Presentation is loading. Please wait.

Presentation is loading. Please wait.

IST 318 Database Administration Lecture 10 Managing Roles.

Published byAnnabelle Bradley Modified over 9 years ago

Similar presentations

Presentation on theme: "IST 318 Database Administration Lecture 10 Managing Roles."— Presentation transcript:

1 IST 318 Database Administration Lecture 10 Managing Roles

2 Users Privileges Roles UPDATE ON JOBS INSERT ON JOBS SELECT ON JOBS CREATE TABLE CREATE SESSION HR_CLERKHR_MGR A B C Roles

3  Easier privilege management  Dynamic privilege management  Selective availability of privileges  Can be granted through the operating system Benefits of Roles

4 Roles with ADMIN option:  Not identified:  By password:  Identified externally: CREATE ROLE oe_clerk; CREATE ROLE hr_clerk IDENTIFIED BY bonus; CREATE ROLE hr_manager IDENTIFIED EXTERNALLY; Creating Roles

5 Role NameDescription CONNECT, These roles are provided RESOURCE, DBA for backward compatibility EXP_FULL_DATABASE Privileges to export the database IMP_FULL_DATABASE Privileges to import the database DELETE_CATALOG_ROLEDELETE privileges on data dictionary tables EXECUTE_CATALOG_ROLEEXECUTE privilege on data dictionary packages SELECT_CATALOG_ROLESELECT privilege on data dictionary tables Predefined Roles

6 ALTER ROLE hr_clerk IDENTIFIED EXTERNALLY; ALTER ROLE hr_manager NOT IDENTIFIED; ALTER ROLE oe_clerk IDENTIFIED BY order; Modifying Roles Use ALTER ROLE to modify the authentication method. Requires the ADMIN option or ALTER ANY ROLE privilege.

7 GRANT hr_clerk TO hr_manager; GRANT oe_clerk TO scott; GRANT hr_manager TO scott WITH ADMIN OPTION; Assigning Roles Use GRANT command to assign a role

8 ALTER USER scott DEFAULT ROLE hr_clerk, oe_clerk; ALTER USER scott DEFAULT ROLE ALL; ALTER USER scott DEFAULT ROLE ALL EXCEPT hr_clerk; ALTER USER scott DEFAULT ROLE NONE; Establishing Default Roles A user can be assigned many roles. A user can be assigned a default role. Limit the number of default roles for a user.

9  Application roles can be enabled only by authorized PL/SQL packages.  The USING package clause creates an application role. CREATE ROLE admin_role IDENTIFIED USING hr.employee; Application Roles

10 Enabling and Disabling Roles  Disable a role to revoke the role from a user temporarily.  Enable a role to grant it temporarily.  The SET ROLE command enables and disables roles.  Default roles are enabled for a user at login.  A password may be required to enable a role.

11 SET ROLE hr_clerk; SET ROLE oe_clerk IDENTIFIED BY order; SET ROLE ALL EXCEPT oe_clerk; Enabling and Disabling Roles

12 Revoking roles from users requires the ADMIN OPTION or GRANT ANY ROLE privilege. To revoke a role: REVOKE hr_manager FROM PUBLIC; REVOKE oe_clerk FROM scott; Revoking Roles from Users

13 DROP ROLE hr_manager; Removing Roles  Dropping a role: Removes it from all users and roles it was granted Removes it from the database  Requires the ADMIN OPTION or DROP ANY ROLE privilege  To drop a role:

14 HR_MANAGERHR_CLERKPAY_CLERK User roles Application roles Application privileges Users Payroll privilegesBenefits privileges Guidelines for Creating Roles BENEFITSPAYROLL

15 Default rolePassword protected (not default) Select privileges INSERT, UPDATE, DELETE, and SELECT privileges PAY_CLERKPAY_CLERK_RO Guidelines for Using Passwords and Default Roles

16 Look at Database through the DBA Views Three Data Dictionary Views  USER_  ALL_  DBA_ Commonly used DBA_ views  DBA_OBJECTS  DBA_TABLESPACES, DBA_TABLES  DBA_DATA_FILES, DBA_TEMP_FILES  DBA_CONSTRAINTS  DBA_USERS, DBA_ROLES

Download ppt "IST 318 Database Administration Lecture 10 Managing Roles."

Similar presentations

13 Copyright © Oracle Corporation, 2001. All rights reserved. Controlling User Access.

13 Copyright © Oracle Corporation, All rights reserved. Controlling User Access.
Login dan Permission dfd, 2012. Jenis Login dfd, 2012 SQL Server Authentication Membutuhkan password Windows Authentication Mode Tidak membutuhkan password.

Login dan Permission dfd, Jenis Login dfd, 2012 SQL Server Authentication Membutuhkan password Windows Authentication Mode Tidak membutuhkan password.
Oracle9i Database Administrator: Implementation and Administration 1 Chapter 12 System and Object Privileges.

Oracle9i Database Administrator: Implementation and Administration 1 Chapter 12 System and Object Privileges.
System Administration Accounts privileges, users and roles

System Administration Accounts privileges, users and roles
Oracle8 - The Complete Reference. Koch a& Loney1 By What Authority? Presented by Victor Matos.

Oracle8 - The Complete Reference. Koch a& Loney1 By What Authority? Presented by Victor Matos.
Administering User Security

Administering User Security
Database Security Managing Users and Security Models.

Database Security Managing Users and Security Models.
Presented By: Matthew Garrison. Basics of Role Based Access Control  Roles are determined based on job functions within a given organization  Users.

Presented By: Matthew Garrison. Basics of Role Based Access Control  Roles are determined based on job functions within a given organization  Users.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 3 Administration of Users.

Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 3 Administration of Users.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 3 Administration of Users.

Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 3 Administration of Users.
By Lecturer / Aisha Dawood 1.  Administering Users  Create and manage database user accounts.  Create and manage roles.  Grant and revoke privileges.

By Lecturer / Aisha Dawood 1.  Administering Users  Create and manage database user accounts.  Create and manage roles.  Grant and revoke privileges.
CHAPTER 6 Users and Basic Security. Progression of Steps for Creating a Database Environment 1. Install Oracle database binaries (Chapter 1) 2. Create.

CHAPTER 6 Users and Basic Security. Progression of Steps for Creating a Database Environment 1. Install Oracle database binaries (Chapter 1) 2. Create.
9 Copyright © 2005, Oracle. All rights reserved. Administering User Security.

9 Copyright © 2005, Oracle. All rights reserved. Administering User Security.
Copyright س Oracle Corporation, 1998. All rights reserved. 14 Controlling User Access.

Copyright س Oracle Corporation, All rights reserved. 14 Controlling User Access.
Database Programming Sections 13–Creating, revoking objects privileges.

Database Programming Sections 13–Creating, revoking objects privileges.
Week 6 Lecture 2 System and Object Privileges. Learning Objectives  Identify and manage system and object privileges  Grant and revoke privileges to.

Week 6 Lecture 2 System and Object Privileges. Learning Objectives  Identify and manage system and object privileges  Grant and revoke privileges to.
To Presentation on SECURITY By Office of the A.G. (A&E) Punjab, Chandigarh.

To Presentation on SECURITY By Office of the A.G. (A&E) Punjab, Chandigarh.
Week 7 Lecture 1 Database Roles. Learning Objectives  Discover when and why to use roles  Learn how to create, modify, and remove roles  Learn how.

Week 7 Lecture 1 Database Roles. Learning Objectives  Discover when and why to use roles  Learn how to create, modify, and remove roles  Learn how.
IS 221: DATABASE ADMINISTRATION Lecture 6:Create Users & Manage Users. Information Systems Department 1.

IS 221: DATABASE ADMINISTRATION Lecture 6:Create Users & Manage Users. Information Systems Department 1.
INTRODUCTION TO ORACLE Lynnwood Brown System Managers LLC End User Management – Lecture 3 Copyright System Managers LLC 2007 all rights reserved.

INTRODUCTION TO ORACLE Lynnwood Brown System Managers LLC End User Management – Lecture 3 Copyright System Managers LLC 2007 all rights reserved.

Similar presentations

Ads by Google