Skip Headers
Oracle® Database Security Guide
10g Release 2 (10.2)

Part Number B14266-01
Go to Documentation Home
Home
Go to Book List
Book List
Go to Table of Contents
Contents
Go to Index
Index
Go to Master Index
Master Index
Go to Feedback page
Contact Us

Go to previous page
Previous
Go to next page
Next
View PDF

Preface

This document provides a comprehensive overview of security for Oracle Database. It includes conceptual information about security requirements and threats, descriptions of Oracle Database security features, and procedural information that explains how to use those features to secure your database.

This preface contains these topics:

Audience

The Oracle Database Security Guide is intended for database administrators (DBAs), security administrators, application developers, and others tasked with performing the following operations securely and efficiently:

To use this document, you need a basic understanding of how and why a database is used, as well as at least basic familiarity with SQL queries or programming.

Documentation Accessibility

Our goal is to make Oracle products, services, and supporting documentation accessible, with good usability, to the disabled community. To that end, our documentation includes features that make information available to users of assistive technology. This documentation is available in HTML format, and contains markup to facilitate access by the disabled community. Accessibility standards will continue to evolve over time, and Oracle is actively engaged with other market-leading technology vendors to address technical obstacles so that our documentation can be accessible to all of our customers. For more information, visit the Oracle Accessibility Program Web site at

http://www.oracle.com/accessibility/

Accessibility of Code Examples in Documentation

Screen readers may not always correctly read the code examples in this document. The conventions for writing code require that closing braces should appear on an otherwise empty line; however, some screen readers may not always read a line of text that consists solely of a bracket or brace.

Accessibility of Links to External Web Sites in Documentation

This documentation may contain links to Web sites of other companies or organizations that Oracle does not own or control. Oracle neither evaluates nor makes any representations regarding the accessibility of these Web sites.

TTY Access to Oracle Support Services

Oracle provides dedicated Text Telephone (TTY) access to Oracle Support Services within the United States of America 24 hours a day, seven days a week. For TTY support, call 800.446.2398.

Organization

This document contains:

Part I, "Overview of Security Considerations and Requirements"

Part I presents fundamental concepts of data security, and offers checklists and policies to aid in securing your site's data, operations, and users.

Chapter 1, "Security Requirements, Threats, and Concepts"

This chapter presents fundamental concepts of data security requirements and threats.

Chapter 2, "Security Checklists and Recommendations"

This chapter presents checklists, with brief explanations, for policies and practices that reduce your installation's vulnerabilities.

Chapter 3, "Security Policies and Tips"

This chapter presents basic general security policies, with specific chapter references, that apply to every site. These you must understand and apply to the unique considerations of your own site. The chapter also introduces general application design practices regarding roles and privileges.

Part II, "Security Features, Concepts, and Alternatives"

Part II presents methods and features that address the security requirements, threats, and concepts described in Part I.

Chapter 4, "Authentication Methods"

This chapter deals with verifying the identity of anyone who wants to use data, resources, or applications. Authentication establishes a trust relationship for further interactions as well as accountability linking access and actions to a specific identity.

Chapter 5, "Authorization: Privileges, Roles, Profiles, and Resource Limitations"

This chapter describes standard authorization processes that allow an entity to have certain levels of access and action, but which also limit the access, actions, and resources permitted to that entity.

Chapter 6, "Access Control on Tables, Views, Synonyms, or Rows"

This chapter discusses protecting objects by using object-level privileges and views, as well as by designing and using policies to restrict access to specific tables, views, synonyms, or rows. Such policies invoke functions that you design to specify dynamic predicates establishing the restrictions.

Chapter 7, "Security Policies"

This chapter discusses security policies in separate sections dealing with system security, data security, user security, password management, and auditing. It concludes with a more detailed version of the checklist first presented in Chapter 2.

Chapter 8, "Database Auditing: Security Considerations"

This chapter presents auditing as the monitoring and recording of selected user database actions. Auditing can be based either on individual actions, such as the type of SQL statement executed, or on combinations of factors that can include user name, application, time, and so on. Security policies can trigger auditing when specified elements in an Oracle database are accessed or altered, including the contents within a specified object.

Part III, "Security Implementation, Configuration, and Administration"

Part III presents the details of setting up, configuring, and administering Oracle Database security features.

Chapter 9, "Secure External Password Store"

This chapter discusses the secure external password store which allows you to store password credentials in a client side Oracle Wallet. It discusses client configuration for using the external password store. It also discusses managing external password store credentials.

Chapter 10, "Administering Authentication"

This chapter describes the methods for creating and administering authentication by defining users and how they are to be identified and verified before access is granted. Chapter 10 discusses the four primary methods as database, external, global, and proxy authentication.

Chapter 11, "Administering User Privileges, Roles, and Profiles"

This chapter presents the interwoven tasks and considerations involved in granting, viewing, and revoking database user privileges and roles, and the profiles that contain them.

Chapter 12, "Configuring and Administering Auditing"

This chapter describes auditing and accountability to protect and preserve privacy for the information stored in databases, detect suspicious activities, and enable finely-tuned security responses.

Chapter 13, "Introducing Database Security for Application Developers"

This chapter provides an introduction to the security challenges that face application developers and includes an overview of Oracle Database features they can use to develop secure applications.

Chapter 14, "Using Virtual Private Database to Implement Application Security Policies"

This chapter discusses developing secure applications by using application context, fine-grained access control, or virtual private database to implement security policies.

Chapter 15, "Implementing Application Context and Fine-Grained Access Control"

This chapter provides several examples of applications developed using application context, fine-grained access control, and virtual private database. It includes code examples and their corresponding explanations.

Chapter 16, "Preserving User Identity in Multitiered Environments"

This chapter discusses developing secure multiple tier applications.

Chapter 17, "Developing Applications Using Data Encryption"

This chapter discusses how you can use data encryption to develop secure applications, and the strengths and weaknesses of using this feature.

Part IV, "Appendixes"

Part IV contains two appendixes. The first appendix discusses new changes to the CONNECT role. The second appendix discusses the DBMS_SQLHASH package, which is used to verify data integrity.

Appendix A, "Addressing The CONNECT Role Change"

This appendix discusses the consequences of the fact that all privileges have been removed from the CONNECT role except the CREATE SESSION privilege.

Appendix B, "Verifying Data Integrity with DBMS_SQLHASH"

This appendix discusses the DBMS_SQLHASH package that can be used to verify data integrity.

Glossary

Related Documentation

For more information, see these Oracle resources:

Many of the examples in this book use the sample schemas of the seed database, which is installed by default when you install Oracle. Refer to Oracle Database Sample Schemas for information on how these schemas were created and how you can use them yourself.

Printed documentation is available for sale in the Oracle Store at

http://oraclestore.oracle.com/

To download free release notes, installation documentation, white papers, or other collateral, please visit the Oracle Technology Network (OTN). You must register online before using OTN; registration is free and can be done at

http://www.oracle.com/technology/membership/index.html

If you already have a user name and password for OTN, then you can go directly to the documentation section of the OTN Web site at

http://www.oracle.com/technology/documentation/index.html

To access the database documentation search engine directly, please visit

http://tahiti.oracle.com/

Conventions

This section describes the conventions used in the text and code examples of this documentation set. It describes:

Conventions in Text

We use various conventions in text to help you more quickly identify special terms. The following table describes those conventions and provides examples of their use.

Convention Meaning Example
Bold Bold typeface indicates terms that are defined in the text or terms that appear in a glossary, or both. When you specify this clause, you create an index-organized table.
Italics Italic typeface indicates book titles or emphasis. Oracle Database Concepts

Ensure that the recovery catalog and target database do not reside on the same disk.

UPPERCASE monospace (fixed-width) font Uppercase monospace typeface indicates elements supplied by the system. Such elements include parameters, privileges, data types, RMAN keywords, SQL keywords, SQL*Plus or utility commands, packages and methods, as well as system-supplied column names, database objects and structures, user names, and roles. You can specify this clause only for a NUMBER column.

You can back up the database by using the BACKUP command.

Query the TABLE_NAME column in the USER_TABLES data dictionary view.

Use the DBMS_STATS.GENERATE_STATS procedure.

lowercase monospace (fixed-width) font Lowercase monospace typeface indicates executables, filenames, directory names, and sample user-supplied elements. Such elements include computer and database names, net service names, and connect identifiers, as well as user-supplied database objects and structures, column names, packages and classes, user names and roles, program units, and parameter values.

Note: Some programmatic elements use a mixture of UPPERCASE and lowercase. Enter these elements as shown.

Enter sqlplus to open SQL*Plus.

The password is specified in the orapwd file.

Back up the data files and control files in the /disk1/oracle/dbs directory.

The department_id, department_name, and location_id columns are in the hr.departments table.

Set the QUERY_REWRITE_ENABLED initialization parameter to true.

Connect as oe user.

The JRepUtil class implements these methods.

lowercase italic monospace (fixed-width) font Lowercase italic monospace font represents placeholders or variables. You can specify the parallel_clause.

Run Uold_release.SQL where old_release refers to the release you installed prior to upgrading.


Conventions in Code Examples

Code examples illustrate SQL, PL/SQL, SQL*Plus, or other command-line statements. They are displayed in a monospace (fixed-width) font and separated from normal text as shown in this example:

SELECT username FROM dba_users WHERE username = 'MIGRATE';

The following table describes typographic conventions used in code examples and provides examples of their use.

Convention Meaning Example
[ ]
Brackets enclose one or more optional items. Do not enter the brackets.
DECIMAL (digits [ , precision ])
{ }
Braces enclose two or more items, one of which is required. Do not enter the braces.
{ENABLE | DISABLE}
|

A vertical bar represents a choice of two or more options within brackets or braces. Enter one of the options. Do not enter the vertical bar.
{ENABLE | DISABLE}
[COMPRESS | NOCOMPRESS]
...
Horizontal ellipsis points indicate either:
  • That we have omitted parts of the code that are not directly related to the example

  • That you can repeat a portion of the code

CREATE TABLE ... AS subquery;

SELECT col1, col2, ... , coln FROM employees;
.
 .
 .
Vertical ellipsis points indicate that we have omitted several lines of code not directly related to the example.
SQL> SELECT NAME FROM V$DATAFILE;
NAME
------------------------------------
/fsl/dbs/tbs_01.dbf
/fs1/dbs/tbs_02.dbf
.
.
.
/fsl/dbs/tbs_09.dbf
9 rows selected.
Other notation You must enter symbols other than brackets, braces, vertical bars, and ellipsis points as shown.
acctbal NUMBER(11,2);
acct    CONSTANT NUMBER(4) := 3;
Italics
Italicized text indicates placeholders or variables for which you must supply particular values.
CONNECT SYSTEM/system_password
DB_NAME = database_name
UPPERCASE
Uppercase typeface indicates elements supplied by the system. We show these terms in uppercase in order to distinguish them from terms you define. Unless terms appear in brackets, enter them in the order and with the spelling shown. However, because these terms are not case sensitive, you can enter them in lowercase.
SELECT last_name, employee_id FROM employees;
SELECT * FROM USER_TABLES;
DROP TABLE hr.employees;
lowercase
Lowercase typeface indicates programmatic elements that you supply. For example, lowercase indicates names of tables, columns, or files.

Note: Some programmatic elements use a mixture of UPPERCASE and lowercase. Enter these elements as shown.

SELECT last_name, employee_id FROM employees;
sqlplus hr/hr
CREATE USER mjones IDENTIFIED BY ty3MU9;

Conventions for Windows Operating Systems

The following table describes conventions for Windows operating systems and provides examples of their use.

Convention Meaning Example
Choose Start > How to start a program. To start the Database Configuration Assistant, choose Start > Programs > Oracle - HOME_NAME > Configuration and Migration Tools > Database Configuration Assistant.
File and directory names File and directory names are not case sensitive. The following special characters are not allowed: left angle bracket (<), right angle bracket (>), colon (:), double quotation marks ("), slash (/), pipe (|), and dash (-). The special character backslash (\) is treated as an element separator, even when it appears in quotes. If the file name begins with \\, then Windows assumes it uses the Universal Naming Convention.
c:\winnt"\"system32 is the same as C:\WINNT\SYSTEM32
C:\> Represents the Windows command prompt of the current hard disk drive. The escape character in a command prompt is the caret (^). Your prompt reflects the subdirectory in which you are working. Referred to as the command prompt in this manual.
C:\oracle\oradata>
Special characters The backslash (\) special character is sometimes required as an escape character for the double quotation mark (") special character at the Windows command prompt. Parentheses and the single quotation mark (') do not require an escape character. Refer to your Windows operating system documentation for more information on escape and special characters.
C:\>exp scott/tiger TABLES=emp QUERY=\"WHERE job='SALESMAN' and sal<1600\"
C:\>imp SYSTEM/password FROMUSER=scott TABLES=(emp, dept)
HOME_NAME
Represents the Oracle home name. The home name can be up to 16 alphanumeric characters. The only special character allowed in the home name is the underscore.
C:\> net start OracleHOME_NAMETNSListener
ORACLE_HOME and ORACLE_BASE In releases prior to Oracle8i release 8.1.3, when you installed Oracle components, all subdirectories were located under a top level ORACLE_HOME directory that by default used one of the following names:
  • C:\orant for Windows NT

  • C:\orawin98 for Windows 98

This release complies with Optimal Flexible Architecture (OFA) guidelines. All subdirectories are not under a top level ORACLE_HOME directory. There is a top level directory called ORACLE_BASE that by default is C:\oracle. If you install the latest Oracle release on a computer with no other Oracle software installed, then the default setting for the first Oracle home directory is C:\oracle\orann, where nn is the latest release number. The Oracle home directory is located directly under ORACLE_BASE.

All directory path examples in this guide follow OFA conventions.

Refer to Oracle Database Platform Guide for Windows for additional information about OFA compliances and for information about installing Oracle products in non-OFA compliant directories.

Go to the ORACLE_BASE\ORACLE_HOME\rdbms\admin directory.