OFFICE OF THE ACCOUNTANT GENERAL (A&E), KERALA. Management of Security in VLC Software.
Management of Security in VLC Software
Security in VLC Software is administered by a user with DBA privileges, VLCADMIN, and is managed through the Administration Module.The Security and Administration module provides extensive security features to safeguard the data from both unauthorised viewing and intentional tampering. In addition, it maintains the users and defines users by creating roles and functions, audits all deleted records and checks SQL facilities. Security is provided by granting specific privileges to roles and then assigning roles to users. Roles are created by the administrator for every module by granting the type of access, full or read only, on related database objects depending on the module requirement and the status and responsibilities of the user. It is invoked from the Modules drop down Menu.
The first screen of the Administration Module offers the Menu for all Administration activities.
The Main Menu item are
System privileges allow users to perform a particular systemwide action or a particular action on a particular type of schema object. For example, the privileges to create a tablespace, table or to insert or delete the rows of any table in the database are system privileges. Many system privileges are available only to administrators and application developers because the privileges are very powerful.
Schema object privileges for tables allow table security at the level of data manipulation language (DML) and data dictionary language (DDL) operations.
Object privileges allow a user to perform a particular action on a specific object including tables, views, sequences, procedures, functions, and packages. For example, the privilege to insert rows into a particular table is an object privilege. Object privilege grants always include the name of the object for which the privilege is granted.
The privileges for.
- Management (Select)
Oracle supports a number of passwords features. You need to consider all of the following when you set password standards:
VLC Software incorporates the Oracle Security features through its menus. A detailed look at the software will clarify how it is implemented in the VLC Software
The first step in the implementation of the Security features is the creation of the Module Master
In the VLC Software, VLC is the owner of all objects. Therefore, even after attaching the objects to the respective roles ORA-00942 error will be thrown up when a user tries to work with Forms/Reports in this module. This is overcome by creation of Public Synonyms for all objects.Clicking ‘Create Synonyms’ button creates synonyms for all objects in one go.
You can choose the user type from the List, type the user name, userID Password, Section, Default tablespace, Temporary tablespace and Profile. The user account status is set as ‘valid’ by default.If you want to temporarily block a user this flag can be set to invalid.The Role/Roles allocated to the user is attached in the lower block.
A user’s password usage and resources can be controlled through profiles.The Administrative module has a form to create/modify profiles.We can limit the numbers of sessions for a user, and set values for idle time, failed login attempts, password reuse time, password lock time, connect time, password life time, password reuse maximum and password grace time.Use of profiles is an easy and efficient method of enforcing password control .Among other things, it will ensure that users will change passwords regularly.
After a user is created, the DBA communicates the userid and password (same as the userid, to begin with) to the user with instructions to change the password immediately.Passwords are changed using the following form:-The user logs in using the original password to this form.The new password is typed in the two text boxes.The program rejects passwords that are shorter than 6 characters.This, in fact, overcomes one of the vulnerabilities of Oracle in respect of length of password.Press the “Change Password” button and exit by pressing the “Exit” button.