A
- access (see authorization)
- accounts,
user, Connecting to the Database
- authentication (see authentication)
- default, Oracle from the Inside, Oracle Default Roles and User Accounts, About the Defaults, Default User Accounts, Grants to “public”
- identified
externally, Connecting to the Database Without a Password, Identified externally accounts
- locking, Account Locking, Password Decisions
- maintaining, Maintaining User Accounts, A Sample Script
- operating system and, Operating System Accounts
- OPS$
accounts, Connecting to the Database Without a Password, Two problems with REMOTE_OS_AUTHENT
- privileges for
creating, Privileges
- requests for,
handling, Possible Account Requests
- security user
account, Using Password-Protected Roles, Create the PL/SQL program that sets roles
- standards for, Standards for Accounts, Ways to Create an Account
- types of, Types of Accounts, General User Accounts
- administration
- accounts
for, Administrator Accounts
- auditing
administrator-level connections, Auditing During Database Connection with Privileges
- backup
levels, Using backup levels
- communicating
with other managers, Communicating with Other Sites
- DBA
toolkit (OEM), The DBA Toolkit, The DBA Toolkit, The DBA Toolkit and Security, The Oracle Software Manager
- detecting
table name guesses, The DBA as a Clairvoyant
- disabling SQL
privileges, Disabling SQL privileges
- Job
Scheduler (OEM), OEM and the Job Scheduler, Deinstall, Delete, Distribute, and Install Products
- managing the
security plan, Management Considerations
- monitoring
database events, OEM and the Event Management System, Performance Management events
- purging
audit data, Purging Audit Information, Removing Selected Data from SYS.AUD$
- remote, Remote Database Administration
- user
account maintenance, Maintaining User Accounts, A Sample Script
- Advanced Networking Option (ANO), What Isn’t Free?, Passwords and Data Encryption, Advanced Networking Option
- after-delete trigger
(example), The Third Trigger Creation Script (After-Delete), Generating an After-Delete Trigger Script, Generating an After-Delete Trigger Script
- after-update trigger
(example), The Second Trigger Creation Script (After-Update), The Second Trigger Creation Script (After-Update), Generating an After-Update Trigger Script, Generating an After-Update Trigger Script
- aging passwords, Password Aging and Expiration, Password Decisions
- alert log, Default Auditing Privileges
- algorithms,
cryptographic, Algorithms, Plaintext, and Ciphertext
- aliases (see synonyms)
- ALL privilege, The object grants
- ALL_DEF-AUDIT_OPTS
view, The Auditing Views
- ALTER privilege, Object privileges
- ALTER SESSION command, Setting Up Initialization Parameters for Security
- ALTER SYSTEM command, Setting Up Initialization Parameters for Security
- ALTER
TABLESPACE commands, Tablespace security
- ANO (Advanced Networking Option), What Isn’t Free?, Passwords and Data Encryption, Advanced Networking Option
- ANY qualifier, System Privileges for the DBA Role
- application manager
account, Application Manager
- Application
Server (see OAS)
- applications
- account
maintenance (example), Application Design Requirements, Create user button code
- audit trail
(example), A Problem with Auditing—and a Solution, Developing a Sample Audit Application, Generating an After-Delete Trigger Script
- reporting audit
data, Using the Audit Data in Reports, The AUDIT_ROW Table Report
- tables
for, The Three Table Creation Scripts, The AUDIT_DELETE table
- tracking
inserts, Tracking Inserts, The First Trigger Creation Script (Before-Insert)
- tracking updates and
deletions, Tracking Updates and Deletions
- credit
card system (example), Developing a Simple Security Application, Execution
- dynamic HTML
for, Running a dynamic HTML application
- segmenting
processing, Segmenting Application Processing, Thin Client (Three-Tier) Architecture
- archive log files, What’s in the Files?
- archivelog mode, About Archivelog Mode, About Archivelog Mode
- archiving audit
data, Purging Audit Information
- associative
tables, Enterprise Tables Used by the Credit Card System
- attacks (see threats)
- AUD$
table, About the SYS.AUD$ Table, A Problem
- purging, Purging Audit Information, Removing Selected Data from SYS.AUD$
- views, Views Related to SYS.AUD$, Creating a summary table
- AUDIT command, Enabling audit by privileges
- AUDIT privilege, Object privileges
- auditing, Developing an Audit Plan, Removing Selected Data from SYS.AUD$
- audit trail
application (example), A Problem with Auditing—and a Solution, Developing a Sample Audit Application, Generating an After-Delete Trigger Script
- reporting audit
data, Using the Audit Data in Reports, The AUDIT_ROW Table Report
- tables
for, The Three Table Creation Scripts, The AUDIT_DELETE table
- tracking
inserts, Tracking Inserts, The First Trigger Creation Script (Before-Insert)
- tracking updates and
deletions, Tracking Updates and Deletions
- data
dictionary, Creating and Maintaining the Data Dictionary, Views and Auditing
- default, Default Auditing, Auditing During Database Structure Modification
- DICTIONARY view
information, From the DICTIONARY View
- initialization
file, Evolution of an initialization file
- list of
actions/options, Available Audit Actions, Auditing Options
- performance
audits, Auditing to Analyze Performance
- performance
drain from, Auditing and Performance, Auditing and Performance, About Performance and Storage, Performance Suggestions
- plan and
procedure, Auditing Plan and Procedures, A Problem with Auditing—and a Solution
- privileges,
default, Default Auditing Privileges
- purging
audit data, Purging Audit Information, Removing Selected Data from SYS.AUD$
- reasons
for, Why Audit?
- storing
audit information, Where to Audit, Default Auditing Privileges
- tracking
users, User Tracking
- triggers
for, About Creating a Trigger
- types
of, Types of Auditing, Auditing Shortcuts
- views, The Auditing Views, The Auditing Views, Purging Audit Information
- SYS.AUD$
table, Views Related to SYS.AUD$, Creating a summary table
- AUDIT_COLUMN table
(example), The AUDIT_COLUMN table
- AUDIT_DELETE table
(example), The AUDIT_DELETE table
- AUDIT_FILE_DEST parameter, Where to Audit
- AUDIT_ROW table
(example), The AUDIT_ROW table, The AUDIT_ROW Table Report
- AUDIT_TRAIL
parameter, Views and Auditing, Where to Audit
- authentication, More Complex Approaches, Oracle and Operating System Authentication, OSDBA, Ways to Authenticate Users , Distinguished names
- OPS$
accounts, Connecting to the Database Without a Password, Two problems with REMOTE_OS_AUTHENT
- ORAPWD/ORAPWD80
utility, The ORAPWD Utility, Steps to setting up the password file
- OSDBA, OSOPER
privileges, The SYSDBA and SYSOPER Roles
- OSS
Authentication Adapter, The OSS Authentication Adapter
- authorization, More Complex Approaches
- (see also authentication)
- configuration
file access, Contents of the configuration file
- control files
access, How Oracle uses control files
- controlling
from operating system, Controlling Access from the Operating System, Access by group
- credit
card system example, Application Control of Access, Execution
- data
access, Oracle from the Inside, Granting Access to the Database
- database
connections, Connecting to the Database, More Complex Approaches
- auditing, Connect and disconnect auditing
- direct server
connection, Direct Connection to a Database Server
- without a
password, Connecting to the Database Without a Password, Steps to setting up the password file
- DBA role,
handling, Who Gets the DBA Role?
- disabling
SQL privileges, Disabling SQL privileges, Disabling SQL privileges
- Enterprise
Authorization role, Defining an Enterprise Authorization
- files (see permissions,
file)
- initialization
file access, Evolution of an initialization file
- OAS
and, OAS Security
- OEM
console, A Potential Security Problem
- Oracle system
access, Oracle from the Outside
- OSS
repository, Securing the OSS Repository, Securing the OSS Repository
- public user
account, Privileges, Grants to “public”
- redo log files
access, How redo log files are created
- role-object
access matrix (example), Preparing the Role-Object Matrix , Naming Conventions
- roles (see roles)
- segmenting
in database (example), Segmenting Authority in the Database, Segmenting Authority in the Database
- Server
Authorization role, Defining a Server Authorization
- table
ownership, Table Ownership
- Trusted Oracle
databases, Accessing a Trusted Oracle Database
- user resource
limits, System Resource Profiles, Imposing limits on a user
- AUTOEXTEND
parameter, Storage Suggestions
- automatic job
scheduling, OEM and the Job Scheduler, Deinstall, Delete, Distribute, and Install Products
B
- backup and recovery, Backup and Recovery, Backing Up and Recovering the Database, Offline Recovery
- automatic
backups, Back Up Tablespaces, Export, Import, and Load Data
- backup
files, The Oracle system files
- Backup Manager utility (OEM), The DBA Toolkit, The Oracle Backup Manager
- backup
sets, What Are the Backup Options?, Backups Supported by Recovery Manager
- constantly changing
information, Where did the time go?
- documentating user
state, Documenting the User State
- EBU
(Enterprise Backup Utility), What Are the Backup Options?, Enterprise Backup Utility
- Oracle Data Manager
for, The Oracle Data Manager
- Oracle7
Enterprise Backup Utility, Log switches
- Oracle8
features, What’s New for Oracle8?, Using backup levels
- Oracle8 Recovery
Manager, The Oracle8 Recovery Manager, Using backup levels
- plan and
procedures, Backup and Recovery Plan and Procedures
- recovery
options, What Are the Recovery Options?, Offline Recovery
- redo logs, What’s in the Files?, Redo Log Files,
MAXDATAFILES parameter, About Archivelog Mode, About Archivelog Mode
- types/levels of
backups, What Are the Backup Options?, Enterprise Backup Utility, Using backup levels
- Backup
Catalog, Enterprise Backup Utility, Enterprise Backup Utility
- BECOME USER privilege, System Privileges for the DBA Role
- before-insert trigger
(example), The First Trigger Creation Script (Before-Insert), Generating a Before-Insert Trigger Script, Generating a Before-Insert Trigger Script
- Berners-Lee,
Tim, Internet and intranet terminology
- broadcast messages, Broadcast Messages
- browsers, web, Internet and intranet terminology
C
- cacls command (Windows
NT), Oracle from the Outside
- captive
accounts, Identified externally accounts
- CAs (certificate
authorities), More Complex Approaches, Certificates of Authority, Distinguished names, Creating the OSS certificate authority, Creating the OSS certificate authority
- deleting
identities, Removing an identity
- CATALOG.SQL
file, About Row-Level Security, About CATALOG.SQL
- CATAUDIT.SQL
script, How Auditing Works
- CATNOAUD.SQL
script, Eliminating the Audit Views
- certificates of authority, More Complex Approaches, Certificates of Authority, Distinguished names, Creating the OSS certificate authority, Creating the OSS certificate authority
- deleting CA
identities, Removing an identity
- certifications, Trusted
Oracle, Certifications
- chmod, chown utilities
(Unix), Oracle from the Outside
- ciphertext, Algorithms, Plaintext, and Ciphertext
- classes of
users, Establishing Classes of Users
- client/server architecture, Client/Server (Two-Tier) Architecture
- code,
encrypting (see encryption)
- col$ table, Tables Used to Build the Views
- cold database
backups, What Are the Backup Options?, Cold Database Backups, Cold Database Backups
- COMMENT privilege, Object privileges
- complexity,
password, Password Composition and Complexity, Writing your own function
- COMPOSITE_LIMIT
parameter, System Resource Profiles
- composition,
password, Password Composition and Complexity, Writing your own function
- configuration file
(CONFIG.ORA), The Oracle system files, What’s in the Files?, Configuration File, Contents of the configuration file
- initialization file
and, Configuration File
- configuring
INIT.ORA parameters, Setting Up Initialization Parameters for Security, Viewing the Parameters
- configuring
OSS, Configuring and Using the OSS, Removing an identity
- configuring
SQL*Net, Installing and Configuring SQL*Net, The listener and passwords
- CONNECT commands
- CONNECT
INTERNAL, About CONNECT INTERNAL, From the operating system , Using CONNECT INTERNAL and CONNECT /
- CONNECT
/, Using CONNECT INTERNAL and CONNECT /
- CONNECT privilege (before
Oracle6), The CONNECT Role
- CONNECT role, Oracle-Supplied Roles, About the Defaults, Name of the role
- auditing, Auditing Shortcuts
- connecting to databases, Connecting to the Database
- auditing
connects/disconnects, Connect and disconnect auditing
- constant-state vs.
stateless, Constant-State Versus Stateless Connections, Running a dynamic HTML application
- direct server
connection, Direct Connection to a Database Server
- remotely, Installing and Configuring SQL*Net, The listener and passwords
- single sign-on, More Complex Approaches, How ANO Works
- without a
password, Connecting to the Database Without a Password, Steps to setting up the password file
- CONNECT_TIME
parameter, System Resource Profiles
- constant-state
connections, Constant-State Versus Stateless Connections, Running a dynamic HTML application
- control files, What’s in the Files?, Control File, How Oracle uses control files
- CONTROL_FILES
parameter, How Oracle uses control files
- CONTROL_FILE_RECORD_KEEP_TIME
parameter, The Recovery Catalog
- cookies, Internet and intranet terminology, Cookies, A dual approach
- copying control
files, How Oracle uses control files
- CORBA, How the OAS Works
- corporate identity, What’s the Harm?
- corruption,
database (see backup and recovery)
- CPU_PER_CALL
parameter, System Resource Profiles
- CPU_PER_SESSION parameter, System Resource Profiles
- CREATE commands
- CREATE
DATABASE, From the operating system
- MAXDATAFILES parameter,
MAXDATAFILES parameter
- redo log files
and, How redo log files are created
- CREATE
SCHEMA, The Schema Concept
- CREATE
SYNONYM, Why Synonyms Are Used
- CREATE TABLE, Creating a table within a tablespace
- CREATE
TABLESPACE, Creating a tablespace, Tablespace security
- STORAGE
clause, Tablespace and Tablespace Datafiles, Table Parameters
- CREATE
privileges, Object privileges
- CREATE ANY
TABLE, Table Ownership
- CREATE ANY
VIEW, System privileges
- CREATE PUBLIC
SYNONYM, About Public and Private Synonyms
- CREATE
SESSION, Privileges, System privileges
- CREATE
TRIGGER, About the CREATE TRIGGER privilege
- create utility script
(OSS), Creating and Deleting the OSS Repository
- credit card system
(example), Developing a Simple Security Application, Execution
- access
control, Application Control of Access, Execution
- grants, Grants, Limitation of Grants and Roles
- roles, Roles, Roles
- views, Views, The CARD_HOLDER_V view
- CRLs (certificate revocation
lists), Period of validity and revocation
- CRUSRGRT.SQL
script, A Sample Script, A Sample Script
- cryptography, About Cryptography, Algorithms, Plaintext, and Ciphertext
- cumulative database
exports, Logical Database Backups (Exports)
- curious
employees, The curious employee
D
- damage from
failed security, What’s the Harm?
- data
access (see authorization)
- Data Definition Language
(DDL), Statement-Level Auditing
- data dictionary, The Oracle Data Dictionary, The Oracle Data Dictionary, The ROLE_TAB_PRIVS View
- auditing, Views and Auditing
- SQL.BSQ
file, About SQL.BSQ, Inside SQL.BSQ
- views of, The Data Dictionary Views, Applying the Concepts
- passwords and, Password Enhancements in the Data Dictionary Views
- security-related, Views Used for Security, The ROLE_TAB_PRIVS View
- data
encryption (see encryption)
- Data Manager utility (OEM), The DBA Toolkit, The Oracle Data Manager
- Data Manipulation Language
(DML), Statement-Level Auditing
- data
storage (see disk storage)
- database administration toolkit
(OEM), The DBA Toolkit, The DBA Toolkit, The DBA Toolkit and Security, The Oracle Software Manager
- database
objects, Oracle Database Objects, Profiles, Advantages of Customized Roles
- auditing, Auditing Plan and Procedures, Object-Level Auditing, Capturing “after” data
- backing up
logical database, What Are the Backup Options?, Logical Database Backups (Exports), Logical Database Backups (Exports)
- in data dictionary, Creating and Maintaining the Data Dictionary
- defined, Objects
- list of, The Logical Entities, The Logical Entities
- location
transparency, How Synonyms Are Used, Using no synonyms/user grants and private synonyms with no grants
- databases
- access to
data (see authorization)
- administration (see administration)
- auditing (see auditing)
- backing
up (see backup and recovery)
- connecting
to, Connecting to the Database
- auditing
connects/disconnects, Connect and disconnect auditing
- constant-state vs.
stateless, Constant-State Versus Stateless Connections, Running a dynamic HTML application
- direct server
connection, Direct Connection to a Database Server
- remotely, Installing and Configuring SQL*Net, The listener and passwords
- single sign-on, More Complex Approaches, How ANO Works
- without a password, Connecting to the Database Without a Password, Steps to setting up the password file
- control
files, What’s in the Files?, Control File, How Oracle uses control files
- creating
- MAXDATAFILES parameter,
MAXDATAFILES parameter
- redo
log files, How redo log files are created
- SQL.BSQ
file and,
SQL.BSQ and Database Creation
- failure (see backup
and recovery)
- files
of (see system files)
- OEM
repository, Specifying the Database Repository
- OSS
repository, The OSS Repository, Creating and Deleting the OSS Repository, Creating and Deleting the OSS Repository, Securing the OSS Repository, Securing the OSS Repository, Removing the Oracle Security Server Repository
- profiles (see profiles)
- segmenting
authority in (example), Segmenting Authority in the Database, Segmenting Authority in the Database
- starting, The Instance and the Database: Starting an Oracle Database, The Instance and the Database: Starting an Oracle Database
- startup/shutdown, Auditing During Database Startup, Start Up and Shut Down Your Database
- structure
modifications, auditing, Auditing During Database Structure Modification
- Trusted Oracle,
accessing, Accessing a Trusted Oracle Database
- datafiles, tablespace, File placement and naming
- backing up, Types of datafile backups
- DB_NAME parameter
(CONFIG.ORA), Contents of the configuration file
- DBA role, Oracle-Supplied Roles, About the Defaults, About the Defaults, The DBA Role, Who Gets the DBA Role?
- auditing, Auditing Shortcuts
- po8 user account, Demo, dbsnmp, and po8
- DBA toolkit (OEM), The DBA Toolkit, The DBA Toolkit, The DBA Toolkit and Security, The Oracle Software Manager
- DBAs (see administration)
- DBA_AUDIT_EXISTS
view, The Auditing Views, The DBA as a Clairvoyant
- DBA_AUDIT_OBJECT
view, The Auditing Views
- DBA_AUDIT_SESSION
view, The Auditing Views
- DBA_AUDIT_STATEMENT
view, The Auditing Views
- DBA_AUDIT_TRAIL
view, The Auditing Views, Views Related to SYS.AUD$
- DBA_OBJ_AUDIT_OPTS
view, The Auditing Views
- DBA_PRIV_AUDIT_OPTS
view, The Auditing Views
- DBA_PROFILES
view, Views Used for Security, The DBA_PROFILES View
- DBA_ROLES
view, Views Used for Security, The DBA_ROLES View
- DBA_ROLE_PRIVS
view, Views Used for Security, The DBA_ROLE_PRIVS View, The DBA_ROLE_PRIVS View
- DBA_STMT_AUDIT_OPTS
view, The Auditing Views
- DBA_SYS_PRIVS
view, Views Used for Security, The DBA_SYS_PRIVS View
- DBA_TAB_PRIVS
view, Views Used for Security, The DBA_TAB_PRIVS View, About the output
- DBA_USERS view, Views Used for Security, The DBA_USERS View, The DBA_USERS View
- dbsnmp user
account, Demo, dbsnmp, and po8
- DDL (Data Definition
Language), Statement-Level Auditing
- decryption, Algorithms, Plaintext, and Ciphertext
- (see also encryption)
- default
- auditing, Default Auditing, Auditing During Database Structure Modification
- auditing
privileges, Default Auditing Privileges
- roles, Oracle Default Roles and User Accounts, Advantages of Customized Roles, Oracle-Supplied Roles
- list
of, The CONNECT Role, Advantages of Customized Roles
- user
accounts, Oracle Default Roles and User Accounts, About the Defaults, Default User Accounts, Grants to “public”
- DEFAULT
profile parameter, System Resource Profiles, The DEFAULT profile
- defrole$ table, Tables Used to Build the Views
- deinstalling Oracle
products, Deinstall, Delete, Distribute, and Install Products
- DELETE privilege, Object privileges, The object grants
- DELETE_CATALOG_ROLE role, About the Defaults, About CONNECT INTERNAL
- deleting
- accidental/deliberate
data loss, It was here just a minute ago...
- after-delete
trigger (example), The Third Trigger Creation Script (After-Delete), The Third Trigger Creation Script (After-Delete), Generating an After-Delete Trigger Script, Generating an After-Delete Trigger Script
- audit
information, Purging Audit Information, Removing Selected Data from SYS.AUD$
- CA
identities, Removing an identity
- Oracle
software, Deinstall, Delete, Distribute, and Install Products
- OSS
repository, Creating and Deleting the OSS Repository, Creating and Deleting the OSS Repository, Removing the Oracle Security Server Repository
- tracking
deletions, Tracking Updates and Deletions
- demo user
account, Demo, dbsnmp, and po8
- demoted employees, Changing positions
- DES
cryptographic algorithms, Passwords and Data Encryption, How ANO Works
- detached
processes, The detached processes and the SGA
- DICTIONARY
view, The DICTIONARY View
- auditing
information in, From the DICTIONARY View
- digital signatures, More Complex Approaches, Digital Signatures
- direct database
server connections, Direct Connection to a Database Server
- disconnecting (see connecting to
databases)
- disgruntled employees, The disgruntled employee
- disk storage
- audit information, Where to Audit, Default Auditing Privileges, Auditing and Performance, Purging Audit Information, Storage Suggestions, Storage Suggestions
- capturing table data
(example), Capturing “before” data, Capturing “after” data
- after-delete
trigger, The Third Trigger Creation Script (After-Delete), Generating an After-Delete Trigger Script, Generating an After-Delete Trigger Script
- after-update
trigger, The Second Trigger Creation Script (After-Update), The Second Trigger Creation Script (After-Update), Generating an After-Update Trigger Script, Generating an After-Update Trigger Script
- before-insert
trigger, The First Trigger Creation Script (Before-Insert), Generating a Before-Insert Trigger Script, Generating a Before-Insert Trigger Script
- scripts to create
triggers, SQL Scripts to Generate Scripts, Generating an After-Delete Trigger Script
- control files, How Oracle uses control files
- cookies, Internet and intranet terminology, Cookies, A dual approach
- creating
tables, What Happens When a Table Is Created, As the Table Grows
- fragmentation, As the Table Grows
- SYS.AUD$
table, About the SYS.AUD$ Table, Auditing and Performance
- IP
addresses, Capturing an IP address
- loss of data, It was here just a minute ago...
- OEM
repository, Specifying the Database Repository
- Oracle Storage Manager, The DBA Toolkit, The Oracle Storage Manager
- password files, Using a password file
- quotas, About Quotas
- Space Management
events, Space Management events
- SQL.BSQ and
CATALOG.SQL files,
SQL.BSQ and CATALOG.SQL Locations
- tablespace
datafiles, File placement and naming
- backing up, Types of datafile backups
- dismissed
employees, Termination types
- distinguished
names (DNs), Distinguished names, Distinguished names
- distributed
processing, Client/Server (Two-Tier) Architecture
- distributing
Oracle software, Deinstall, Delete, Distribute, and Install Products
- distribution
files, The Oracle system files
- DML (Data
Manipulation Language), Statement-Level Auditing
- DNs (distinguished
names), Distinguished names, Distinguished names
- downsizing, security standards
and, Termination types
- dynamic HTML applications, Running a dynamic HTML application
E
- EBU
(Enterprise Backup Utility), What Are the Backup Options?, Enterprise Backup Utility
- editing control files, Modifying control files
- educating users about
policies, Educating Users
- electronic
references, Oracle Electronic References, Security Usenet Groups
- employees, standards
for, Standards for Employees , User Tracking
- EMP_AD0
trigger (example), The Third Trigger Creation Script (After-Delete), Generating an After-Delete Trigger Script, Generating an After-Delete Trigger Script
- EMP_AU0 trigger
(example), The Second Trigger Creation Script (After-Update), The Second Trigger Creation Script (After-Update), Generating an After-Update Trigger Script, Generating an After-Update Trigger Script
- EMP_BI0 trigger
(example), The First Trigger Creation Script (Before-Insert), Generating a Before-Insert Trigger Script, Generating a Before-Insert Trigger Script
- encryption, More Complex Approaches
- ANO algorithms
for, How ANO Works
- cryptography,
in general, About Cryptography, Algorithms, Plaintext, and Ciphertext
- DES
algorithms, Passwords and Data Encryption, How ANO Works
- passwords
and, Passwords and Data Encryption, Passwords and Data Encryption
- PL/SQL
wrapper, Using the PL/SQL Wrapper, Using the PL/SQL Wrapper
- RSA cryptographic
algorithms, Protocols and Algorithms, How ANO Works
- enforcing security policies, Enforcing Policies
- Enterprise Authorization
role, Defining an Enterprise Authorization
- Enterprise Backup Utility
(EBU), What Are the Backup Options?, Enterprise Backup Utility
- enterprise tables, credit card system
(example), About Enterprise Tables, Enterprise Tables Used by the Credit Card System
- errors
- Fault Management
events, Fault Management events
- OSS utility
problems, A Known Problem
- Event Management System
(OEM), OEM and the Event Management System, Performance Management events
- EXECUTE file permission, Executing a Procedure or Function
- EXECUTE privilege, Object privileges, The object grants
- EXECUTE_CATALOG_ROLE role, About the Defaults, About CONNECT INTERNAL
- expiring
passwords, Password Aging and Expiration, Password Decisions
- EXPORT
utility, What Are the Backup Options?
- exports, database, Logical Database Backups (Exports), Logical Database Backups (Exports)
- exports,
scheduled, Back Up Tablespaces, Export, Import, and Load Data
- EXP_FULL_DATABASE role, About the Defaults
- externally identified
accounts, Connecting to the Database Without a Password, Identified externally accounts
F
- failed login attempts, Password Decisions
- FAILED_LOGIN_ATTEMPTS
parameter, System Resource Profiles
- failure, database (see backup and
recovery)
- Fault Management events, Fault Management events
- file-level
copies, Cold Database Backups
- files
- audit
information, storing, Where to Audit, Default Auditing Privileges
- backup
files, The Oracle system files
- configuration
(CONFIG.ORA), The Oracle system files, What’s in the Files?, Configuration File, Contents of the configuration file
- control files,
editing, Modifying control files
- copying (see copying)
- export
files, Logical Database Backups (Exports), Logical Database Backups (Exports)
- initialization
(INIT.ORA), The Oracle system files, What’s in the Files?, Initialization File, Evolution of an initialization file
- setting up
parameters, Setting Up Initialization Parameters for Security, Viewing the Parameters
- log
files (see logging)
- moving around
networks, Moving data around a network
- OEM
repository, Specifying the Database Repository
- OSS
repository, The OSS Repository, Creating and Deleting the OSS Repository, Creating and Deleting the OSS Repository, Securing the OSS Repository, Securing the OSS Repository, Removing the Oracle Security Server Repository
- password
files, The ORAPWD Utility, Steps to setting up the password file, Using a password file
- permissions (see permissions,
file)
- saving (see disk
storage)
- size
of (see disk storage)
- Space Management
events, Space Management events
- SQL*Net
required files, Required Files, The listener and passwords
- system
files, The Oracle system files, Oracle System Files, Contents of the configuration file
- list of, and
descriptions, The Instance and the Database: Starting an Oracle Database, Contents of the configuration file
- fired employees, When an Employee Leaves
- firewalls, Internet and intranet terminology, Firewalls, SQL*Net and firewalls
- foreign keys,
updateable views and, Updating Views
- fragmented
tablespaces, As the Table Grows
- SYS.AUD$
table, About the SYS.AUD$ Table, Auditing and Performance
- full datafile
backups, Types of datafile backups
- fully qualified path
names, Synonyms
- functions, The Logical Entities, Stored Programs, Privileges, Procedures, and Roles
- executing, Executing a Procedure or Function
G
- giving notice (employee
security), When an employee gives notice
- global
users/roles, OSS and, Global users and global roles with OSS, Creating a global user and global role
- government security
levels/clearances, Trusted Oracle, Certifications
- GRANT privilege, Object privileges, Object privileges
- granting
privileges (see privileges)
- granting roles (see roles)
- groups of redo log
files, Using redo log groups
- groups of
users (see roles)
- groups of web users, access
by, Access by group
- guessing
passwords, Connect and disconnect auditing
- guessing table names, The DBA as a Clairvoyant
H
- header data, packet, Moving data around a network
- hiding tables and owner
(example), Hiding the tables and owner, Hiding the tables and owner
- HOST
command, disabling, Disabling SQL privileges
- host-based
access control, Access by IP address or host
- hot database
backups, What Are the Backup Options?, Hot Database Backups, Hot Database Backups
- HTML
(Hypertext Markup Language), Internet and intranet terminology
- HTTP (Hypertext
Transport Protocol), Internet and intranet terminology
- HTTPS
listeners, How the OAS Works
I
- identified externally accounts, Connecting to the Database Without a Password, Identified externally accounts
- IDENTIFIED EXTERNALLY
option, Connecting to the Database, Connecting to the Database Without a Password
- IDENTIFIED GLOBALLY AS clause, Creating a global user and global role
- identity (corporate), What’s the Harm?
- (see also authentication; certificates of
authority)
- IDLE_TIME parameter, System Resource Profiles
- image (cold)
backups, Cold Database Backups
- image
copies, What Are the Backup Options?, Backups Supported by Recovery Manager
- impersonation, More Complex Approaches, A dual approach, About Sniffers and Snoopers
- import
command, Logical Database Backups (Exports)
- IMPORT utility,
passwords and, Password Scripts and Commands
- imports,
scheduled, Back Up Tablespaces, Export, Import, and Load Data
- IMP_FULL_DATABASE role, About the Defaults
- incremental database
exports, Logical Database Backups (Exports)
- incremental datafile
backups, Types of datafile backups
- index for tables, Creating an index for a table in a tablespace
- INDEX privilege, Object privileges, Object privileges, The object grants
- INIT.ORA
file, The Oracle system files, What’s in the Files?, Initialization File, Evolution of an initialization file
- setting parameters, Setting Up Initialization Parameters for Security, Viewing the Parameters
- INITIAL parameter
(STORAGE), Table Parameters
- initialization
file, The Oracle system files, What’s in the Files?, Initialization File, Evolution of an initialization file
- setting up
parameters, Setting Up Initialization Parameters for Security, Viewing the Parameters
- INSERT privilege, Object privileges, The object grants
- inserts,
tracking, Tracking Inserts, The First Trigger Creation Script (Before-Insert)
- installing Oracle, Installing Oracle Securely, Using CONNECT INTERNAL and CONNECT /, Deinstall, Delete, Distribute, and Install Products
- installing
SQL*Net, Installing and Configuring SQL*Net, The listener and passwords
- instance, The Instance and the Database: Starting an Oracle Database, The Instance and the Database: Starting an Oracle Database
- Instance Manager utility (OEM), The DBA Toolkit, The Oracle Instance Manager
- instantiation, Cookies
- INSTEAD OF
condition, About Creating a Trigger
- internal user account, password
for, Steps to setting up the password file
- Internet (see networking)
- intersection
tables, Enterprise Tables Used by the Credit Card System
- intranets, Internet and intranet terminology, Evaluating Web Assets and Risks , A dual approach
- intruders, Potential Threats
- auditing databases
to detect, Auditing to Confirm Suspicions, The DBA as a Clairvoyant
- impersonation, More Complex Approaches
- password
guessing, Connect and disconnect auditing
- protecting Oracle
system from, Oracle from the Outside
- IP
addresses
- access
controlled by, Access by IP address or host
- storing in
cookies, Capturing an IP address
L
- labels, security
clearance, How Trusted Oracle Works
- LANs (local area networks), LANs and WANs
- lateral career moves, Changing positions
- layers, security, Layers of Security
- layoffs, security
standards and, Termination types
- levels, backup, Using backup levels
- LISTENER.ORA file, Required Files
- local area networks (LANs), LANs and WANs
- location
transparency, How Synonyms Are Used, Using no synonyms/user grants and private synonyms with no grants
- LOCK privilege, Object privileges
- locking user accounts, Account Locking, Password Decisions
- log file switches, Log switches
- logging
- archive log
files, What’s in the Files?
- redo
logs, What’s in the Files?, Redo Log Files,
MAXDATAFILES parameter, About Archivelog Mode, About Archivelog Mode
- logical
components of Oracle systems (see database
objects)
- logical database,
defined, Advantages of Customized Roles
- (see also database
objects)
- LOGICAL_READS_PER_CALL
parameter, System Resource Profiles
- LOGICAL_READS_PER_SESSION
parameter, System Resource Profiles
- login attempts, failed, Password Decisions
- LOG_ARCHIVE_ parameters, About Archivelog Mode
- lookup table
(credit card system example), Enterprise Tables Used by the Credit Card System
- loss of data, It was here just a minute ago...
M
- maintaining (see updating)
- managing the security plans, Management Considerations
- many-to-many
tables, Enterprise Tables Used by the Credit Card System
- MAXDATAFILES parameter (CREATE DATABASE),
MAXDATAFILES parameter
- MAXEXTENTS parameter
(STORAGE), As the Table Grows
- MD5
algorithn, Protocols and Algorithms
- memory
- Resource Management
events, Resource Management events
- tablespace, Tablespace and Tablespace Datafiles, Tablespace security
- unlimited, About Quotas, Scott and his tiger
- message
digests, Digital Signatures
- MG_USR
package, How Does the Code Work?, About the mg_usr package body
- mirroring, Using redo log groups
- modifying control files, Modifying control files
N
- Names Server, About the Names Server, About the Names Server
- naming
- CONNECT
role, Name of the role
- credit card system
(example), Naming Conventions
- fully qualified path
names, Synonyms
- passwords, Standards for Passwords, Changing Passwords
- roles, User and Role Names, About the Defaults, Creating Roles with Meaningful Names
- tablespace
datafiles, File placement and naming
- tablespaces, Tablespace names, Tablespace names
- triggers, Naming Triggers
- username
selection, User and Role Names, Standards for Usernames
- need to
know, Trusted Oracle
- Net8 (see SQL*Net)
- Net8 Assistant, About the Names Server
- network configuration
files, The Oracle system files
- network listener passwords, The listener and passwords
- network manager
account, Network Manager
- networking, About Networking, The Java language and security
- ANO (Advanced Networking Option), What Isn’t Free?, Passwords and Data Encryption, Advanced Networking Option
- assets
and risks, Evaluating Web Assets and Risks , Breach of privacy
- communicating with
other managers, Communicating with Other Sites
- constant-state
vs. stateless connections, Constant-State Versus Stateless Connections, Running a dynamic HTML application
- involving
users in security, Getting Users Involved, Communicating with Other Sites
- security
methods, Protecting a Web Site, Access by group
- terminology
of, Internet and intranet terminology
- web
basics, Web Basics, The Java language and security
- web
browsers and servers, Internet and intranet terminology
- web
sites, Web Sites
- new employees, New hires
- newsgroups as
resources, Oracle Usenet Groups, Security Usenet Groups
- NEXT
parameter (STORAGE), Table Parameters
- nicknames (see synonyms)
- NXDODROP.SQL
script, Creating and Deleting the OSS Repository
- NZDOCRT.SQL
script, The OSS Repository, Creating and Deleting the OSS Repository
- NZDOUSER.SQL
script, Creating and Deleting the OSS Repository
O
- OAS (Oracle Application
Server), What Isn’t Free?, Oracle Application Server, OAS Security
- obj$ table, Tables Used to Build the Views
- objauth$ table, Tables Used to Build the Views
- object privileges, About System and Object Privileges, Object privileges
- (see also privileges)
- granted to roles (ROLE_TAB_PRIVS
view), The ROLE_TAB_PRIVS View, The ROLE_TAB_PRIVS View
- listing all granted
(DBA_TAB_PRIVS), The DBA_TAB_PRIVS View, About the output
- Object Request Broker
(ORB), How the OAS Works
- object-level
auditing, Object-Level Auditing, Capturing “after” data
- objects (see database
objects)
- ODS (Oracle Diagnostic
System), Using the Oracle Enterprise Manager
- OEM (Oracle Enterprise
Manager), What’s “Free”?, Using the Oracle Enterprise Manager, Performance Management events
- components of, The OEM Components
- control files
and, How Oracle uses control files
- database administration
toolkit, The DBA Toolkit, The DBA Toolkit, The DBA Toolkit and Security, The Oracle Software Manager
- Event Management
System, OEM and the Event Management System, Performance Management events
- Job
Scheduler, OEM and the Job Scheduler, Deinstall, Delete, Distribute, and Install Products
- repository
data, Specifying the Database Repository
- offline
recovery, Offline Recovery
- OMX
(Oracle Media Exchange), How the OAS Works
- one-way hash
functions, Digital Signatures , Protocols and Algorithms
- online
recovery, Online Recovery
- online resources, Oracle Electronic References, Security Usenet Groups
- OpenVMS
systems
- captive accounts, Identified externally accounts
- file-level interaction
protection, Oracle from the Outside
- group
membership, Operating System Security Mechanisms
- OSDBA role, From the operating system
- SQL.BSQ, CATALOG.SQL file
locations,
SQL.BSQ and CATALOG.SQL Locations
- swapping
passwords, Swapping passwords
- operating
system
- access control
from, Controlling Access from the Operating System, Access by group
- default auditing, Default Auditing, Auditing During Database Structure Modification
- running
commands, Run OS Commands and Tcl Commands
- security, Operating System Security Mechanisms, Installing Oracle Securely, Using CONNECT INTERNAL and CONNECT /
- accounts
and, Operating System Accounts
- authentication, Oracle and Operating System Authentication, OSDBA
- OPS$ accounts, Connecting to the Database Without a Password, Two problems with REMOTE_OS_AUTHENT
- Oracle
- creating/maintaining
data dictionary, Creating and Maintaining the Data Dictionary
- distribution
files, The Oracle system files
- initialization
file parameters, Setting Up Initialization Parameters for Security, Viewing the Parameters
- installing
and starting, Installing and Starting Oracle, Viewing the Parameters
- installing/configuring
SQL*Net, Installing and Configuring SQL*Net, The listener and passwords
- resources
for further reading, References, Oracle and the Web , Oracle Electronic References, Oracle Usenet Groups
- security
model, The Oracle Security Model, Web Sites
- versions
of, Platforms and Versions of Oracle
- Oracle products, Using Extra-Cost Options, OAS Security
- ANO (Advanced
Networking Option), Advanced Networking Option
- distributing, (de)installing,
deleting, Deinstall, Delete, Distribute, and Install Products
- Oracle
Application Server (OAS), What Isn’t Free?, Oracle Application Server, OAS Security
- Oracle Backup Manager, The DBA Toolkit, The Oracle Backup Manager
- Oracle Data Manager, The DBA Toolkit, The Oracle Data Manager
- Oracle Diagnostic System
(ODS), Using the Oracle Enterprise Manager
- Oracle
Instance Manager, The Oracle Instance Manager
- Oracle Media
Exchange (OMX), How the OAS Works
- Oracle Names
Server, About the Names Server, About the Names Server
- Oracle Performance
Packs, The DBA Toolkit
- Oracle Replication Manager, The DBA Toolkit, The Oracle Replication Manager
- Oracle Schema Manager, The DBA Toolkit, The Oracle Schema Manager
- Oracle Security Manager, The DBA Toolkit, The
Oracle Security Manger
- Oracle Software Manager, The DBA Toolkit, The Oracle Software Manager
- Oracle SQL Worksheet, The DBA Toolkit, The Oracle SQL Worksheet
- Oracle Storage Manager, The DBA Toolkit, The Oracle Storage Manager
- Oracle7
Enterprise Backup Utility, Log switches
- Oracle8 Recovery
Manager, The Oracle8 Recovery Manager, Using backup levels
- OSS (Oracle Security
Server), Standards for the Oracle Security Server
- OSS
Manager, What’s “Free”?
- Trusted
Oracle, What Isn’t Free?, Trusted Oracle, Certifications
- Oracle
systems
- components
of, The Instance and the Database: Starting an Oracle Database
- files of (system
files), The Oracle system files, Oracle System Files, Contents of the configuration file
- list of, and
descriptions, The Instance and the Database: Starting an Oracle Database, Contents of the configuration file
- logical
components (see database objects)
- physical
components, The Physical Entities, The detached processes and the SGA
- protecting
from outsiders, Oracle from the Outside
- Oracle-supplied (see default)
- oracle_security_service(_admin)
accounts, Creating and Deleting the OSS Repository
- oracle_security_service,
oracle_security_admin accounts, The OSS Repository
- ORAPWD/ORAPWD80
utility, The ORAPWD Utility, Steps to setting up the password file
- ORB (Object Request Broker), How the OAS Works
- OSDBA
privilege, The SYSDBA and SYSOPER Roles
- OSDBA role, About OSDBA and SYSDBA, The OSDBA and OSOPER roles, OSDBA
- OSOPER privilege, The SYSDBA and SYSOPER Roles
- OSOPER
role, About OSOPER and SYSOPER, The OSDBA and OSOPER roles, OSDBA
- OSS (Oracle Security
Server), Standards for the Oracle Security Server, The
Oracle Security Manger, Using the Oracle Security Server, Removing the Oracle Security Server Repository , Oracle Security Server
- components
of, What’s in the OSS?, Creating a global user and global role
- configuring and
using, Configuring and Using the OSS, Removing the Oracle Security Server Repository
- global users and
roles, Global users and global roles with OSS, Creating a global user and global role
- OSS Authentication
Adapter, The OSS Authentication Adapter
- OSS Manager, What’s “Free”?, The OSS Manager
- repository, The OSS Repository, Creating and Deleting the OSS Repository, Creating and Deleting the OSS Repository, Removing the Oracle Security Server Repository
- access
to, Securing the OSS Repository, Securing the OSS Repository
- osslogin
utility, Configuring and Using the OSS, More about osslogin
- OS_AUTHENT_PREFIX
parameter, Connecting to the Database Without a Password, OS_AUTHENT_PREFIX and OPS$
- overloading
programs, Why Use Packages?
- ownership
- fully qualified
path names, Synonyms
- hiding
owner (example), Hiding the tables and owner, Hiding the tables and owner
- stored
procedures, Procedure Ownership and Privileges, Privileges, Procedures, and Roles
- synonym resolution
and, Procedure Ownership and Privileges
- tables, Table Ownership
P
- packages, Why Use Packages?
- packets, Moving data around a network
- parameters,
INIT.ORA, Setting Up Initialization Parameters for Security, Viewing the Parameters
- parameters, table, Table Parameters
- PASSWORD command, The Oracle8 PASSWORD command
- passwords, Connecting to the Database, The DBA_USERS View, Profiles, Passwords, and Synonyms, Passwords, The Oracle8 PASSWORD command
- aging and
expiring, Password Aging and Expiration, Password Decisions
- built-in user
accounts, Demo, dbsnmp, and po8
- dbsnmp user, Demo, dbsnmp, and po8
- demo user, Demo, dbsnmp, and po8
- scott user, Scott and his tiger
- sys user, Default Users and Their Roles, Steps to setting up the password file
- system
user, Default Users and Their Roles
- built-in-user
accounts
- po8 user, Demo, dbsnmp, and po8
- changing, The Oracle8 PASSWORD command, Changing Passwords
- composition
and complexity features, Password Composition and Complexity, Writing your own function
- data
encryption and, Passwords and Data Encryption, Passwords and Data Encryption
- database
connections without, Connecting to the Database Without a Password, Steps to setting up the password file
- files
for, The ORAPWD Utility, Steps to setting up the password file
- guesses as
unsuccessful logons, Connect and disconnect auditing
- for network listeners, The listener and passwords
- OSS
accounts, Creating and Deleting the OSS Repository
- password
files, Using a password file
- profile parameters
for, System Resource Profiles
- for
roles, The DBA_ROLES View, Using Password-Protected Roles, Execution
- standards
for, Standards for Passwords, Changing Passwords
- swapping, Swapping passwords, Swapping passwords
- PASSWORD_GRACE_TIME
parameter, System Resource Profiles
- PASSWORD_LIFE_TIME
parameter, System Resource Profiles
- PASSWORD_LOCK_TIME
parameter, System Resource Profiles
- PASSWORD_REUSE_MAX
parameter, System Resource Profiles
- PASSWORD_REUSE_TIME
parameter, System Resource Profiles
- PASSWORD_VERIFY_FUNCTION
parameter, System Resource Profiles
- performance, About Creating a Trigger
- (see also disk
storage; memory)
- auditing
drain on, Auditing and Performance, Auditing and Performance, About Performance and Storage, Performance Suggestions
- auditing to
measure, Auditing to Analyze Performance
- client/server
architecture, Client/Server (Two-Tier) Architecture
- Oracle
Performance Packs, The DBA Toolkit
- Performance
Management events, Performance Management events
- segmenting
application processing, Segmenting Application Processing, Thin Client (Three-Tier) Architecture
- trigger
speed, About Creating a Trigger
- views
and, A Caution About Using Views
- period of
validity, certificate, Period of validity and revocation
- permissions,
file, Oracle from the Outside
- configuration file, Contents of the configuration file
- control
files, How Oracle uses control files
- EXECUTE
privilege, Executing a Procedure or Function
- initialization file, Evolution of an initialization file
- redo log
files, How redo log files are created
- physical components of Oracle
systems, The Physical Entities, The detached processes and the SGA
- PL/SQL commands,
disabling, Disabling SQL privileges, Disabling SQL privileges
- PL/SQL source code
wrapper, Using the PL/SQL Wrapper, Using the PL/SQL Wrapper
- plaintext, Algorithms, Plaintext, and Ciphertext
- plans,
security, Developing a Database Security Plan, Sample Security Plan Checklist
- auditing, Auditing Plan and Procedures, A Problem with Auditing—and a Solution, Developing an Audit Plan, Removing Selected Data from SYS.AUD$
- process of
auditing, How Auditing Works, Eliminating the Audit Views
- purging
audit data, Purging Audit Information, Removing Selected Data from SYS.AUD$
- storing
audit information, Where to Audit, Default Auditing Privileges
- types of
auditing, Types of Auditing, Auditing Shortcuts
- backup and
recovery, Backup and Recovery Plan and Procedures
- defined, Procedures, Policies, and Plans
- employees, Standards for Employees , User Tracking
- index and checklist
for, Sample Security Plan Index, Sample Security Plan Checklist
- involving users
in, Getting Users Involved, Communicating with Other Sites
- key components
(list), Identifying Key Components, Identifying Key Components
- managing, Management Considerations
- need for, Security Policies and Security Plan, Security Policies and Security Plan
- OSS
for (see OSS)
- passwords, Standards for Passwords, Changing Passwords
- reviewing, Review the Security Plan
- roles, Standards for Roles
- user accounts, Standards for Accounts, Ways to Create an Account
- usernames, Standards for Usernames
- views, Standards for Views
- platforms, Platforms and Versions of Oracle
- po8 user
account, Demo, dbsnmp, and po8
- policies,
security, Developing a Database Security Plan, Identifying Key Components
- defined, Procedures, Policies, and Plans
- enforcing, Enforcing Policies
- involving users
in, Getting Users Involved, Communicating with Other Sites
- need for, Security Policies and Security Plan, Security Policies and Security Plan
- pre-employment
tracking, Pre-employment tracking
- primary keys, updateable views
and, Updating Views
- privacy, Breach of privacy, Firewalls to protect privacy
- private keys, Private Keys
- private
synonyms, About Public and Private Synonyms, Using no synonyms/user grants and private synonyms with no grants
- PRIVATE_SGA
parameter, System Resource Profiles
- privileges, The Logical Entities, Privileges, Object privileges
- (see also roles)
- administrator-level,
auditing, Auditing During Database Connection with Privileges
- audit
tables, The AUDIT_DELETE table
- auditing, Auditing Plan and Procedures, Default Auditing Privileges, Privilege Auditing, Enabling audit by privileges, Auditing Shortcuts
- credit
card system (example), Grants, Limitation of Grants and Roles
- determining
which are granted, Determining Privileges Granted to a User, Determining Privileges Granted to a Role
- for employees, Employee Procedures, The disgruntled employee
- granted
to roles, Adding System Privileges to Roles
- ROLE_SYS_PRIVS
view, The ROLE_SYS_PRIVS View, The ROLE_SYS_PRIVS View
- ROLE_TAB_PRIVS
view, The ROLE_TAB_PRIVS View, The ROLE_TAB_PRIVS View
- listing all
granted
- DBA_SYS_PRIVS
view, The DBA_SYS_PRIVS View
- DBA_TAB_PRIVS
view, The DBA_TAB_PRIVS View, About the output
- procedures, Procedure Ownership and Privileges, Privileges, Procedures, and Roles
- roles
and (see roles)
- SQL,
disabling, Disabling SQL privileges, Disabling SQL privileges
- synonyms, Why Synonyms Are Used
- system
vs. object privileges, About System and Object Privileges, Object privileges
- table
ownership, Table Ownership
- procedures, The Logical Entities, Stored Programs, Privileges, Procedures, and Roles
- executing, Executing a Procedure or Function
- ownership
and privileges, Procedure Ownership and Privileges, Privileges, Procedures, and Roles
- procedures,
security
- auditing, Auditing Plan and Procedures, A Problem with Auditing—and a Solution
- backup and
recovery, Backup and Recovery Plan and Procedures
- defined, Procedures, Policies, and Plans
- involving users
in, Getting Users Involved, Communicating with Other Sites
- processing,
segmenting, Segmenting Application Processing, Thin Client (Three-Tier) Architecture
- product profiles, The Logical Entities, Connecting to the Database, Profiles, Profiles, Passwords, and Synonyms, Product Profiles, Using PRODUCT_PROFILE to enforce security
- (see also profiles)
- PRODUCT_PRIVS
view, PRODUCT_PROFILE and USER_PROFILE tables
- PRODUCT_PROFILE
table, PRODUCT_PROFILE and USER_PROFILE tables, Using PRODUCT_PROFILE to enforce security
- profile$ table, Tables Used to Build the Views
- profiles, The Logical Entities, Profiles, Profiles, Passwords, and Synonyms, Imposing limits on a user
- DBA_PROFILES
view, The DBA_PROFILES View
- product
profiles, The Logical Entities, Profiles, Profiles, Passwords, and Synonyms, Product Profiles, Using PRODUCT_PROFILE to enforce security
- system resource
profiles, The Logical Entities, Connecting to the Database, Profiles, Profiles, Passwords, and Synonyms, System Resource Profiles, Imposing limits on a user
- DEFAULT
profile, The DEFAULT profile
- profname$ table, Tables Used to Build the Views
- programs, The Logical Entities, Stored Programs, Privileges, Procedures, and Roles
- (see also triggers)
- promoted employees, Changing positions
- public keys, Public Keys
- public user account
(group), Privileges, The plot thickens, Grants to “public”
- location
transparency, How Synonyms Are Used, Using no synonyms/user grants and private synonyms with no grants
- synonyms, About Public and Private Synonyms, Using no synonyms/user grants and private synonyms with no grants
- PUPBLD.SQL
script, PRODUCT_PROFILE and USER_PROFILE tables
- purging audit
information, Purging Audit Information, Removing Selected Data from SYS.AUD$
R
- RC4 encryption algorithms, How ANO Works
- RDBMS (see operating system
Oracle)
- READ privilege, Object privileges
- RECOVER
commands, Online Recovery
- recovering data (see backup and
recovery)
- recovery
catalog, The Recovery Catalog
- Recovery Manager
(Oracle8), The Oracle8 Recovery Manager, Using backup levels
- Recovery
Manager utility (OEM), The DBA Toolkit
- redo log files, What’s in the Files?, Redo Log Files,
MAXDATAFILES parameter, About Archivelog Mode, About Archivelog Mode
- groups
of, Using redo log groups
- REFERENCES privilege, Object privileges, The object grants
- remote database
access, Installing and Configuring SQL*Net, The listener and passwords
- remote database
administration, Remote Database Administration
- REMOTE_LOGIN_PASSWORD
variable, Steps to setting up the password file
- REMOTE_OS_AUTHENT
parameter, Connecting to the Database Without a Password, Another approach, Two problems with REMOTE_OS_AUTHENT
- remove utility
script (OSS), Creating and Deleting the OSS Repository
- RENAME privilege, Object privileges
- Replication Manager utility (OEM), The DBA Toolkit, The Oracle Replication Manager
- reporting audit
data, Using the Audit Data in Reports, The AUDIT_ROW Table Report
- repository,
OEM, Specifying the Database Repository
- repository,
OSS, The OSS Repository, Creating and Deleting the OSS Repository, Creating and Deleting the OSS Repository, Removing the Oracle Security Server Repository
- access to, Securing the OSS Repository, Securing the OSS Repository
- requests for user accounts, Possible Account Requests
- resolving synonyms,
ownership and, Procedure Ownership and Privileges
- Resource Management
events, Resource Management events
- resource
profiles (see system resource profiles)
- RESOURCE role, Oracle-Supplied Roles, About the Defaults, About the Defaults, The RESOURCE Role, About the CREATE TRIGGER privilege
- auditing, Auditing Shortcuts
- resources
- disk
space (see disk storage)
- memory (see memory)
- resources for further
reading, References, Security Usenet Groups
- RESOURCE_LIMIT
parameter, System Resource Profiles
- resource_map table, Tables Used to Build the Views
- restoring/revoking
credentials, Revoking and restoring credentials
- resynchronization, The Recovery Catalog
- reusing passwords, Password Decisions
- revoking certificates of
authority, Period of validity and revocation
- roles, The Logical Entities, Roles, Oracle-Supplied Roles
- (see also privileges)
- adding system
privileges to, Adding System Privileges to Roles
- assigning to
users, Assigning Roles
- built-in, Oracle-Supplied Roles
- credit card
system (example), Roles, Roles
- default, Oracle from the Inside, Oracle Default Roles and User Accounts, Advantages of Customized Roles, Oracle-Supplied Roles
- list
of, The CONNECT Role, Advantages of Customized Roles
- determining privileges
of, Determining Privileges Granted to a Role
- global, OSS
and, Global users and global roles with OSS, Creating a global user and global role
- granted to roles
(ROLE_ROLE_PRIVS view), The ROLE_ROLE_PRIVS View
- granting and
defining, script for, A Sample Script, A Sample Script
- listing all (DBA_ROLES
view), The DBA_ROLES View
- listing all
granted (DBA_ROLE_PRIVS view), The DBA_ROLE_PRIVS View, The DBA_ROLE_PRIVS View
- naming, User and Role Names, About the Defaults, Creating Roles with Meaningful Names
- passwords
for, The DBA_ROLES View, Using Password-Protected Roles, Execution
- role-object
access matrix (example), Preparing the Role-Object Matrix , Naming Conventions
- segmenting
database authority (example), Segmenting Authority in the Database, Segmenting Authority in the Database
- standards
for, Standards for Roles
- stored program
privileges and, Privileges, Procedures, and Roles
- system
privileges of (ROLE_SYS_PRIVS), The ROLE_SYS_PRIVS View, The ROLE_SYS_PRIVS View
- table
privileges of (ROLE_TAB_PRIVS
view), The ROLE_TAB_PRIVS View, The ROLE_TAB_PRIVS View
- ROLE_ROLE_PRIVS
view, Views Used for Security, The ROLE_ROLE_PRIVS View
- ROLE_SYS_PRIVS
view, Views Used for Security, The ROLE_SYS_PRIVS View, The ROLE_SYS_PRIVS View
- ROLE_TAB_PRIVS
view, Views Used for Security, The ROLE_TAB_PRIVS View, The ROLE_TAB_PRIVS View
- rollback segments, What’s in the Files?
- row-level
security, Using Views, About Row-Level Security, Examining the code for the second and third queries
- credit
card system (example), Application Row Access Control
- RSA cryptographic
algorithms, Protocols and Algorithms, How ANO Works
S
- saving
files (see disk storage)
- scheduling jobs, OEM and the Job Scheduler, Deinstall, Delete, Distribute, and Install Products
- schema, The Logical Entities, The Schema Concept , Application Schema (User) Accounts
- stored
program ownership and, Procedure Ownership and Privileges, Privileges, Procedures, and Roles
- Schema Manager utility (OEM), The DBA Toolkit, The Oracle Schema Manager
- scott user account, Scott and his tiger
- security
- DBA role,
handling, Who Gets the DBA Role?
- example of
secure application, Developing a Simple Security Application, Execution
- failed (see damage
from failed security)
- government
security levels/clearances, Trusted Oracle, Certifications
- involving
users in, Getting Users Involved, Communicating with Other Sites
- OEM
for (see OEM)
- Oracle
security model, The Oracle Security Model, Web Sites
- passwords (see passwords)
- resources
for further reading, Security Books, Security Usenet Groups
- row-level, Using Views, About Row-Level Security, Examining the code for the second and third queries
- credit
card system (example), Application Row Access Control
- synonyms (see synonyms)
- threats (see threats)
- tools (see tools
for security)
- views
for, Using Views for Security
- data dictionary views, Views Used for Security, The ROLE_TAB_PRIVS View
- web-based, Evaluating Web Assets and Risks , Breach of privacy
- Security Manager (Java), The Java language and security
- security manager account, Security Manager
- Security Manager utility (OEM), The DBA Toolkit, The
Oracle Security Manger
- security
plans, Developing a Database Security Plan, Sample Security Plan Checklist
- auditing, Auditing Plan and Procedures, A Problem with Auditing—and a Solution, Developing an Audit Plan, Removing Selected Data from SYS.AUD$
- process of
auditing, How Auditing Works, Eliminating the Audit Views
- purging audit
data, Purging Audit Information, Removing Selected Data from SYS.AUD$
- storing audit
information, Where to Audit, Default Auditing Privileges
- types of
auditing, Types of Auditing, Auditing Shortcuts
- backups (see backup and
recovery)
- defined, Procedures, Policies, and Plans
- employees, Standards for Employees , User Tracking
- index and checklist
for, Sample Security Plan Index, Sample Security Plan Checklist
- key
components (list), Identifying Key Components, Identifying Key Components
- managing, Management Considerations
- need
for, Security Policies and Security Plan, Security Policies and Security Plan
- OSS
for (see OSS)
- passwords, Standards for Passwords, Changing Passwords
- reviewing, Review the Security Plan
- roles, Standards for Roles
- user
accounts, Standards for Accounts, Ways to Create an Account
- usernames, Standards for Usernames
- views, Standards for Views
- security
policies, Developing a Database Security Plan, Identifying Key Components
- defined, Procedures, Policies, and Plans
- enforcing, Enforcing Policies
- need for, Security Policies and Security Plan, Security Policies and Security Plan
- security
procedures
- auditing, Auditing Plan and Procedures, A Problem with Auditing—and a Solution
- backup (see backup and
recovery)
- defined, Procedures, Policies, and Plans
- Security
Server (see OSS)
- security user
account, Using Password-Protected Roles, Create the PL/SQL program that sets roles
- segmenting
application processing, Segmenting Application Processing, Thin Client (Three-Tier) Architecture
- segmenting database authority
(example), Segmenting Authority in the Database, Segmenting Authority in the Database
- SELECT commands, triggers
and, What Cannot Be Trapped by a Trigger
- SELECT privilege, Object privileges, The object grants
- SELECT_CATALOG_ROLE role, About the Defaults, About CONNECT INTERNAL
- SEQ_AUDIT script (example), The Second Sequence Creation Script (SEQ_AUDIT)
- SEQ_RID
script (example), The First Sequence Creation Script (SEQ-RID)
- Server Authorization role, Defining a Server Authorization
- Server Manger Utility
(svrmgr), From the operating system
- servers,
web, Internet and intranet terminology
- SESSIONS_PER_USER
parameter, System Resource Profiles
- set protection
command (OpenVMS), Oracle from the Outside
- SET ROLE command,
disabling, Using PRODUCT_PROFILE to enforce security
- SGA (System Global Area), The detached processes and the SGA, What’s in the Files?
- shortcuts, auditing, Auditing Shortcuts
- SHOW PARAMETERS command, Viewing the Parameters
- shutdown,
database
- auditing, Auditing During Database Shutdown
- automatic, Start Up and Shut Down Your Database
- single sign-on, More Complex Approaches, How ANO Works
- size, file (see disk
storage)
- sizing
tablespaces, About Quotas
- SYS.AUD$
table and, About the SYS.AUD$ Table, Storage Suggestions
- unlimited
quota, About Quotas, Scott and his tiger
- SKEME (Security Exchange Mechanism)
protocol, Protocols and Algorithms
- sniffers, More Complex Approaches, A dual approach, About Sniffers and Snoopers, Running a form using the OAS
- snoopers, About Sniffers and Snoopers
- Software Manager utility (OEM), The DBA Toolkit, The Oracle Software Manager
- source code,
encrypting (see encryption)
- Space Management
events, Space Management events
- speed (see performance)
- spoofers, More Complex Approaches, A dual approach
- Spyglass HTTPS
listener, How the OAS Works
- SQL
privileges, disabling, Disabling SQL privileges, Disabling SQL privileges
- SQL Worksheet utility (OEM), The DBA Toolkit, The Oracle SQL Worksheet
- SQL*Net, Installing and Starting Oracle
- firewalls
and, SQL*Net and firewalls
- installing
and configuring, Installing and Configuring SQL*Net, The listener and passwords
- Net8
Assistant, About the Names Server
- two-tier architecture
and, Client/Server (Two-Tier) Architecture
- SQL*Plus, automatically running
scripts, Run SQL Scripts and SQL*Plus
- SQL.BSQ file, About SQL.BSQ, Inside SQL.BSQ
- SQLDBA
utility, Using CONNECT INTERNAL and CONNECT /
- SQLNET.ORA file, Required Files
- standards (see security
plan)
- starting
databases, The Instance and the Database: Starting an Oracle Database, The Instance and the Database: Starting an Oracle Database
- starting Oracle, Using CONNECT INTERNAL and CONNECT /
- startup control
(example), Startup Control
- startup,
database
- auditing, Auditing During Database Startup
- automatic, Start Up and Shut Down Your Database
- state,
user, Documenting the User State
- stateless
connections, Constant-State Versus Stateless Connections, Running a dynamic HTML application
- statement-level
auditing, Auditing Plan and Procedures, Statement-Level Auditing , Connect and disconnect auditing
- status, database (see control
files)
- STORAGE clause (CREATE), Tablespace and Tablespace Datafiles, Table Parameters
- Storage Manager utility (OEM), The DBA Toolkit, The Oracle Storage Manager
- stored programs, The Logical Entities, Stored Programs, Privileges, Procedures, and Roles
- (see also triggers)
- ownership and
privileges, Procedure Ownership and Privileges, Privileges, Procedures, and Roles, Oracle-Supplied Roles
- storing files (see disk
storage)
- structure modifications,
auditing, Auditing During Database Structure Modification
- substitution
cipher, A Simple Code
- svrmgr
utility, From the operating system
- swapping
passwords, Swapping passwords, Swapping passwords
- synonyms, The Logical Entities, Synonyms, Why Synonyms Are Used, Profiles, Passwords, and Synonyms, Synonyms, Using no synonyms/user grants and private synonyms with no grants
- location
transparency, How Synonyms Are Used, Using no synonyms/user grants and private synonyms with no grants
- public vs.
private, About Public and Private Synonyms, Using no synonyms/user grants and private synonyms with no grants
- reasons to
use, Why Synonyms Are Used
- resolving, ownership
and, Procedure Ownership and Privileges
- tips for
creating, About Public and Private Synonyms
- sys user
account, Default Users and Their Roles
- password for, Steps to setting up the password file
- SYS.AUD$ table, About the SYS.AUD$ Table, A Problem
- purging, Purging Audit Information, Removing Selected Data from SYS.AUD$
- views, Views Related to SYS.AUD$, Creating a summary table
- sysauth$ table, Tables Used to Build the Views
- SYSDBA role, Oracle-Supplied Roles, About the Defaults, The SYSDBA and SYSOPER Roles, About CONNECT INTERNAL
- SYSOPER role, Oracle-Supplied Roles, About the Defaults, The SYSDBA and SYSOPER Roles, About CONNECT INTERNAL
- system files, The Oracle system files, Oracle System Files, Contents of the configuration file
- list
of, and descriptions, The Instance and the Database: Starting an Oracle Database, Contents of the configuration file
- required for
SQL*Net, Required Files, The listener and passwords
- System Global
Area (see SGA)
- system_privilege_map table, Tables Used to Build the Views
- system
privileges, About System and Object Privileges, Object privileges, System privileges
- (see also privileges)
- adding to
roles, Adding System Privileges to Roles
- auditing, Auditing Plan and Procedures, Enabling audit by privileges
- built-in
roles
- CONNECT role, System Privileges for the CONNECT Role
- DBA role, System Privileges for the DBA Role, System Privileges for the DBA Role
- RESOURCE role, System Privileges for the RESOURCE Role
- SYSDBA, SYSOPER
roles, System Privileges for the SYSDBA and SYSOPER Roles, About OSDBA and SYSDBA
- granted to roles
(ROLE_SYS_PRIVS), The ROLE_SYS_PRIVS View, The ROLE_SYS_PRIVS View
- listing all
granted (DBA_SYS_PRIVS), The DBA_SYS_PRIVS View
- system resource profiles, The Logical Entities, Connecting to the Database, Profiles, Profiles, Passwords, and Synonyms, System Resource Profiles, Imposing limits on a user
- (see also profiles)
- DEFAULT profile, The DEFAULT profile
- system
tablespace, Scott and his tiger
- audit data
in, About the SYS.AUD$ Table, Auditing and Performance
- system user
account, Default Users and Their Roles
- OSS repository
and, Configuring and Using the OSS
T
- tables, The Logical Entities, Tables, Table Ownership, Views
- (see also views)
- audit trail
application (example), The Three Table Creation Scripts, The AUDIT_DELETE table
- auditing accesses
to, Enabling audit by object
- capturing
before/after edits, Capturing “before” data, Capturing “after” data
- after-delete trigger
(example), The Third Trigger Creation Script (After-Delete), Generating an After-Delete Trigger Script, Generating an After-Delete Trigger Script
- after-update trigger
(example), The Second Trigger Creation Script (After-Update), The Second Trigger Creation Script (After-Update), Generating an After-Update Trigger Script, Generating an After-Update Trigger Script
- before-insert trigger
(example), The First Trigger Creation Script (Before-Insert), Generating a Before-Insert Trigger Script, Generating a Before-Insert Trigger Script
- scripts to create
triggers, SQL Scripts to Generate Scripts, Generating an After-Delete Trigger Script
- creating within
tablespaces, Creating a table within a tablespace
- in data dictionary
views, Tables Used to Build the Views
- guessing names
for, The DBA as a Clairvoyant
- hiding
(example), Hiding the tables and owner, Hiding the tables and owner
- indexes
for, Creating an index for a table in a tablespace
- ownership, Table Ownership
- row-level
security, Using Views, About Row-Level Security, Examining the code for the second and third queries
- triggers (see triggers)
- tablespace datafiles, What’s in the Files?, Tablespace and Tablespace Datafiles, Tablespace security
- backing
up, Types of datafile backups
- tablespaces, Tablespace and Tablespace Datafiles, Tablespace security
- automatic
backups, Back Up Tablespaces, Export, Import, and Load Data
- creating, Creating a tablespace
- fragmentation, As the Table Grows
- SYS.AUD$
table, About the SYS.AUD$ Table, Auditing and Performance
- quotas for
(sizing), About Quotas, Scott and his tiger
- TEMPORARY, views
and, A Caution About Using Views
- table_privilege_map table, Tables Used to Build the Views
- Tcl
commands, Run OS Commands and Tcl Commands
- temporary segments, What’s in the Files?
- TEMPORARY
tablespaces, A Caution About Using Views
- terminated employees, When an Employee Leaves
- thin client architecture, Thin Client (Three-Tier) Architecture
- thread (log file)
switches, Log switches
- threats, Potential Threats, Potential Threats
- auditing to
detect, Auditing to Confirm Suspicions, The DBA as a Clairvoyant
- CONNECT
role, Problems with the CONNECT Role, The plot thickens
- curious
employees, The curious employee
- damage from failed
security, What’s the Harm?
- data
loss, It was here just a minute ago...
- disgruntled
employees, The disgruntled employee
- failed login
attempts, Password Decisions
- impersonation, More Complex Approaches, Connect and disconnect auditing
- intruders, Potential Threats
- OEM console
accessibility, A Potential Security Problem
- password
guessing, Connect and disconnect auditing
- privacy
breaches, Breach of privacy, Firewalls to protect privacy
- remote
database access, Installing and Configuring SQL*Net
- REMOTE_OS_AUTHENT
parameter, Two problems with REMOTE_OS_AUTHENT, Two problems with REMOTE_OS_AUTHENT
- RESOURCE
role, Problems with the RESOURCE Role, About the CREATE TRIGGER privilege
- users who don’t log
off, Installing Oracle Securely, OPS$ Accounts
- viruses, Viruses = disaster!
- web-based, Evaluating Web Assets and Risks , Breach of privacy
- three-tier architecture, Thin Client (Three-Tier) Architecture
- TIPEM library function, Protocols and Algorithms
- TNSNAMES.ORA file, Required Files
- tools
for security, list of, If I Had a Hammer..., What Isn’t Free?
- tracking (see auditing)
- transactions, constant-state vs.
stateless, Constant-State Versus Stateless Connections, Running a dynamic HTML application
- triggers, The Logical Entities, Table Triggers, What Cannot Be Trapped by a Trigger
- capturing
table data (example), Capturing “before” data, Capturing “after” data
- after-delete
trigger, The Third Trigger Creation Script (After-Delete), The Third Trigger Creation Script (After-Delete), Generating an After-Delete Trigger Script, Generating an After-Delete Trigger Script
- after-update
trigger, The Second Trigger Creation Script (After-Update), The Second Trigger Creation Script (After-Update), Generating an After-Update Trigger Script, Generating an After-Update Trigger Script
- before-insert
trigger, The First Trigger Creation Script (Before-Insert), Generating a Before-Insert Trigger Script, Generating a Before-Insert Trigger Script
- scripts to create
triggers, SQL Scripts to Generate Scripts, Generating an After-Delete Trigger Script
- CREATE TRIGGER
privilege, About the CREATE TRIGGER privilege
- Event
Management System (OEM), OEM and the Event Management System, Performance Management events
- troubleshooting
- CONNECT
role problems, Problems with the CONNECT Role, The plot thickens
- OSS
utility, A Known Problem
- RESOURCE
role problems, Problems with the RESOURCE Role, About the CREATE TRIGGER privilege
- shutdowns, Auditing During Database Shutdown
- Trusted Oracle, What Isn’t Free?, Trusted Oracle, Certifications
- trusted shells, Identified externally accounts
- ts$ table, Tables Used to Build the Views
- two-tier
architecture, Client/Server (Two-Tier) Architecture
U
- UFI (User Friendly
Interface), The User Interface: User Versus Schema
- UNIX systems
- CONNECT INTERNAL
command, From the operating system
- EBU (Enterprise
Backup Utility), What Are the Backup Options?, Enterprise Backup Utility
- file-level
interaction protection, Oracle from the Outside
- group
membership, Operating System Security Mechanisms
- SQL.BSQ,
CATALOG.SQL file locations,
SQL.BSQ and CATALOG.SQL Locations
- swapping
passwords, Swapping passwords
- trusted
shells, Identified externally accounts
- UNLIMITED profile
parameter, System Resource Profiles
- UNLIMITED tablespace
quota, About Quotas, Scott and his tiger
- unlocking user accounts, Password Decisions
- updating
- capturing
table data (example), Capturing “before” data, Capturing “after” data
- after-update
trigger, The Second Trigger Creation Script (After-Update), The Second Trigger Creation Script (After-Update), Generating an After-Update Trigger Script, Generating an After-Update Trigger Script
- before-insert
trigger, The First Trigger Creation Script (Before-Insert), Generating a Before-Insert Trigger Script, Generating a Before-Insert Trigger Script
- data
dictionary, Creating and Maintaining the Data Dictionary
- tracking
updates, Tracking Updates and Deletions
- UPDATE privilege, Object privileges, The object grants
- views, Updating Views
- Usenet newsgroups as
resources, Oracle Usenet Groups, Security Usenet Groups
- user groups, Oracle, Oracle User Groups
- user$ table, Tables Used to Build the Views
- users, The Logical Entities, The Schema Concept
- account creation
privileges, Privileges
- account
standards, Standards for Accounts, Ways to Create an Account
- auditing to detect
intruders, Auditing to Confirm Suspicions, The DBA as a Clairvoyant
- authenticating (see authentication)
- broadcasting message
to, Broadcast Messages
- checking
on, Checking on users and access
- classes
of, Establishing Classes of Users
- default
accounts, Oracle from the Inside, Oracle Default Roles and User Accounts, About the Defaults, Default User Accounts, Grants to “public”
- determining privileges
of, Determining Privileges Granted to a User
- employees,
standards for, Standards for Employees , User Tracking
- global, OSS
and, Global users and global roles with OSS, Creating a global user and global role
- granting/defining
roles, script for, A Sample Script, A Sample Script
- groups (see roles)
- hiding tables
and owner from (example), Hiding the tables and owner, Hiding the tables and owner
- identified externally
accounts, Connecting to the Database Without a Password, Identified externally accounts
- impersonation, More Complex Approaches
- information
on (DBA_USERS), The DBA_USERS View, The DBA_USERS View
- involving in
network security, Getting Users Involved, Communicating with Other Sites
- locking
accounts, Account Locking, Password Decisions
- maintaining
user accounts, Maintaining User Accounts, A Sample Script
- operating system
accounts, Operating System Accounts
- OPS$
accounts, Connecting to the Database Without a Password, Two problems with REMOTE_OS_AUTHENT
- oracle_security_service(_admin), Creating and Deleting the OSS Repository
- oracle_security_service,
oracle_security_admin, The OSS Repository
- passwords (see passwords)
- private information
about, Breach of privacy, Firewalls to protect privacy
- privileges (see authorization
privileges)
- profiles (see system
resource profiles)
- querying, Example queries
- requests for accounts,
handling, Possible Account Requests
- resource limits
for, System Resource Profiles, Imposing limits on a user
- roles (see roles)
- security user
account, Using Password-Protected Roles, Create the PL/SQL program that sets roles
- segmenting
database authority (example), Segmenting Authority in the Database, Segmenting Authority in the Database
- state of,
documenting, Documenting the User State
- tracking, User Tracking
- types of
accounts, Types of Accounts, General User Accounts
- username
selection, User and Role Names, Standards for Usernames
- User_astatus_map table, Tables Used to Build the Views
- USER_AUDIT_OBJECT
view, The Auditing Views
- USER_AUDIT_SESSION
view, The Auditing Views
- USER_AUDIT_STATEMENT
view, The Auditing Views
- USER_AUDIT_TRAIL
view, The Auditing Views
- USER_OBJ_AUDIT_OPTS
view, The Auditing Views
- USER_PRIVS
view, PRODUCT_PROFILE and USER_PROFILE tables
- USER_PROFILE table, PRODUCT_PROFILE and USER_PROFILE tables
- USER_ROLE_PRIVS
view, Views Used for Security
- USER_TABLES
view, The DICTIONARY View
- UTLPWDMG.SQL
script, Passwords
- UTL_FILE
functions, A Sample Script
V
- validity, certificates of
authority, Period of validity and revocation
- VALUES
keyword, Password Scripts and Commands
- versions,
Oracle, Platforms and Versions of Oracle
- views, The Logical Entities, The Oracle Data Dictionary, Views, Updating Views
- (see also data
dictionary)
- auditing, The Auditing Views, The Auditing Views, Purging Audit Information
- SYS.AUD$
table, Views Related to SYS.AUD$, Creating a summary table
- credit card
system (example), Views, The CARD_HOLDER_V view
- data
dictionary, The Data Dictionary Views, The ROLE_TAB_PRIVS View
- passwords
and, Password Enhancements in the Data Dictionary Views
- security-related, Views Used for Security, The ROLE_TAB_PRIVS View
- for
security, Using Views for Security
- standards
for, Standards for Views
- SYS.AUD$
table, A Problem
- updating, Updating Views
- viruses, Viruses = disaster!
W
- wallets
(authentication), Certificates of Authority, Creating/downloading a wallet
- WANs (wide area networks), LANs and WANs
- web (see networking)
- Web Application
Server (see OAS)
- web
site references, Oracle Web Sites, Windows NT security
- WHEN-BUTTON-PRESSED
trigger, Create user button code
- WHENEVER
[UN]SUCCESSFUL clause, Auditing Options
- WHERE
clause, Using Views for Security
- WITH CHECK OPTION
clause, Updating Views
- wide area networks (WANs), LANs and WANs
- Windows NT
systems
- file-level interaction
protection, Oracle from the Outside
- SQL.BSQ, CATALOG.SQL file
locations,
SQL.BSQ and CATALOG.SQL Locations
- startup
auditing, Auditing During Database Startup
- WITH CHECK
OPTION clause, Updating Views
- wrapNN.exe utility, Using the PL/SQL Wrapper
- WRITE privilege, Object privileges
..................Content has been hidden....................
You can't read the all page of ebook, please click
here login for view all page.