Overview of Oracle Data Security (i)

oracle| Security | Data with the popularization of computers and the development of the network, the database is no longer just the topic that the programmer is proprietary. and Oracle database is by virtue of its outstanding performance, easy to operate and flexible features, in the database market has occupied a place. But also with the continuous progress of network technology, the increasing data information, data security is no longer the old "long talk", and more than the previous books on those "elusive" rules.
Perhaps a long time ago, it was felt that Oracle database security was not a problem, since Oracle launched its database software last November with the slogan "Only oracle9i can be absolutely safe". But whether it's for promotional purposes or to broaden popularity, in short, in the wake of last December's security expert David Litchfield discovered a bug in 9iAS that caused a buffer overflow vulnerability and later, Pentest Limited and eeye Digital security each raised a small loophole, all the use of Oracle Company products are not the tension of the original loose brain-this for users, after all, related to their own "putting."
The following author will take you into the world of Oracle data security. Due to the author's limited level, so the deficiencies are inevitable, I hope we do not hesitate to enlighten.

(i) Some basic knowledge of Oracle Databases

Here's just a few basics for future security, because we're going to use them later. Oh ~!

The components contained in 1.Oracle

In Oracle, the database refers to the entire Oracle RDBMS environment, which includes the following components:
· Oracle database processes and buffers (instances).
· The system tablespace contains a set of systems classes that can be composed of one or more data files.
• Other table spaces defined by the database Administrator (DBA) (optional), each consisting of one or more data files.
• More than two online recovery logs.
• Archive recovery log (optional).
• Other documents (control documents, Init.ora, Config.ora, etc.).
Each Oracle database is run in a central system class and data dictionary, which is located in the system table space.

2. About "Log"

Oracle databases use several structures to protect data: Database fallback, logging, rollback segments, and control files. Here's a general look at "logs" as one of the main structures:
Each Oracle database instance provides a log that records all changes made in the database. Each running Oracle database instance has a corresponding online log that works with the Oracle background process LGWR to immediately record all changes made to the instance. Archive (offline) logging is optional and an Oracle database instance can form an online log archive once the online log fills up. Archived online log files are uniquely identified and merged into an archive log.
• About the online log: each instance of an Oracle database has an associated online log. An online log consists of multiple online log files. Log entries (Redo entry) are filled in on-line log files (online redo log file), and log entries record data to refactor all changes made to the database.
• About archive logs: When Oracle is archiving a filled online log filegroup, an archive log (archived redo log) is created. The following are useful for database backup and recovery:
<1> database backup as well as online and archived log files to ensure that all submissions are recoverable in the operating system and disk failures.
<2> in the database open and normal system use, if the archive log is permanently saved, online backup can be carried out and used.
The database can run in two different ways: Noarchivelog or Archivelog mode. When a database is used in a noarchivelog manner, it is not possible to archive online logs. If the database runs in Archivelog mode, you can implement an online log archive.

3. Physical and logical storage structure

An Oracle RDBMS is made up of tablespaces, and tablespaces are made up of data files. The table space data file is formatted as an internal block unit. The size of the block, which was set by the DBA at the first time Oracle was created, can be changed from 512 to 8,192 bytes. When an object is created in an Oracle tablespace, the user uses a unit called length (initial extent), next length (next extent), Minimum length (min extents), and maximum length (max extents)) to indicate the space size of the object. The size of an oracle length can vary, but contains a chain consisting of at least five contiguous blocks.


(ii) Oracle Data Security Maintenance

Remember a philosopher said: "The change of things is inseparable from internal and external causes." "Then for the topic of Oracle data Security, it is also bound to be divided into the" inside "and" outside "two parts. So well, let's start with "inside":

1. Speaking from the Oracle system itself

Let's put aside the try "hacker" and some other external reasons, first think about our database. What HDD damage, what software damage, what operation things ... A series of system problems caused by our "negligence" can completely leave the data in the database that we have painstakingly built. Well, let's find out why.
"One" solution to the problem of the system itself--database backup and recovery
• Backup of the database:
There are three standard methods for backing up Oracle databases: Export/import (Export/import), cold backup, hot backup. Export backup is a logical backup, and cold and hot backups are physical backups.
<1> Export/import (Export/import)
Export can be used to extract data from the database, the use of import can be extracted from the data returned to the Oracle database.
A. Simple export data (export) and imported data (import)
Oracle supports three types of output:
(1) The table method (t), which exports the data from the specified table.
(2) User mode (U), which will specify all objects and data exported by the user.
(3) Whole library (full mode) to export all objects in the database.
The process of data export (import) is the reverse process of data importing (export), and their data flow is different.
B. Incremental export/Import
Incremental export is a common method of data backup that can only be implemented for the entire database and must be exported as system. When making this export, the system does not require any questions to be answered. The export file name defaults to Export.dmp, and if you do not want your output file to be named Export.dmp, you must indicate the file name you want to use on the command line.
An incremental export consists of three types:
(1) "Full" incremental export (Complete)
That is, back up the entire database, for example:
$exp System/manager Inctype=complete file=990702.dmp
(2) "Incremental" incremental export
Backs up data that was changed since the last backup. Like what:
$exp System/manager inctype=incremental file=990702.dmp
(3) "Cumulative" incremental export (cumulative)
The cumulative export method simply exports information that has changed in the database since the last "full" export. Like what:
$exp System/manager inctype=cumulative file=990702.dmp
The database administrator can schedule a backup schedule that is reasonably and efficiently done in three different ways of exporting data. For example, a database backup task can be arranged as follows:
• Monday: Full export (A)
• Tuesday: Incremental export (B)
• Wednesday: Incremental export (C)
• Thursday: Incremental export (D)
• Friday: Cumulative export (E)
• Saturday: Incremental export (F)
• Sunday: Incremental export (G)
If the database is accidentally compromised in Sunday, the database administrator can restore the database by following these steps:
Step one: Use the command create database to regenerate the databases structure;
Step Two: Create a large enough additional back segment.
Step three: Full incremental import a:
$imp system./manager inctype= rectore full=y file=a
Step Fourth: Cumulative incremental import E:
$imp system/manager inctype= rectore full=y FILE =e
Fifth Step: Recent incremental import F:
$imp System/manager Inctype=restore full=y file=f
<2> Cold Backup
Cold backup occurs when the database has been shut down properly and provides us with a complete database when it shuts down properly. Cold backup is a way of copying critical files to a different location. Cold backup is the quickest and safest way to back up Oracle information. The advantages of cold backup are:
• Is a very fast backup method (just copy the file)
• Easy to archive (simple copy)
• Easy to recover to a point in time (just copy the file back)
• Can be combined with the archiving method to make the database "up-to-date status" recovery.
• Low maintenance, high safety.
However, cold backup also has the following disadvantages:
• When used alone, it can only provide recovery at a point in time.
• In the process of implementing a backup, the database must be backed up without any other work. In other words, the database must be closed during a cold backup.
• If disk space is limited, it can only be copied to other external storage devices such as tape, which can be slow.
• Cannot be recovered by table or by user.
If possible (primarily for efficiency), you should back up the information to disk, then start the database (so that the user can work) and copy the backed-up information to tape (while the database can work). Files that must be copied in a cold backup include:
• All data files
• All control files
• All online redo log files
· Init.ora file (optional)
It is worth noting that cold backups must be done in the case of a database shutdown and that performing a database file system backup is not valid when the database is open
Here is a complete example of doing a cold backup:
(1) Close the database $sqldba lmode=y
SQLDBA >connect Internal;
Sqldba >shutdown Normal;
(2) use copy command to back up all time files, redo log files, control files, initialization parameter files
SQLDBA >! CP < file > < backup directory >
(3) Restart Oracle database
$SQLDBA Lmode=y
SQLDBA >connect Internal;
SQLDBA >startup;
<3> Hot Backup
Hot backup is a way to back up data in Archivelog mode when the database is running. So if you have a cold backup last night and you have today's hot backup files, you can use this data to recover more information in the event of a problem. Hot backup requires the database to operate in Archivelog mode and requires a large amount of file space. Once the database is running in Archivelog state, it can be backed up. The command file for hot backup consists of three parts:
1. The data file is backed up in a tablespace in one table space.
(1) Set table space to backup state
(2) Data files for the backup table space
(3) Restore the table space to a normal state
2. Back up the archive log file.
(1) Temporarily stop the archiving process
(2) The files in the archive redo log target directory under log
(3) Restart the archive process
(4) Backup archived redo log files
3. Backing up copy files with the ALTER DATABASE backup Controlfile command
The advantages of hot backup are:
• Backups are available at the table space or data file level, and backup times are short.
• Databases can still be used at backup time.
• Can reach a second level recovery (revert to a point in time).
• Recovery of almost all database entities is available.
• Recovery is fast and, in most cases, restored when the database is still working.
The shortage of hot backup is:
• No mistakes, or serious consequences.
• If a hot backup is unsuccessful, the resulting results are not available for point-in-time recovery.
• It is difficult to maintain, so be particularly careful, do not allow "failure to end".