Transcription
Oracle DatabaseSecurity Guide19cE96299-30June 2022
Oracle Database Security Guide, 19cE96299-30Copyright 1996, 2022, Oracle and/or its affiliates.Primary Author: Patricia HueyContributing Authors: Sumit JelokaContributors: Suraj Adhikari, Thomas Baby, Tammy Bednar, Todd Bottger, Sanjay Bharadwaj, Leo Cloutier,Sudha Duraiswamy, Naveen Gopal, Rishabh Gupta, Yong Hu, Srinidhi Kayoor , Peter Knaggs, AndreKruklikov, Sanjay Kulhari, Anup A. Kumar, Bryn Llewellyn, Dah-Yoh Lim, Rahil Mir, Hari Mohankumar, GopalMulagund, Abhishek Munnolimath, Paul Needham, Robert Pang, Dilip Raj, Kumar Rajamani, Kathy Rich,Saikat Saha, Vipin Samar, Saravana Soundararajan, James Spiller, Srividya Tata, Kamal Tbeileh, Can Tuzla,Anand Verma, Patrick Wheeler, Peter H. WongThis software and related documentation are provided under a license agreement containing restrictions onuse and disclosure and are protected by intellectual property laws. Except as expressly permitted in yourlicense agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license,transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverseengineering, disassembly, or decompilation of this software, unless required by law for interoperability, isprohibited.The information contained herein is subject to change without notice and is not warranted to be error-free. Ifyou find any errors, please report them to us in writing.If this is software or related documentation that is delivered to the U.S. Government or anyone licensing it onbehalf of the U.S. Government, then the following notice is applicable:U.S. GOVERNMENT END USERS: Oracle programs (including any operating system, integrated software,any programs embedded, installed or activated on delivered hardware, and modifications of such programs)and Oracle computer documentation or other Oracle data delivered to or accessed by U.S. Government endusers are "commercial computer software" or "commercial computer software documentation" pursuant to theapplicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, the use,reproduction, duplication, release, display, disclosure, modification, preparation of derivative works, and/oradaptation of i) Oracle programs (including any operating system, integrated software, any programsembedded, installed or activated on delivered hardware, and modifications of such programs), ii) Oraclecomputer documentation and/or iii) other Oracle data, is subject to the rights and limitations specified in thelicense contained in the applicable contract. The terms governing the U.S. Government’s use of Oracle cloudservices are defined by the applicable contract for such services. No other rights are granted to the U.S.Government.This software or hardware is developed for general use in a variety of information management applications.It is not developed or intended for use in any inherently dangerous applications, including applications thatmay create a risk of personal injury. If you use this software or hardware in dangerous applications, then youshall be responsible to take all appropriate fail-safe, backup, redundancy, and other measures to ensure itssafe use. Oracle Corporation and its affiliates disclaim any liability for any damages caused by use of thissoftware or hardware in dangerous applications.Oracle, Java, and MySQL are registered trademarks of Oracle and/or its affiliates. Other names may betrademarks of their respective owners.Intel and Intel Inside are trademarks or registered trademarks of Intel Corporation. All SPARC trademarks areused under license and are trademarks or registered trademarks of SPARC International, Inc. AMD, Epyc,and the AMD logo are trademarks or registered trademarks of Advanced Micro Devices. UNIX is a registeredtrademark of The Open Group.This software or hardware and documentation may provide access to or information about content, products,and services from third parties. Oracle Corporation and its affiliates are not responsible for and expresslydisclaim all warranties of any kind with respect to third-party content, products, and services unless otherwiseset forth in an applicable agreement between you and Oracle. Oracle Corporation and its affiliates will not beresponsible for any loss, costs, or damages incurred due to your access to or use of third-party content,products, or services, except as set forth in an applicable agreement between you and Oracle.
ContentsPrefaceAudienceliDocumentation AccessibilityliRelated DocumentsliiConventionsliiChanges in This Release for Oracle Database Security Guide1Changes in Oracle Database Security 19cliiiUpdates to Oracle Database Security 19clviiiIntroduction to Oracle Database Security1.1About Oracle Database Security1-11.2Additional Oracle Database Security Products1-3Part I2Managing User Authentication and AuthorizationManaging Security for Oracle Database Users2.1About User Security2-12.2Creating User Accounts2-22.2.1About Common Users and Local Users2-22.2.1.1About Common Users2-32.2.1.2How Plugging in PDBs Affects CDB Common Users2-42.2.1.3About Local Users2-52.2.2Who Can Create User Accounts?2-62.2.3Creating a New User Account That Has Minimum Database Privileges2-62.2.4Restrictions on Creating the User Name for a New Account2-72.2.4.1Uniqueness of User Names2-82.2.4.2User Names in a Multitenant Environment2-82.2.4.3Case Sensitivity for User Names2-8iii
2.2.5Assignment of User Passwords2-92.2.6Default Tablespace for the User2-92.2.6.1About Assigning a Default Tablespace for a User2-102.2.6.2DEFAULT TABLESPACE Clause for Assigning a Default Tablespace2-102.2.7About Assigning a Tablespace Quota for a User2-112.2.7.2CREATE USER Statement for Assigning a Tablespace Quota2-122.2.7.3Restriction of the Quota Limits for User Objects in a Tablespace2-122.2.7.4Grants to Users for the UNLIMITED TABLESPACE System Privilege2-12Temporary Tablespaces for the User2-132.2.8.1About Assigning a Temporary Tablespace for a User2-132.2.8.2TEMPORARY TABLESPACE Clause for Assigning a TemporaryTablespace2-132.2.92.2.10Profiles for the User2-14Creation of a Common User or a Local User2-152.2.10.1About Creating Common User Accounts2-152.2.10.2CREATE USER Statement for Creating a Common User Account2-162.2.10.3About Creating Local User Accounts2-172.2.10.4CREATE USER Statement for Creating a Local User Account2-172.2.11Creating a Default Role for the User2-18Altering User Accounts2-182.3.1About Altering User Accounts2-192.3.2Methods of Altering Common or Local User Accounts2-192.3.3Changing Non-SYS User Passwords2-202.3.3.1About Changing Non-SYS User Passwords2-202.3.3.2Using the PASSWORD Command or ALTER USER Statement toChange a Password2-212.3.42.42-112.2.7.12.2.82.3Tablespace Quotas for a UserChanging the SYS User Password2-212.3.4.1About Changing the SYS User Password2-222.3.4.2ORAPWD Utility for Changing the SYS User Password2-23Configuring User Resource Limits2-232.4.1About User Resource Limits2-242.4.2Types of System Resources and Limits2-242.4.2.1Limits to the User Session Level2-252.4.2.2Limits to Database Call Levels2-252.4.2.3Limits to CPU Time2-252.4.2.4Limits to Logical Reads2-252.4.2.5Limits to Other Resources2-252.4.3Values for Resource Limits of Profiles2-262.4.4Managing Resources with Profiles2-272.4.4.1About Profiles2-272.4.4.2ora stig profile User Profile2-28iv
2.52.62.732.4.4.3Creating a Profile2-282.4.4.4Creating a CDB Profile or an Application Profile2-292.4.4.5Assigning a Profile to a User2-292.4.4.6Dropping Profiles2-30Dropping User Accounts2-302.5.1About Dropping User Accounts2-302.5.2Terminating a User Session2-312.5.3About Dropping a User After the User Is No Longer Connected to the Database2.5.4Dropping a User Whose Schema Contains ObjectsPredefined Schema User Accounts Provided by Oracle Database2-312-322-322.6.1About the Predefined Schema User Accounts2-322.6.2Predefined Administrative Accounts2-332.6.3Predefined Non-Administrative User Accounts2-362.6.4Predefined Sample Schema User Accounts2-37Database User and Profile Data Dictionary Views2-382.7.1Data Dictionary Views That List Information About Users and Profiles2-382.7.2Query to Find All Users and Associated Information2-402.7.3Query to List All Tablespace Quotas2-402.7.4Query to List All Profiles and Assigned Limits2-402.7.5Query to View Memory Use for Each User Session2-42Configuring Authentication3.1About Authentication3-23.2Configuring Password Protection3-23.2.1What Are the Oracle Database Built-in Password Protections?3-33.2.2Minimum Requirements for Passwords3-43.2.3Creating a Password by Using the IDENTIFIED BY Clause3-43.2.4Using a Password Management Policy3-53.2.4.1About Managing Passwords3-63.2.4.2Finding User Accounts That Have Default Passwords3-63.2.4.3Password Settings in the Default Profile3-73.2.4.4Using the ALTER PROFILE Statement to Set Profile Limits3-83.2.4.5Disabling and Enabling the Default Password Security Settings3-83.2.4.6Automatically Locking Inactive Database User Accounts3-93.2.4.7Automatically Locking User Accounts After Failed Logins3-103.2.4.8Example: Locking an Account with the CREATE PROFILE Statement3-103.2.4.9Explicitly Locking a User Account3-113.2.4.10Controlling the User Ability to Reuse Previous Passwords3-113.2.4.11About Controlling Password Aging and Expiration3-123.2.4.12Using the CREATE PROFILE or ALTER PROFILE Statement to Set aPassword Lifetime3-13v
3.2.4.13Checking the Status of a User Account3-133.2.4.14Password Change Life Cycle3-133.2.4.15PASSWORD LIFE TIME Profile Parameter Low Value3-153.2.5Managing Gradual Database Password Rollover for Applications3-163.2.5.1About Managing Gradual Database Password Rollover for Applications3-173.2.5.2Password Change Life Cycle During a Gradual Database PasswordRollover3-183.2.5.3Enabling the Gradual Database Password Rollover3-193.2.5.4Changing a Password to Begin the Gradual Database PasswordRollover Period3-21Changing a Password During the Gradual Database Password RolloverPeriod3-223.2.5.6Ending the Password Rollover Period3-223.2.5.7Database Behavior During the Gradual Password Rollover Period3-233.2.5.8Database Server Behavior After the Password Rollover Period Ends3-243.2.5.9Guideline for Handling Compromised Passwords3-243.2.5.53.2.5.103.2.6Finding Users Who Still Use Their Old Passwords3-24Managing the Complexity of Passwords3-253.2.6.1About Password Complexity Verification3-263.2.6.2How Oracle Database Checks the Complexity of Passwords3-263.2.6.3Who Can Use the Password Complexity Functions?3-263.2.6.4verify function 11G Function Password Requirements3-263.2.6.5ora12c verify function Password Requirements3-273.2.6.6ora12c strong verify function Function Password Requirements3-283.2.6.7ora12c stig verify function Password Requirements3-283.2.6.8About Customizing Password Complexity Verification3-283.2.6.9Enabling Password Complexity Verification3-293.2.7Managing Password Case Sensitivity3.2.7.13-30SEC CASE SENSITIVE LOGON Parameter and Password CaseSensitivity3-31Using the ALTER SYSTEM Statement to Enable Password CaseSensitivity3-313.2.7.3Management of Case Sensitivity for Secure Role Passwords3-323.2.7.4Management of Password Versions of Users3-323.2.7.5Finding and Resetting User Passwords That Use the 10G PasswordVersion3-343.2.7.6How Case Sensitivity Affects Password Files3-373.2.7.7How Case Sensitivity Affects Passwords Used in Database LinkConnections3-373.2.7.23.2.8Ensuring Against Password Security Threats by Using the 12C PasswordVersion3-383.2.8.1About the 12C Version of the Password Hash3-383.2.8.2Oracle Database 12C Password Version Configuration Guidelines3-39vi
3.2.8.3Configuring Oracle Database to Use the 12C Password VersionExclusively3-413.2.8.4How Server and Client Logon Versions Affect Database Links3-433.2.8.5Configuring Oracle Database Clients to Use the 12C Password VersionExclusively3-443.2.9Managing the Secure External Password Store for Password Credentials3.2.9.1About the Secure External Password Store3-453.2.9.2How Does the External Password Store Work?3-463.2.9.3About Configuring Clients to Use the External Password Store3-473.2.9.4Configuring a Client to Use the External Password Store3-473.2.9.5Example: Sample SQLNET.ORA File with Wallet Parameters Set3-493.2.9.6Managing External Password Store Credentials3-493.2.10Managing Passwords for Administrative Users3.43.53.63-513.2.10.1About Managing Passwords for Administrative Users3-523.2.10.2Setting the LOCK and EXPIRED Status of Administrative Users3-523.2.10.3Password Profile Settings for Administrative Users3-523.2.10.4Last Successful Login Time for Administrative Users3-533.2.10.5Management of the Password File of Administrative Users3-533.2.10.6Migration of the Password File of Administrative Users3-543.2.10.7How the Multitenant Option Affects Password Files for AdministrativeUsers3-54Password Complexity Verification Functions for Administrative Users3-543.2.10.83.33-45Authentication of Database Administrators3-553.3.1About Authentication of Database Administrators3-563.3.2Strong Authentication, Centralized Management for Administrators3-563.3.2.1About Strong Authentication for Database Administrators3-563.3.2.2Configuring Directory Authentication for Administrative Users3-563.3.2.3Configuring Kerberos Authentication for Administrative Users3-573.3.2.4Configuring Transport Layer Security Authentication for AdministrativeUsers3-583.3.3Authentication of Database Administrators by Using the Operating System3-593.3.4Authentication of Database Administrators by Using Their Passwords3-603.3.5Risks of Using Password Files for Database Administrator Authentication3-61Database Authentication of Users3-623.4.1About Database Authentication3-623.4.2Advantages of Database Authentication3-633.4.3Creating Users Who Are Authenticated by the Database3-64Schema-Only Accounts3-643.5.1About Schema-Only Accounts3-643.5.2Creating a Schema-Only Account3-653.5.3Altering a Schema-Only Account3-65Operating System Authentication of Users3-66vii
3.7Network Authentication of Users3-673.7.1Authentication with Transport Layer Security3-673.7.2Authentication with Third-Party Services3-673.83.7.2.1About Authentication Using Third-Party Services3-683.7.2.2Authentication with Kerberos3-683.7.2.3Authentication with RADIUS3-683.7.2.4Authentication with Directory-Based Services3-693.7.2.5Authentication with Public Key Infrastructure3-69Configuring Operating System Users for a PDB3-703.8.1About Configuring Operating System Users for a PDB3-703.8.2Configuring an Operating System User for a PDB3-703.9Global User Authentication and Authorization3-713.9.1About Configuring Global User Authentication and Authorization3-723.9.2Configuration of Users Who Are Authorized by a Directory Service3-723.9.2.1Creating a Global User Who Has a Private Schema3-733.9.2.2Creating Multiple Enterprise Users Who Share Schemas3-73Advantages of Global Authentication and Global Authorization3-74Configuring an External Service to Authenticate Users and Passwords3-743.9.33.103.10.1About External Authentication3-753.10.2Advantages of External Authentication3-753.10.3Enabling External Authentication3-763.10.4Creating a User Who Is Authenticated Externally3-763.10.5Authentication of User Logins By Using the Operating System3-773.10.6Authentication of User Logins Using Network Authentication3-773.11Multitier Authentication and Authorization3-773.12Administration and Security in Clients, Application Servers, and Database Servers3-783.13Preserving User Identity in Multitiered Environments3-793.13.1Middle Tier Server Use for Proxy Authentication3-803.13.1.1About Proxy Authentication3-813.13.1.2Advantages of Proxy Authentication3-813.13.1.3Who Can Create Proxy User Accounts?3-823.13.1.4Guidelines for Creating Proxy User Accounts3-823.13.1.5Creating Proxy User Accounts and Authorizing Users to ConnectThrough Them3-83Proxy User Accounts and the Authorization of Users to ConnectThrough Them3-843.13.1.7Using Proxy Authentication with the Secure External Password Store3-843.13.1.8How the Identity of the Real User Is Passed with Proxy Authentication3-853.13.1.9Limits to the Privileges of the Middle Tier3-863.13.1.63.13.1.10Authorizing a Middle Tier to Proxy and Authenticate a User3-873.13.1.11Authorizing a Middle Tier to Proxy a User Authenticated by OtherMeans3-87viii
3.13.1.12Reauthenticating a User Through the Middle Tier to the Database3-883.13.1.13Using Password-Based Proxy Authentication3-883.13.1.14Using Proxy Authentication with Enterprise Users3-893.13.2Using Client Identifiers to Identify Application Users Unknown to the Database3.13.2.1About Client Identifiers3-903.13.2.2How Client Identifiers Work in Middle Tier Systems3-913.13.2.3Use of the CLIENT IDENTIFIER Attribute to Preserve User Identity3-913.13.2.4Use of the CLIENT IDENTIFIER Independent of Global ApplicationContext3-92Setting the CLIENT IDENTIFIER Independent of Global ApplicationContext3-92Use of the DBMS SESSION PL/SQL Package to Set and Clear theClient Identifier3-933.13.2.7Enabling the CLIENTID OVERWRITE Event System-Wide3-943.13.2.8Enabling the CLIENTID OVERWRITE Event for the Current Session3-943.13.2.9Disabling the CLIENTID OVERWRITE Event3-943.13.2.53.13.2.63.1443-90User Authentication Data Dictionary Views3-95Configuring Privilege and Role Authorization4.1About Privileges and Roles4-24.2Who Should Be Granted Privileges?4-34.3How the Oracle Multitenant Option Affects Privileges4-44.4Managing Administrative Privileges4-44.54.64.4.1About Administrative Privileges4-54.4.2Grants of Administrative Privileges to Users4-54.4.3SYSDBA and SYSOPER Privileges for Standard Database Operations4-64.4.4SYSBACKUP Administrative Privilege for Backup and Recovery Operations4-64.4.5SYSDG Administrative Privilege for Oracle Data Guard Operations4-84.4.6SYSKM Administrative Privilege for Transparent Data Encryption4-94.4.7SYSRAC Administrative Privilege for Oracle Real Application ClustersManaging System Privileges4-104-114.5.1About System Privileges4-114.5.2Why Is It Important to Restrict System Privileges?4-124.5.2.1About the Importance of Restricting System Privileges4-124.5.2.2User Access to Objects in the SYS Schema4-124.5.3Grants and Revokes of System Privileges4-134.5.4Who Can Grant or Revoke System Privileges?4-134.5.5About ANY Privileges and the PUBLIC Role4-13Managing Commonly and Locally Granted Privileges4-144.6.1About Commonly and Locally Granted Privileges4-144.6.2How Commonly Granted System Privileges Work4-15ix
4.6.3How Commonly Granted Object Privileges Work4-164.6.4Granting or Revoking Privileges to Access a PDB4-164.6.5Example: Granting a Privilege in a Multitenant Environment4-174.6.6Enabling Common Users to View CONTAINER DATA Object Information4-174.6.6.14.6.6.24.74.8Viewing Data About the Root, CDB, and PDBs While Connected to theRoot4-17Enabling Common Users to Query Data in Specific PDBs4-18Managing Common Roles and Local Roles4-194.7.1About Common Roles and Local Roles4-204.7.2How Common Roles Work4-204.7.3How the PUBLIC Role Works in a Multitenant Environment4-214.7.4Privileges Required to Create, Modify, or Drop a Common Role4-214.7.5Rules for Creating Common Roles4-214.7.6Creating a Common Role4-214.7.7Rules for Creating Local Roles4-224.7.8Creating a Local Role4-224.7.9Role Grants and Revokes for Common Users and Local Users4-23Managing User Roles4.8.14-23About User Roles4-244.8.1.1What Are User Roles?4-254.8.1.2The Functionality of Roles4-254.8.1.3Properties of Roles and Why They Are Advantageous4-264.8.1.4Typical Uses of Roles4-274.8.1.5Common Uses of Application Roles4-274.8.1.6Common Uses of User Roles4-284.8.1.7How Roles Affect the Scope of a User's Privileges4-284.8.1.8How Roles Work in PL/SQL Blocks4-284.8.1.9How Roles Aid or Restrict DDL Usage4-294.8.1.10How Operating Systems Can Aid Roles4-304.8.1.11How Roles Work in a Distributed Environment4-304.8.2Predefined Roles in an Oracle Database Installation4-314.8.3Creating a Role4-364.8.3.1About the Creation of Roles4-364.8.3.2Creating a Role That Is Authenticated With a Password4-374.8.3.3Creating a Role That Has No Password Authentication4-384.8.3.4Creating a Role That Is External or Global4-384.8.3.5Altering a Role4-394.8.4Specifying the Type of Role Authorization4-394.8.4.1Authorizing a Role by Using the Database4-394.8.4.2Authorizing a Role by Using an Application4-404.8.4.3Authorizing a Role by Using an External Source4-40x
4.8.4.4Authorizing a Role by Using the Operating System4-414.8.4.5Authorizing a Role by Using a Network Client4-414.8.4.6Authorizing a Global Role by an Enterprise Directory Service4-414.8.5Granting and Revoking Roles4-424.8.5.1About Granting and Revoking Roles4-424.8.5.2Who Can Grant or Revoke Roles?4-434.8.5.3Granting and Revoking Roles to and from Program Units4-434.8.6Dropping Roles4-444.8.7Restricting SQL*Plus Users from Using Database Roles4-444.8.7.1Potential Security Problems of Using Ad Hoc Tools4-444.8.7.2How the PRODUCT USER PROFILE System Table Can Limit Roles4-454.8.7.3How Stored Procedures Can Encapsulate Business Logic4-454.8.84.9Role Privileges and Secure Application RolesRestricting Operations on PDBs Using PDB Lockdown Profiles4-464-464.9.1About PDB Lockdown Profiles4-474.9.2PDB Lockdown Profile Inheritance4-484.9.3Default PDB Lockdown Profiles4-494.9.4Creating a PDB Lockdown Profile4-494.9.5Enabling or Disabling a PDB Lockdown Profile4-514.9.6Dropping a PDB Lockdown Profile4-534.10Managing Object Privileges4-534.10.1About Object Privileges4-544.10.2Who Can Grant Object Privileges?4-544.10.3Grants and Revokes of Object Privileges4-554.10.3.1About Granting and Revoking Object Privileges4-554.10.3.2How the ALL Clause Grants or Revokes All Available Object Privileges4-554.10.4READ and SELECT Object Privileges4-564.10.4.1About Managing READ and SELECT Object Privileges4-564.10.4.2Enabling Users to Use the READ Object Privilege to Query Any Tablein the Database4-57Restrictions on the READ and READ ANY TABLE Privileges4-574.10.4.34.10.5Object Privilege Use with Synonyms4-574.10.6Sharing Application Common Objects4-584.114.10.6.1Metadata-Linked Application Common Objects4-594.10.6.2Data-Linked Application Common Objects4-604.10.6.3Extended Data-Linked Application Common Objects4-60Table Privileges4-614.11.1How Table Privileges Affect Data Manipulation Language Operations4-624.11.2How Table Privileges Affect Data Definition Language Operations4-624.12View Privileges4.12.1Privileges Required to Create Views4-634-63xi
4.12.2Privileges to Query Views in Other Schemas4-644.12.3The Use of Views to Increase Table Security4-644.13Procedure Privileges4-654.13.1The Use of the EXECUTE Privilege for Procedure Privileges4-654.13.2Procedure Execution and Security Domains4-654.13.3System Privileges Required to Create or Replace a Procedure4-664.13.4System Privileges Required to Compile a Procedure4-664.13.5How Procedure Privileges Affect Packages and Package Objects4-674.13.5.14.14About the Effect of Procedure Privileges on Packages and PackageObjects4-674.13.5.2Example: Procedure Privileges Used in One Package4-674.13.5.3Example: Procedure Privileges and Package Objects4-68Type Privileges4-694.14.1System Privileges for Named Types4-694.14.2Object Privileges for Named Types4-694.14.3Method Execution Model for Named Types4-704.14.4Privileges Required to Create Types and Tables Using Types4-704.14.5Example: Privileges for Creating Types and Tables Using Types4-714.14.6Privileges on Type Access and Object Access4-724.14.7Type Dependencies4-734.15Grants of User Privileges and Roles4.15.1Granting System Privileges and Roles to Users and Roles4.15.1.14-74Privileges for Grants of System Privileges and Roles to Users andRoles4-744.15.1.2Example: Granting a System Privilege and a Role to a User4-754.15.1.3Example: Granting the EXECUTE Privilege on a Directory Object4-754.15.1.4Use of the ADMIN Option to Enable Grantee Users to Grant thePrivilege4-75Creating a New User with the GRANT Statement4-764.15.1.54.15.24.164-74Granting Object Privileges to Users and Roles4-764.15.2.1About Granting Object Privileges to Users and Roles4-764.15.2.2How the WITH GRANT OPTION Clause Works4-774.15.2.3Grants of Object Privileges on Behalf of the Object Owner4-784.15.2.4Grants of Privileges on Columns4-794.15.2.5Row-Level Access Control4-79Revokes of Privileges and Roles from a User4-804.16.1Revokes of System Privileges and Roles4-804.16.2Revokes of Object Privileges4-804.16.2.1About Revokes of Object Privileges4-814.16.2.2Revokes of Multiple Object Privileges4-814.16.2.3Revokes of Object Privileges on Behalf of the Object Owner4-814.16.2.4Revokes of Column-Selective Object Privileges4-82xii
4.16.2.54.16.3Cascading Effects of Revoking Privileges4-834-834.16.3.1Cascading Effects When Revoking System Privileges4-834.16.3.2Cascading Effects When Revoking Object Privileges4-844.17Grants and Revokes of Privileges to and from the PUBLIC Role4-844.18Grants of Roles Using the Operating System or Network4-854.18.1About Granting Roles Using the Operating System or Network4-854.18.2Operating System Role Identification4-864.18.3Operating System Role Management4-874.18.4Role Grants and Revokes When OS ROLES Is Set to TRUE4-874.18.5Role Enablements and Disablements When OS ROLES Is Set to TRUE4-884.18.6Network Connections with Operating System Role Management4-884.19How Grants and Revokes Work with SET ROLE and Default Role Settings4-884.19.1When Grants and Revokes Take Effect4-894.19.2How the SET ROLE Statement Affects Grants and Revokes4-894.19.3Specifying the Default Role for a User4-894.19.4The Maximum Number of Roles That a User Can Have Enabled4-904.205Revokes of the REFERENCES Object PrivilegeUser Privilege and Role Data Dictionary Views4-904.20.1Data Dictionary Views to Find Information about Privilege and Role Grants4-914.20.2Query to List All System Privilege Grants4-934.20.3Query to List All Role Grants4-934.20.4Query to List Object Privileges Granted to a User4-944.20.5Query to List the Current Privilege Domain of Your Session4-944.20.6Query to List Roles of the Database4-954.20.7Query to List Information About the Privilege Domains of Roles4-96Performing Privilege Analysis to Identify Privilege Use5.15.2What Is Privilege Analysis?5-15.1.1About Privilege Analysis5-25.1.2Benefits and Use Cases of Privilege Analysis5-25.1.2.1Least Privileges Best Practice5-25.1.2.2Development of Secure Applications5-35.1.3Who Can Perform Privilege Analysis?5-35.1.4Types of Privilege Analysis5-35.1.5How Does a Multitenant Environment Affect Privilege Analysis?5-45.1.6How Privilege Analysis Works with Pre-Compiled Database Objects5-4Creating and Managing Privilege Analysis Policies5-55.2.1About Creating and Managing Privilege Analysis Policies5-55.2.2General Steps for Managing Privilege Analysis5-65.2.3Creating a Privilege Analysis Policy5-6xiii
5.2.45.45.55.65-85.2.4.1Example: Privilege Analysis of Database-Wide Privileges5-85.2.4.2Example: Privilege Analysis of Privilege Usage of Two Roles5-95.2.4.3Example: Privilege Analysis of Privileges During SQL*Plus Use5-95.2.4.4Example: Privilege Analysis of PSMITH Privileges During SQL*PlusAccess5-95.2.5Enabling a Privilege Analysis Policy5-105.2.6Disabling a Privilege Analysis Policy5-105.2.7Generating a Privilege Analysis Report5-115.2.7.1About Generating a Privilege Analysis Report5-115.2.7.2General Process for Managing Multiple Named Capture Runs5-115.2.7.3Generating a Privilege Analysis Report UsingDBMS PRIVILEGE CAPTURE5-125.2.7.4Generating a Privilege Analysis Report Using Cloud Control5-135.2.7.5Accessing Privilege Analysis Reports Using Cloud Control5-135.2.85.3Examples of Creating Privilege Analysis PoliciesDropping a Privilege Analysis Policy5-14Creating Roles and Managing Privileges Using Cloud Control5-155.3.1Creating a Role from a Privilege Analysis Report in Cloud Control5-155.3.2Revoking and Regranting Roles and Privileges Using Cloud Control5-155.3.3Generating a Revoke or Regrant Script Using Cloud Control5-165.3.3.1About Generating Revoke and Regrant Scripts5-165.3.3.2Generating a Revoke Script5-175.3.3.3Generating a Regrant Script5-18Tutorial: Using Capture Runs to Analyze ANY Privilege Use5-185.4.1Step 1: Create User Accounts5-195.4.2Step 2: Create and Enable a Privilege Analysis Policy5-205.4.3Step 3: Use the READ ANY TABLE System Privilege5-205.4.4Step 4: Disable the Privilege Analysis Policy5-215.4.5Step 5: Generate and View a Privilege Analysis Report5-215.4.6Step 6: Create a Second Capture Run5-225.4.7Step 7: Remove the Components for This Tutorial5-23Tutorial: Analyzing Privilege Use by a User Who Has the DBA Role5-235.5.1Step 1: Create User Accounts5-245.5.2Step 2: Create and Enable a Privilege Analysis Policy5-245.5.3Step 3: Perform the Database Tuning Operations5-255.5.4Step 4: Disable the Privilege Analysis Policy5-265.5.5Step 5: Generate and View Privilege Analysis Reports5-265.5.6Step 6: Remove the Components for This Tutorial5-27Privilege Analysis Policy and Report Data Dictionary Views5-28xiv
6Configuring Centrally Managed Users with Microsoft Active Directory6.16.2Introduction to Centrally Managed Users with Microsoft Active Directory6.1.1About the Oracle Database-Microsoft Active Directory Integration6-26.1.2How Centrally Managed Users with Microsoft Active Directory Works6-36.1.3Centrally Managed User-Microsoft Active Directory Architecture6-36.1.4Supported Authentication Methods6-46.1.5Users Supported by Centrally Managed Users with Microsoft Active Directory6-46.1.6How the Oracle Multitenant Option Affects Centrally Managed Users6-56.1.7Centrally Managed Users with Database Links6-6Configuring the Oracle Database-Microsoft Active Directory IntegrationAbout Configuring the Oracle Database-Microsoft Active Directory Connection6-66.2.2Connecting to Microsoft Active Directory6-76.2.2.2Step 1: Create an Oracle Service Directory User Account on MicrosoftActive Directory and Grant Permis
Changes in Oracle Database Security 19c liii. Updates to Oracle Database Security 19c lviii. Introduction to Oracle Database Security. About Oracle Database Security1-1. Additional Oracle Database Security Products1-3 \376\377Managing User Authentication and\240Authorization. Managing Security for Oracle Database Users. About User Security2-1
