11-Managing Privileges

G if select any table is granted to a user and that

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: granted to a user, and that user has created any procedure that uses the table, all procedures contained in the user’s schema must be recompiled before they can be used again Managing Privileges Tathagata Bhattacharjee Scenario Hr is granted the SELECT object privilege on EMPLOYEES with the GRANT OPTION Hr grants the SELECT privilege on EMPLOYEES to scott Later, the SELECT privilege is revoked from hr This revoke is cascade to scott as well Managing Privileges Tathagata Bhattacharjee Obtaining Privileges Information DBA_SYS_PRIVS Lists system privileges granted to users and roles SESSION_PRIVS Lists the privileges that are currently available to the user DBA_TAB_PRIVS Lists all grants on all objects in the database DBA_COL_PRIVS Describes all object column grants in the database Managing Privileges Tathagata Bhattacharjee Auditing Auditing is the monitoring of selected user database actions Used to Investing suspicious database activity Gather information about specific database activities Managing Privileges Tathagata Bhattacharjee If an unauthorized user is deleting data, the DBA might decide to audit all connections to the database and all successful and unsuccessful deletions from all tables in the database The DBA can gather statistics about which tables are being updated, how many I/O are performed and how many concurrent users connect at the peak times Managing Privileges Tathagata Bhattacharjee Auditing Guidelines Define what you want to audit Audit users, statements or objects Statement execution Successful;; statement execution, unsuccessful statement executions or both Manage your audit trail Monitor the growth of the audit trail Protect the audit trail from unauthorized access Managing Privileges Tathagata Bhattacharjee Auditing Categories Audited by default • Instance startup and instance shutdown • Administrator privileges Database auditing • Enabled by DBA • Cannot record column values Value-based or application auditing • Implemented through code • Can record column values • Used to track changes to tables Managing Privileges Tathagata Bhattacharjee Enabling and Disabling Database Auditing Set the AUDIT_TRAIL initialization parameter to enable auditing for the instance This parameter indicates whether the audit trail is written to a database table or the instance system audit trail Managing Privileges Tathagata Bhattacharjee AUDIT_TRAIL = value Where value can be DB enables auditing and directs all audit records to the d...
View Full Document

This note was uploaded on 07/15/2011 for the course ECO 2023 taught by Professor Mr.raza during the Summer '10 term at FAU.

Ask a homework question - tutors are online