Database Security and Auditing: Protecting Data Integrity and Accessibility

DownloadDatabase Security and Auditing: Protecting Data Integrity and Accessibility

Advertisement
Download Presentation
Comments
galya
From:
|  
(156) |   (0) |   (0)
Views: 126 | Added: 29-07-2012
Rate Presentation: 0 0
Description:
Database Security
Database Security and Auditing: Protecting Data Integrity an...

An Image/Link below is provided (as is) to

Download Policy: Content on the Website is provided to you AS IS for your information and personal use only and may not be sold or licensed nor shared on other sites. SlideServe reserves the right to change this policy at anytime. While downloading, If for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.











- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -




1. Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 3 Administration of Users

2. Database Security & Auditing: Protecting Data Integrity & Accessibility 2 Objectives Explain the importance of administration documentation Outline the concept of operating system authentication Create users and logins using both Oracle10g and SQL Server Remove a user from Oracle10g and SQL servers

3. Database Security & Auditing: Protecting Data Integrity & Accessibility 3 Objectives (continued) Modify an existing user using both Oracle10g and SQL servers List all default users on Oracle10g and SQL servers Explain the concept of a remote user List the risks of database links

4. Database Security & Auditing: Protecting Data Integrity & Accessibility 4 Objectives (continued) List the security risks of linked servers List the security risks of remote servers Describe best practices for user administration

5. Database Security & Auditing: Protecting Data Integrity & Accessibility 5 Documentation of User Administration Part of the administration process Reasons to document: Provide a paper trail Ensure administration consistency What to document: Administration policies, staff and management Security procedures Procedure implementation scripts or programs Predefined roles description

6. Database Security & Auditing: Protecting Data Integrity & Accessibility 6 Documentation of User Administration (continued)

7. Database Security & Auditing: Protecting Data Integrity & Accessibility 7 Documentation of User Administration (continued)

8. Database Security & Auditing: Protecting Data Integrity & Accessibility 8 Operating System Authentication Many databases (including Microsoft SQL Server 2000) depend on OS to authenticate users Reasons: Once an intruder is inside the OS, it is easier to access the database Centralize administration of users Users must be authenticated at each level

9. Database Security & Auditing: Protecting Data Integrity & Accessibility 9 Operating System Authentication (continued)

10. Database Security & Auditing: Protecting Data Integrity & Accessibility 10 Creating Users Must be a standardized, well-documented, and securely managed process In Oracle10g, use the CREATE USER statement: Part of the a Data Definition Language (DDL) Account can own different objects

11. Database Security & Auditing: Protecting Data Integrity & Accessibility 11 Creating an Oracle10g User IDENTIFIED clause Tells Oracle how to authenticate a user account BY PASSWORD option: encrypts and stores an assigned password in the database EXTERNALLY option: user is authenticated by the OS GLOBALLY AS option: depends on authentication through centralized user management method

12. Database Security & Auditing: Protecting Data Integrity & Accessibility 12 Creating an Oracle10g User (continued)

13. Database Security & Auditing: Protecting Data Integrity & Accessibility 13 Creating an Oracle10g User (continued) DEFAULT TABLESPACE clause: specifies default storage for the user TEMPORARY TABLESPACE clause QUOTA clause: tells Oracle 10g how much storage space a user is allowed for a specified tablespace PROFILE clause: indicates the profile used for limiting database resources and enforcing password policies

14. Database Security & Auditing: Protecting Data Integrity & Accessibility 14 Creating an Oracle10g User (continued)

15. Database Security & Auditing: Protecting Data Integrity & Accessibility 15 Creating an Oracle10g User (continued) PASSWORD EXPIRE clause: tells Oracle to expire the user password and prompts the user to enter a new password ACCOUNT clause: enable or disable account ALTER USER: modifies a user account Oracle Enterprise Manager: GUI administration tool

16. Database Security & Auditing: Protecting Data Integrity & Accessibility 16 Creating an Oracle10g User (continued)

17. Database Security & Auditing: Protecting Data Integrity & Accessibility 17 Creating an Oracle10g User (continued)

18. Database Security & Auditing: Protecting Data Integrity & Accessibility 18 Creating an Oracle10g User Using External (Operating System) Authentication Depends on an external party to authenticate the user Steps: Verify account belongs to ORA_DBA group Set the Windows registry string OSAUTH_PREFIX_DOMAIN to FALSE View setting of the OS_AUTHENT_PREFIX initialization parameter Change OS_AUTHENT_PREFIX to NULL

19. Database Security & Auditing: Protecting Data Integrity & Accessibility 19 Creating an Oracle10g User Using External (Operating System) Authentication (continued)

20. Database Security & Auditing: Protecting Data Integrity & Accessibility 20 Creating an Oracle10g User Using External (Operating System) Authentication (continued)

21. Database Security & Auditing: Protecting Data Integrity & Accessibility 21 Creating an Oracle10g User Using External (Operating System) Authentication (continued) Steps (continued): Create an Oracle user Provide new user with CREATE SESSION privilege Advantage: allows administrators to use one generic user to run maintenance scripts without a password

22. Database Security & Auditing: Protecting Data Integrity & Accessibility 22 Creating an Oracle User Using Global Authentication Enterprise-level authentication solution Use the CREATE USER statement DBA_USERS view: contains information about all accounts

23. Database Security & Auditing: Protecting Data Integrity & Accessibility 23 Creating an Oracle User Using Global Authentication (continued)

24. Database Security & Auditing: Protecting Data Integrity & Accessibility 24 Creating an Oracle User Using Global Authentication (continued)


Other Related Presentations

Copyright © 2014 SlideServe. All rights reserved | Powered By DigitalOfficePro