Suggestions for improving the security of Oracle databases

Oracle DatabaseAs a collection of enterprise data, its security does not need to be emphasized too much. The problem now is that when I provided technical services to customers, I found that many enterprises were not doing well in terms of security, and even some of the simplest security measures were not done.

Through this article, I would like to remind the Oracle database administrator to give them some feasible suggestions on how to plan and implement Oracle database security. We hope this content can help them improve the security of Oracle databases.

　　1. Lock unused accounts.

Several default database server accounts are automatically created during Oracle installation. After the Oracle database is installed, the SYSTEM automatically locks some accounts or sets them to expire. However, it also opens some useful accounts, such as SYS, SYSTEM, and SYSMAN. If a database instance is installed, a scott account may be created. For the sake of Oracle Database Security, we 'd better lock some unused accounts. Generally, if the account provided by the SYSTEM is used, you only need to keep the usernames SYS, SYSTEM, and SYSMAN. The usernames created by other systems can be locked.

In addition, we will create our own Administrator Account during database maintenance. For example, when I maintain the database system, I do not like to use the Administrator account provided by the system. Instead, they will first use their accounts to log in and then create their favorite usernames and passwords. Therefore, when the database system has the username left by your former database administrator and you do not want to use it, please hold it up and lock it down as soon as possible. This improves database security. Unfortunately, I sometimes find many inexplicable administrator accounts in the database for paid Database Maintenance. When they asked their database administrators what accounts they had, they said they left behind by their predecessors and they did not know. For these accounts, I suggest that you lock them out or expire them as soon as possible. Otherwise, it is a time bomb for the Oracle system. Once an explosion occurs, the database will be irretrievable.

　2. Implement password management.

This is not the author's suggestion, but the official Oracle suggestion. When I was attending Oracle training, their professors told us that the basic password management rules provided by the database should be used, such as the password length history and complexity, applies to all user passwords and requires all administrator accounts to change passwords on a regular basis.

For database systems that rely on password management, passwords must be kept confidential at all times. However, in actual work, passwords may be leaked, for example, they may be seen when they are entered or stolen using password theft tools. Therefore, in order to better control the security of the database, the Oracle database uses the profile to ensure the security of the Database Password. This is a unique feature of Oracle databases.

Specifically, Oracle has the following rules on password management.

1. Password History. This is consistent with the password history in the Microsoft operating system. It is mainly used to specify that users cannot use the same password within a time interval. We can use the CREATE statement to CREATE a user profile, although the REUSE_TIME and REUSE_MAX parameters are used to specify the number of days. The TIME parameter specifies the TIME after which the same password can be used. The MAX parameter specifies the number of times the password must be changed before the current password can be used again.

2. Term of the password. If a password takes longer, the more likely it will be to be leaked. The ideal status is to change the password once every time you use it. However, this is obviously not easy to implement. Therefore, we need to set the maximum validity period of a password based on certain conditions. After this period, the original password becomes invalid and the user must change the password again. We can use the CREATE statement to CREATE a profile for a user, and then use the LIFE? The _ TIME parameter specifies the maximum validity period of the password. Of course, you can also specify the extension duration for the password that expires. When the user's password expires and the user logs on to the database for the first time, the user needs to enter the extended period. During this extended period, the user can still use the original password, but every time he logs on to the database, the system will remind the user to change the password until the extended period ends. After the extension expires, the user must change the original password. Otherwise, the system will always remind the user to change the password and refuse to log on to the system. In addition, the term of the password is often used together with the password history, so as to increase the security of the password to a new level.

3. Password Complexity management. We all know that passwords with only numbers are much better than passwords with mixed numbers and characters. Therefore, to enhance the security of user names and passwords, it is necessary to set complex password management rules. The Oracle database system provides a lot of Password Complexity checks. For example, you can specify the minimum length of the password. You can set the password to be different from the user name. You can specify that the password must contain characters, numbers, punctuation marks, and so on; you can also set the password not to be a simple word or the first few characters of the password cannot be the same. By managing these complexity, you can maximize the security of your passwords. In this case, it is difficult to crack the password through a digital dictionary. However, although the password is complicated, it is recommended that you do not take a piece of paper to remember it. In this case, the password is still easy to leak. It is best to familiarize yourself with the password, and then tear up or burn the paper to ensure that the password will not be leaked.

　　3. The account is automatically locked.

When we use a bank card account, the card will be locked when the incorrect password is entered more than a certain number of times. In fact, this can also be achieved in Oracle databases. When an administrator account or a common account fails to log on more than the number of times we specify, the server automatically locks the user account.

Generally, you only need to set an automatic lock policy for the Administrator account. Compared with ordinary users, because they are not very familiar with the operation, the chance of wrong password input is relatively high. If we set a password lock policy for them, a major part of our job is to unlock them. Therefore, if there is no special need, do not set an automatic lock policy for the common account, or at least set a higher number of incorrect passwords.

In addition, if the front-end application is directly connected to the database, there will also be a user name and password. We recommend that you do not set a password lock policy for this user name and password. Otherwise, it will be difficult to maintain the password.

　　4. Assign reasonable terminal user permissions.

End users are the accounts actually used by enterprise employees. There are two methods to control the permissions of common employees. First, it is controlled through the foreground application software; second, it is implemented through the database user permissions.

If we use the database's own permission manager to manage account permissions, we need to consider grouping end users and then creating different roles for these user groups. The database administrator can grant necessary permissions to each role before assigning these roles to the corresponding user group. In other words, we do not recommend that you directly grant related permissions to users, but manage database access permissions through roles and groups. In special circumstances, if a specific account has only one permission, you can directly grant the permission to this account. Otherwise, we do not recommend that you grant permissions directly.