大型數(shù)據(jù)庫(kù)系統(tǒng)分析與設(shè)計(jì):Less10-Security_第1頁(yè)
大型數(shù)據(jù)庫(kù)系統(tǒng)分析與設(shè)計(jì):Less10-Security_第2頁(yè)
大型數(shù)據(jù)庫(kù)系統(tǒng)分析與設(shè)計(jì):Less10-Security_第3頁(yè)
大型數(shù)據(jù)庫(kù)系統(tǒng)分析與設(shè)計(jì):Less10-Security_第4頁(yè)
大型數(shù)據(jù)庫(kù)系統(tǒng)分析與設(shè)計(jì):Less10-Security_第5頁(yè)
已閱讀5頁(yè),還剩37頁(yè)未讀 繼續(xù)免費(fèi)閱讀

下載本文檔

版權(quán)說(shuō)明:本文檔由用戶提供并上傳,收益歸屬內(nèi)容提供方,若內(nèi)容存在侵權(quán),請(qǐng)進(jìn)行舉報(bào)或認(rèn)領(lǐng)

文檔簡(jiǎn)介

1、Implementing Oracle Database SecurityObjectivesAfter completing this lesson, you should be able to do the following:Describe your DBA responsibilities for securityImplement security by applying the principle of least privilegeManage default user accounts Implement standard password security features

2、Describe database auditingDescribe Virtual Private Database (VPD)Industry Security RequirementsLegal:Sarbanes-Oxley Act (SOX)Health Information Portability and Accountability Act (HIPAA)California Breach LawUK Data Protection ActAuditingSecurity RequirementsFull Notes PageSeparation of Responsibilit

3、iesUsers with DBA privileges must be trusted. Consider:Abuse of trustAudit trails protect the trusted position.DBA responsibilities must be shared.Accounts must never be shared.The DBA and the system administrator must be different people.Separate operator and DBA responsibilities.Database SecurityA

4、 secure system ensures the confidentiality of the data that it contains. There are several aspects of security:Restricting access to data and servicesAuthenticating usersMonitoring for suspicious activityDatabase SecurityFull Notes PagePrinciple of Least PrivilegeInstall only required software on th

5、e machine.Activate only required services on the machine.Give OS and database access to only those users that require access.Limit access to the root or administrator account.Limit access to the SYSDBA and SYSOPER accounts.Limit users access to only the database objects required to do their jobs.REV

6、OKE EXECUTE ON UTL_SMTP, UTL_TCP, UTL_HTTP,UTL_FILE FROM PUBLIC;O7_DICTIONARY_ACCESSIBILITY=FALSEREMOTE_OS_AUTHENT=FALSEApplying the Principle of Least PrivilegeProtect the data dictionary:Revoke unnecessary privileges from PUBLIC:Restrict the directories accessible by users.Limit users with adminis

7、trative privileges.Restrict remote database authentication:Apply the Principle of Least Privilege Full Notes PageManaging Default User AccountsDBCA expires and locks all accounts, except:SYSSYSTEMSYSMANDBSNMPFor a manually created database, lock and expire any unused accounts.UserPassword aging and

8、expiration Password complexity verificationSetting up profilesImplementing Standard Password Security FeaturesPassword historyAccount lockingPassword SecurityFull Notes PageSupplied Password Verification Function: VERIFY_FUNCTIONThe supplied password verification function enforces these password res

9、trictions:The minimum length is four characters.The password cannot be the same as the username.The password must have at least one alphabetic, one numeric, and one special character.The password must differ from the previous password by at least three letters.Tip: Use this function as a template to

10、 createyour own customized password verification.Creating a Password ProfileAssigning Users to a Password ProfileSelect Administration Schema Users & Privileges Users. Where We AreComparing security aspectsApplying the principle of least privilegeManaging default user accountsImplementing standard p

11、assword security featuresCreating and using password profilesAuditingVirtual Private Database (VPD)Monitoring for Suspicious ActivityMonitoring or auditing must be an integral part of your security procedures. Review the following:Mandatory auditingStandard database auditingValue-based auditingFine-

12、grained auditing (FGA)DBA auditingEnterprise Manager Audit PageAudit trailParameter file(2) Specify audit options.Generate audit trail.(3)Review auditinformation.(4)Maintain audit trail.Standard Database AuditingDBAUserEnable database auditing.executes command.DatabaseOS or XML audit trailAudit opti

13、onsServerprocessUniform Audit TrailsDBA_AUDIT_TRAILDBA_FGA_AUDIT_TRAILDBA_COMMON_AUDIT_TRAILEXTENDED_TIMESTAMP,PROXY_SESSIONID, GLOBAL_UID,INSTANCE_NUMBER, OS_PROCESS, TRANSACTIONID, SCN, SQL_BIND, SQL_TEXTSTATEMENTID,ENTRYIDAUDIT_TRAIL=DB,EXTENDEDEnhanced Enterprise User AuditingStandard auditUSERN

14、AMEGLOBAL_UIDFine-grained auditDB_USERGLOBAL_UIDStandard auditUSERNAMEFine-grained auditDB_USERExclusive schemaShared schemaValue-Based AuditingUsers change is made.Trigger fires.Audit record is created by the trigger.And it is inserted into an audit trail table.A user makes a change.Value-Based Aud

15、itingFull Notes PageFine-Grained Auditing Monitors data access on the basis of contentAudits SELECT, INSERT, UPDATE, DELETE, and MERGECan be linked to a table or view, to one or more columnsMay fire a procedureIs administered with the DBMS_FGA packageemployeesPolicy: AUDIT_EMPS_SALARYSELECT name, sa

16、lary FROM employees WHERE department_id = 10;FGA Policydbms_fga.add_policy ( object_schema= HR, object_name= EMPLOYEES, policy_name= audit_emps_salary, audit_condition=department_id=10, audit_column = SALARY, handler_schema= secure, handler_module= log_emps_salary, enable= TRUE, statement_types =SEL

17、ECT );SELECT name, job_id FROM employees;SELECT name, salary FROM employees WHERE department_id = 10;SECURE.LOG_ EMPS_SALARYemployeesDefines:Audit criteriaAudit actionIs created with DBMS_FGA .ADD_POLICYFGA PolicyFull Notes PageAudited DML Statement: ConsiderationsRecords are audited if FGA predicat

18、e is satisfied and relevant columns are referenced.DELETE statements are audited regardless of any specified columns.MERGE statements are audited with the underlying INSERT or UPDATE generated statements.UPDATE hr.employeesSET salary = 10WHERE commission_pct = 90;UPDATE hr.employeesSET salary = 10WH

19、ERE employee_id = 111;FGA GuidelinesTo audit all statements, use a null condition.Policy names must be unique.The audited table or view must already exist when you create the policy.If the audit condition syntax is invalid, an ORA-28112 error is raised when the audited object is accessed.If the audi

20、ted column does not exist in the table, no rows are audited.If the event handler does not exist, no error is returned and the audit record is still created.DBA AuditingUsers with the SYSDBA or SYSOPER privileges can connect when the database is closed:Audit trail must be stored outside the database.

21、Connecting as SYSDBA or SYSOPER is always audited.Enable additional auditing of SYSDBA or SYSOPER actions with audit_sys_operations.Control audit trail with audit_file_dest. Maintaining the Audit TrailThe audit trail should be maintained. Follow best practice guidelines:Review and store old recordsP

22、revent storage problemsAvoid loss of records Quiz: What Is Audited?Type of AuditWhat Is Audited?What Is in the Audit Trail?Standard database auditingValue-based auditingFine-grained auditing (FGA)Match the following text, “A” to “What is Audited?”, and “T” to “What is in the Audit Trail?”.A1: Data c

23、hanged by DML statementsA2: SQL statements (insert, update, delete, select, and merge) based on content)A3: Privilege use including object accessT1: Fixed set of data including the SQL statementT2: Fixed set of dataT3: N/AWhere We AreComparing security aspectsApplying the principle of least privileg

24、eManaging default user accountsImplementing standard password security featuresDescribing auditing:Mandatory auditingStandard database auditingValue-based auditingFine-grained auditingDBA auditingVirtual Private Database (VPD)Virtual Private Database: OverviewVirtual Private Database (VPD) consists

25、of:Fine-grained access controlSecure application contextVPD uses policies to add conditions to SQL statements that protect sensitive data.VPD provides row-level access control.Application attributes defined inside an application context are used by fine-grained access policies.VPD ExampleBusiness ru

26、le: Employees outside the HR department are only allowed to see their own EMPLOYEES record. A salesman enters the following query:SELECT * FROM EMPLOYEES;The function implementing the security policy returns the predicate employee_id=my_emp_id and the database rewrites the query and executes the fol

27、lowing: SELECT * FROM EMPLOYEESWHERE employee_id=my_emp_id; Creating a Column-Level Policy BEGIN dbms_rls.add_policy(object_schema = hr, object_name = employees, policy_name = hr_policy, function_schema =hr, policy_function = hrsec, statement_types =select,insert, sec_relevant_cols=salary,commission

28、_pct);END;/Column-Level VPD: ExampleStatements are not always rewritten.Consider a policy protecting the SALARY and COMMISSION_PCT columns of the EMPLOYEES table. The fine-grained access control is:Not enforced for this query:Enforced for these queries:SQL SELECT last_name, salary 2 FROM employees;SQL SELECT last_name FROM employees;SQL SELECT * FROM employees;Security UpdatesOracle posts security alerts on the Oracle Technology Network Web site at:/techno

溫馨提示

  • 1. 本站所有資源如無(wú)特殊說(shuō)明,都需要本地電腦安裝OFFICE2007和PDF閱讀器。圖紙軟件為CAD,CAXA,PROE,UG,SolidWorks等.壓縮文件請(qǐng)下載最新的WinRAR軟件解壓。
  • 2. 本站的文檔不包含任何第三方提供的附件圖紙等,如果需要附件,請(qǐng)聯(lián)系上傳者。文件的所有權(quán)益歸上傳用戶所有。
  • 3. 本站RAR壓縮包中若帶圖紙,網(wǎng)頁(yè)內(nèi)容里面會(huì)有圖紙預(yù)覽,若沒(méi)有圖紙預(yù)覽就沒(méi)有圖紙。
  • 4. 未經(jīng)權(quán)益所有人同意不得將文件中的內(nèi)容挪作商業(yè)或盈利用途。
  • 5. 人人文庫(kù)網(wǎng)僅提供信息存儲(chǔ)空間,僅對(duì)用戶上傳內(nèi)容的表現(xiàn)方式做保護(hù)處理,對(duì)用戶上傳分享的文檔內(nèi)容本身不做任何修改或編輯,并不能對(duì)任何下載內(nèi)容負(fù)責(zé)。
  • 6. 下載文件中如有侵權(quán)或不適當(dāng)內(nèi)容,請(qǐng)與我們聯(lián)系,我們立即糾正。
  • 7. 本站不保證下載資源的準(zhǔn)確性、安全性和完整性, 同時(shí)也不承擔(dān)用戶因使用這些下載資源對(duì)自己和他人造成任何形式的傷害或損失。

評(píng)論

0/150

提交評(píng)論