Warning: include() [function.include]: URL file-access is disabled in the server configuration in /nfs/cs/classes/www/06U/cis399oracle/lectures/week5.php on line 14

Warning: include(http://www.cs.uoregon.edu/classes/06U/cis399oracle/utility_functions.php) [function.include]: failed to open stream: no suitable wrapper could be found in /nfs/cs/classes/www/06U/cis399oracle/lectures/week5.php on line 14

Warning: include() [function.include]: Failed opening 'http://www.cs.uoregon.edu/classes/06U/cis399oracle/utility_functions.php' for inclusion (include_path='.:/private/apps/php-5.2.4/lib/php') in /nfs/cs/classes/www/06U/cis399oracle/lectures/week5.php on line 14

CIS 399 - Introduction to Oracle and SQL

Slides for this week's lectures

Week 5 Lecture Notes

Monday, July 24 2006

Security Overview
1. Confidentiality
2. Integrity
3. Availability
User Authentication
1. Challenge-response
2. Single sign-on
Creating Users
User Roles
Granting System and Object Privileges
Common System Privileges
1. ALTER SESSION
2. ALTER SYSTEM
3. ALTER USER
4. AUDIT ANY
5. BACKUP ANY TABLE
6. CREATE PROCEDURE
7. CREATE ROLE
8. CREATE SEQUENCE
9. CREATE TABLE
10. CREATE TRIGGER
11. CREATE TYPE
12. CREATE USER
13. CREATE VIEW
14. DROP USER
15. FORCE TRANSACTION
Common Object Privileges
Separation of Duties
1. Provide the the SMALLEST set of permissions possible to each role so those users can do their jobs effectively
2. Identify the primary objects in your database
3. Identify the primary roles needed by users of the database, keeping in mind the importance of separation of duties
4. Determine the permissions that each role needs for each object
Controlling User Access to Objects
Creating, listing Roles

Tuesday, July 25 2006

Announcements: new homework
Granting and Revoking Permissions
Enforcing Privileges Through Views and Procedures
Restricting Access to Selected Rows and Columns
Restricting Updates Through Procedures
Protecting Data with Encryption
1. Single key encryption
2. Dual key encryption
Securing Internet Transactions
Encrypting Selected Data in the Database
Protecting Source Code with Wrap

Wednesday, July 26 2006

Auditing the Database
Auditing Features
Oracle auditing types
1. Statement Auditing
2. Privilege Auditing
3. Schema Object Auditing
4. Fine-Grained Auditing
Enabling Auditing
Viewing Audit Trails
Disabling Auditing
Creating Triggers for Auditing
Fine- Grained Auditing

Thursday, July 27 2006

Introduction to Forms
Three main form types
Forms Services Architecture
The basic structure of oracle forms
Creating a simple main form with the forms builder
Forms builder wizards
Testing a form with the "run form" button
Displaying data with form queries
Modifying forms
The object navigator
Basic properties
Adding images

Answers to Questions / Clarifications

When creating a user, is it necessary to create a quota for them?
For the user to be able to create tables you should set the quota for the user on the default tablespace. If the user is not going to create tables, they don't need a quota.

What does the DROP ANY TABLE privilege let you do?
According to the Oracle documentation (http://download-west.oracle.com/docs/cd/B14117_01/server.101/b10759/statements_9013.htm#SQLRF01603):

	When you grant a privilege on ANY object, such as CREATE ANY CLUSTER, 
	the result is determined by the value of the O7_DICTIONARY_ACCESSIBILITY 
	initialization parameter. By default, this parameter is set to FALSE, so 
	that ANY privileges give the grantee access to that type of object in all
	schemas except the SYS schema. If you set O7_DICTIONARY_ACCESSIBILITY to
	TRUE, then the ANY privileges also give the grantee access, in the SYS
	schema, to all objects except Scheduler objects. For security reasons,
	Oracle recommends that you use this setting only with great
	caution.

Is there a list of the system tables in Oracle?
Yes: http://www.techonthenet.com/oracle/sys_tables/index.php

Back to Main Page