallback, logging, rollback segments, and control files. Here's a general look at "logs" as one of the main structures:
Each Oracle database instance provides a log that records all changes made in the database. Each running Oracle database instance has a corresponding online log that works with the Oracle background process LGWR to immediately record all changes made to the instance. Archive (offline) logging is optional and an Oracle database instance can form an online log archive once the online log fills up. Archived online log files are uniquely identified and merged into an archive log.
• About the online log: each instance of an Oracle database has an associated online log. An online log consists of multiple online log files. Log entries (Redo entry) are filled in on-line log files (online redo log file), and log entries record data to refactor all changes made to the database.
• About archive logs: When Oracle is archiving a filled online log filegroup, an archive log (archived redo log) is created. The following are useful for database backup and recovery:
<1> database backup as well as online and archived log files to ensure that all submissions are recoverable in the operating system and disk failures.
<2> in the database open and normal system use, if the archive log is permanently saved, online backup can be carried out and used.
The database can run in two different ways: Noarchivelog or Archivelog mode. When a database is used in a noarchivelog manner, it is not possible to archive online logs. If the database runs in Archivelog mode, you can implement an online log archive.
3. Physical and logical storage structure
An Oracle RDBMS is made up of tablespaces, and tablespaces are made up of data files. The table space data file is formatted as an internal block unit. The size of the block, which was set by the DBA at the first time Oracle was created, can be changed from 512 to 8,192 bytes. When an object is created in an Oracle tablespace, the user uses a unit called length (initial extent), next length (next extent), Minimum length (min extents), and maximum length (max extents)) to indicate the space size of the object. The size of an oracle length can vary, but contains a chain consisting of at least five contiguous blocks.
(ii) Oracle Data Security Maintenance
Remember a philosopher said: "The change of things is inseparable from internal and external causes." "Then for the topic of Oracle data Security, it is also bound to be divided into the" inside "and" outside "two parts. So well, let's start with "inside":
1. Speaking from the Oracle system itself
Let's put aside the try "hacker" and some other external reasons, first think about our database. What HDD damage, what software damage, what operation things ... A series of system problems caused by our "negligence" can completely leave the data in the database that we have painstakingly built. Well, let's find out why.
"One" solution to the problem of the system itself--database backup and recovery
• Backup of the database:
There are three standard methods for backing up Oracle databases: Export/import (Export/import), cold backup, hot backup. Export backup is a logical backup, and cold and hot backups are physical backups.
<1> Export/import (Export/import)
Export can be used to extract data from the database, the use of import can be extracted from the data returned to the Oracle database.
A. Simple export data (export) and imported data (import)
Oracle supports three types of output:
(1) The table method (t), which exports the data from the specified table.
(2) User mode (U), which will specify all objects and data exported by the user.
(3) Whole library (full mode) to export all objects in the database.
The process of data export (import) is the reverse process of data importing (export), and their data flow is different.
B. Incremental export/Import
Incremental export is a common method of data backup that can only be implemented for the entire database and must be used as a system guide
[1] [2] [3] [4] Next page
The Oracle tutorials that are being looked at are the facets of Oracle data security. Out When making this export, the system does not require any questions to be answered. The export file name defaults to Export.dmp, and if you do not want your output file to be named Export.dmp, you must indicate the file name you want to use on the command line.
An incremental export consists of three types:
(1) "Full" incremental export (Complete)
That is, back up the entire database, for example:
$exp System/manager Inctype=complete file=990702.dmp
(2) "Incremental" incremental export
Backs up data that was changed since the last backup. Like what:
$exp System/manager inctype=incremental file=990702.dmp
(3) "Cumulative" incremental export (cumulative)
The cumulative export method simply exports information that has changed in the database since the last "full" export. Like what:
$exp System/manager inctype=cumulative file=990702.dmp
The database administrator can schedule a backup schedule that is reasonably and efficiently done in three different ways of exporting data. For example, a database backup task can be arranged as follows:
• Monday: Full export (A)
• Tuesday: Incremental export (B)
• Wednesday: Incremental export (C)
• Thursday: Incremental export (D)
• Friday: Cumulative export (E)
• Saturday: Incremental export (F)
• Sunday: Incremental export (G)
If the database is accidentally compromised in Sunday, the database administrator can restore the database by following these steps:
Step one: Use the command create database to regenerate the databases structure;
Step Two: Create a large enough additional back segment.
Step three: Full incremental import a:
$imp system./manager inctype= rectore full=y file=a
Step Fourth: Cumulative incremental import E:
$imp system/manager inctype= rectore full=y FILE =e
Fifth Step: Recent incremental import F:
$imp System/manager Inctype=restore full=y file=f
<2> Cold Backup
Cold backup occurs when the database has been shut down properly and provides us with a complete database when it shuts down properly. Cold backup is a way of copying critical files to a different location. Cold backup is the quickest and safest way to back up Oracle information. The advantages of cold backup are:
• Is a very fast backup method (just copy the file)
• Easy to archive (simple copy)
• Easy to recover to a point in time (just copy the file back)
• Can be combined with the archiving method to make the database "up-to-date status" recovery.
• Low maintenance, high safety.
However, cold backup also has the following disadvantages:
• When used alone, it can only provide recovery at a point in time.
• In the process of implementing a backup, the database must be backed up without any other work. In other words, the database must be closed during a cold backup.
• If disk space is limited, it can only be copied to other external storage devices such as tape, which can be slow.
• Cannot be recovered by table or by user.
If possible (primarily for efficiency), you should back up the information to disk, then start the database (so that the user can work) and copy the backed-up information to tape (while the database can work). Files that must be copied in a cold backup include:
• All data files
• All control files
• All online redo log files
· Init.ora file (optional)
It is worth noting that cold backups must be done in the case of a database shutdown and that performing a database file system backup is not valid when the database is open
Here is a complete example of doing a cold backup:
(1) Close the database $sqldba lmode=y
SQLDBA >connect Internal;
Sqldba >shutdown Normal;
(2) use copy command to back up all time files, redo log files, control files, initialization parameter files
SQLDBA >! CP < file > < backup directory >
(3) Restart Oracle database
$sqldba
prev [1] [2] [3] [4] Next page
The Oracle tutorials that are being looked at are the facets of Oracle data security. Lmode=y
SQLDBA >connect Internal;
SQLDBA >startup;
<3> Hot Backup
Hot backup is a way to back up data in Archivelog mode when the database is running. So if you have a cold backup last night and you have today's hot backup files, you can use this data to recover more information in the event of a problem. Hot backup requires the database to operate in Archivelog mode and requires a large amount of file space. Once the database is running in Archivelog state, it can be backed up. The command file for hot backup consists of three parts:
1. The data file is backed up in a tablespace in one table space.
(1) Set table space to backup state
(2) Data files for the backup table space
(3) Restore the table space to a normal state
2. Back up the archive log file.
(1) Temporarily stop the archiving process
(2) The files in the archive redo log target directory under log
(3) Restart the archive process
(4) Backup archived redo log files
3. Backing up copy files with the ALTER DATABASE backup Controlfile command
The advantages of hot backup are:
• Backups are available at the table space or data file level, and backup times are short.
• Databases can still be used at backup time.
• Can reach a second level recovery (revert to a point in time).
• Recovery of almost all database entities is available.
• Recovery is fast and, in most cases, restored when the database is still working.
The shortage of hot backup is:
• No mistakes, or serious consequences.
• If a hot backup is unsuccessful, the resulting results are not available for point-in-time recovery.
• It is difficult to maintain, so be particularly careful, do not allow "failure to end".
second, another hidden danger from the inside--user management and password problems
Here, in fact, as a similar point of the database administrator is very clear, the Oracle database itself has used a number of ways to enhance the security of the database, often see the password, role, permissions, and so on. So, let's start with the simplest DBSNMP:
Oralce database with a typical installation, a user named Dbsnmp is automatically created, who is responsible for running the intelligent agent (intelligent agent) of the Oracle system, and the user's default password is "Dbsnmp". If you forget to modify the user's password, anyone can access the database system through that user. Now let's take a look at what permissions and roles the user has and then analyze the user's potential loss to the database system.
Start the Sql/plus program and use the user login to enter:
Sql> select * from Session_privs; Create session ALTER Session Unlimited tablespace Create TABLE create CLUSTER create synonym create public synonym create VIEW CREATE SEQUENCE Create DATABASE LINK Create PROCEDURE create TRIGGER ANALYZE any create TYPE create OPERATOR create I Ndextype
You can see that the user is not a SYS or system administrative user, however, it has two system-level permissions: Unlimited tablespace and create public synonym.
See these two permissions you should immediately think that these are security risks, especially unlimited tablespace, it is one of the attack points to destroy the database system. If at this time you still think that even if someone uses this not modified password to log into the database will not cause any loss, I have to remind you: the user has unlimited tablespace system privileges, it can write a small script, and then malicious system to fill with garbage data, The database system will not be able to run, and would directly lead to eventual paralysis. At present, many database systems require 7x24 work, if there is a system with garbage data filled with the situation, then, such as database system recovery, I am afraid that irreparable damage has been caused.
But in addition to DBSNMP there are many other users, how to do? Let's take a look at the user management issues that are currently prevalent in Oracle databases:
(1) Excessive permissions: The average user who programs and browses to the Oracle database often has DBA (Database administrator privileges) to make any modifications or deletions to the database system.
(2) Poor security: Many Oracle users default storage location in the system table space, so that not only affect the normal work of the system, and different users of the data information interaction, transparency, confidentiality is poor. With the continuous addition of data, it is possible to crash the entire database system.
(3) The password is regular: the user name and password consistent bad habits formed at the beginning of the Oracle debugging are kept until now; the system user sys and systems passwords are also known.
What do we do when we know these common "problems"? Here are some of my suggestions:
(1) ORACLE DBA (database administrator) specification
· The Oracle user passwords under the SUN Solaris operating system should be kept strictly confidential and should never be set to Oracle, and specific database administrators should be assigned to modify them regularly.
· The SYS and system administrator user passwords established by Oracle initialization should be changed from the original manager to something else that is not easily memorized.
· The management port of ORACLE WEB Server has the ability of DBA to browse the database, so the password of its manager admin should also be kept confidential, the password should not be set to manager, and the special database administrator should be specified to modify it periodically.
· ORACLE DBA is best managed with a windowed interface on the Sun SPARC Server console. If the Oracle user starts the server and then enters svrmgrm under the window command line, that is, the Oracle Server Manager menu management is started, and the database system maintenance is done after you log in as Sysdba
(2) Sql*plus Programming User's specification
• Specification of storage structure
Taking into account the use of Sql*plus programming can achieve all walks of life, companies, various departments of a wide range of application needs, our Sql*plus programming users should also be in this direction specification: Different types of applications must have different users; different kinds of applications must have different storage locations, including physical files, Default table space, temporary tablespace creation, and planning: When you are ready to write a larger application from Oracle data and user-oriented, you should first create a logical storage location-tablespace, while defining the path of the physical file and the size of the hard disk you are taking up.
①, physical file default storage path under/oracle_home/dbs, the UNIX instruction df-k can be used to view the use of the hard disk resource partition under the command line. If the Oracle_home usage is over 90, and one or more
prev [1] [2] [3] [4] Next page
The Oracle tutorials that are being looked at are the facets of Oracle data security. More free hard disk resource partitions can be used, we'd better take the physical file default storage path to the more idle hard disk resource partition path. In this path we can plan the storage of the resource physical file:
XXX table Space
XXX industry/XXX Company/XXX department/XXX service. dbf
Demo Table Space
Default_datafile_home1/col/elec/sys4/demo1.dbf
Default_datafile_home1/col/elec/sys4/demo2.dbf
Company system four simulation demo system physical files
Human table Space
Default_datafile_home1/col/elec/human/human.dbf
HR Personnel Management System physical files
Book Table space
Default_datafile_home1/col/elec/book/book.dbf
Physical file of library Management system in company reference room
Question Table Space
Default_datafile_home1/col/elec/client/question.dbf
Company Customer Service Department problem library system physical files
PC Table Space
Default_datafile_home1/col/chaoxun/client/pc.dbf
Company PC computer service System physical file
...... Table Space
Default_datafile_home2/........ ........ ....... ...... ...
Wait a minute
Description: Where default_datafile_home1 refers to oracle_home/dbs;default_datafile_home2 refers to the more idle hard disk resource partition path.
The size of the ② and physical file is determined by the amount of data, data object, and package of the application system. Generally used to simulate the small system, the initial table space of the physical file 2M that can meet the requirements, if the amount of information is full, you can also increase the physical file, expansion of the table space (each expansion can also be tentatively 2M); The general practical application system can increase the initial physical file size of the table space, but do not allocate too much at once (because it is not easy to reclaim space, but easy to expand space), which also need to be specific to the specific situation analysis: a large amount of information, long time to save the application in conditions permitting, the table space can be as large as hundreds of m or even on the G; Small amount of information, short-term often refreshed applications, table space can be controlled under 2M.
③, tablespace names should be used similar to the system application of English characters or character abbreviations, the table space corresponding to one or more physical file names should also be relevant. The stored information cannot be accessed by the different user's default table space. This is much more secure than storing all the user information in the system table space. If you create a user with an Oracle WEB Server management port, the default and temporary tablespace must be a system tablespace, and the DBA will remember to change the user's default tablespace. Temporary table space to store temporary data segments, processing some sorting, merging and other intermediary operations, depending on the actual application requirements can be placed in a specially created table space, if the system table space is large, you can also put them in the system table space. The data index created by the user is best stored separately from the data file in different table spaces to reduce data contention and increase response speed.
prev [1] [2] [3] [4]
