Overview

Toaccessadatabase,ausermustrunadatabaseapplicationandconnecttothe
databaseinstanceusingavalidusernamedefinedinthedatabase.Accesscontrol
providesauthenticationforeachuserandauthorizationforallobjectsinthe
database.Authenticationisprovidedwiththecorrectuserpassword.Management
ofauthorizationforallobjectsinthedatabaseisprovidedbygrantingappropriate
privilegestospecificusers.

Privileges
Theprivilegeisamethodtopermitordenyaccesstodataortoperformadatabase
operation.Aprivilegegivestherighttoortoaccessanotheruser'sobjectsuchas
connectingtothedatabase,tablecreationandexecuteaparticulartypeofSQL
statement.Theseprivilegesrestrictwhatoperationsusersmayperformonthose
objects.Auserhasallprivilegesonallobjectsintheirownschema,andthese
privilegescannotberevoked.Ausercanbegrantedprivilegesforobjectsinother
users'schemas.Thereisahierarchyforalloftheprivileges.
Privilegesaregrantedorrevokedeitherbytheinstanceadministrator,auserwith
theADMINprivilegeor,forprivilegestoacertainobject,bytheownerofthe
object.


Asystemprivilegeistherighttoperformsystemlevelactivitiesonanyschema
objectsofaparticulartype.Forexample,theprivilegestocreatetablespacesandto
deletetherowsofanytableinadatabasearesystemprivileges.Onlytheinstance
administratororauserwiththeADMINprivilegecangrantasystemprivilegetoa
user.Theinstanceadministratoralwayshasfullsystemandobjectprivileges,which
cannotberevokedatanytime.Tograntorrevokeasystemprivilege,usethe
GRANTorREVOKEstatements.
Anobjectprivilegeenablesausertoperformdefinedoperationsonaspecific
object.Separateobjectprivilegesareavailableforeachobjecttype.Object
privilegescanbeusedtodefineatable,columninarelationaltableordeclarea
variableorparameterofthenamedtype.
Everyobjectownerhasaccessandfullprivilegestotheirownobjects.Auserdoes
nothaveaccesstoobjectsownedbyotherusersunlessexplicitlygrantedaccessby
theobject'sownerorbyauserwithADMINprivilege.IfthePUBLICrolehasbeen
grantedaccesstoagivenobject,thenalldatabaseusershaveaccesstothatobject.
Objectaccesscontrolrequiresthatausereitherbetheownerofanobjectorgranted
theappropriateobjectprivilegetoperformoperationsontheobject.Object
privilegesaregrantedorrevokedbytheinstanceadministrator,auserwiththe
ADMINprivilegeortheuserwhoistheowneroftheobject.

Profiles

Profileisasecurityconceptthatdescribesthelimitationofdatabaseresourcesthat
aregranteddatabaseusers.Aprofileisanamedsetofspecifiedresourcelimitsthat
canbeassignedtoavalidusernameofanOracledatabase.Profilesprovideforeasy
managementofresourcelimits.Profilesarealsothewayinwhichyouadminister
passwordpolicy.
Touseprofiles,firstcategorizetherelatedtypesofusersinadatabase.Justasroles
areusedtomanagetheprivilegesofrelatedusers,profilesareusedtomanagethe
resourcelimitsofrelatedusers.

Roles

Theroleisaconceptusedtoorganizeandadministerprivilegesinaneasymanner.
Rolesarenamedgroupsofrelatedprivilegesthatyougranttousersorotherroles.
Rolesaredesignedtoeasetheadministrationofendusersystemandschemaobject
privileges.Rolesarenotmeanttobeusedforapplicationdevelopers,becausethe
privilegestoaccessschemaobjectswithinstoredprogrammaticconstructsneedto
begranteddirectly.Aroleislikeauser,exceptitcannotownobjects.Arolecanbe
assignedprivilegesandthenassignedtousers.
Databaseadministratorsoftencreaterolesforadatabaseapplication.TheDBA
grantsasecureapplicationroleallprivilegesnecessarytoruntheapplication.The
DBAthengrantsthesecureapplicationroletootherrolesorusers.Anapplication
canhaveseveraldifferentrolesgrantingadifferentsetofprivilegesthatallowfor
moreorlessdataaccesswhileusingtheapplication.
Auserrequiresoneormoreprivilegestosuccessfullyexecuteadatadefinition
language(DDL)statement,dependingonthestatement.Forexample,tocreatea
table,theusermusthavetheCREATETABLEorCREATEANYTABLE
systemprivilege.Tocreateaviewofanotheruser'stable,thecreatorrequiresthe
CREATEVIEWorCREATEANYVIEWsystemprivilegeandeitherthe
SELECTOBJECTprivilegeforthetableortheSELECTANYTABLEsystem
privilege.

Summary

The application maintains all users in a table and assignsroles toeach user.Roles
have specific privileges assigned to them. We have learned that creating
activitybased user profiles increases the likelihood of detecting inappropriate
accesstosensitivedata. Oneissueiswhentheprivilegecontrolmechanismsforjob
roles have not been well defined or maintained. As a result, users may be granted
generic or default access privileges that far exceed their specificjobrequirements,
orthey may simply accumulate such privilegesover time.Thiscreatesunnecessary
risk.Thisweekforourlabyouwillcreateprofilesandroles.