23-07-2012, 03:16 PM
ORACLE DATABASE SECURITY
ORACLE DATABASE .ppt (Size: 246.5 KB / Downloads: 54)
Introduction
The focus of the session is the security features of Oracle 9i with an emphasis on reviewing database security configuration. The session will include a discussion of the Oracle database terminology, risk areas, security features, and sample table contents. In addition, the session will provide additional references and sample audit steps/programs. After the session, the IT auditor should be able to perform a security review of an Oracle database.
This session will not allow the auditor to perform an Oracle application review.
Oracle Architecture
Oracle Database Structures
Physical Database Structures
Oracle Processes
Oracle Memory Structures
Trusted Relationships
Tablespaces
System tablespace - includes system data needed by the database to manage data includes data dictionary
Temp tablespace - temporary clipboard used to manage transactions such as sorting data from an ORDER BY clause in a query
Tools tablespace - stores objects used by tools that interact with the database
User’s tablespace - stores a personal user’s objects
Rollback tablespace - stores rollback segments; rollback segments are used by the database to roll back data (i.e., a transaction failure or user command to undo any uncommitted changes)
Data and index tablespaces - store application data
Physical Database Structures
Oracle data files - all files that store the database data includes rollback segments, redo logs, audit files and files that form basis for tablespaces and indexes. Typically have dbf extension
Oracle software files - typically hold the database server’s binary code and all other program code together constitute the database functionality includes library, Java and listener files
Parameter files - store configuration information about the database server and the database instance includes location of control files, log files and init.ora file
Control files - small binary file that contains information about the database instance and is needed to start the database. All major changes to the structure of the database are recorded in the control file
Log/trace files- log files contain sequential list of all changes to database; files trace files are generated by the database to facilitate troubleshooting. The file alert.out stores any server messages that are generated by the database server
Oracle Database Files
The control files (named CONTROL_nn.CTL) are the key files that the Oracle DBMS maintains about the state of the database and includes:
Checkpoint progress records
Redo thread records
Log file records
Data file records
Tablespace records
Log file history records
Archived log records
Backup set and data file copy records
Oracle Memory Structures
System Global Area (SGA) – stores pertinent information about instance
Program Global Area (PGA) – contains data and control information for a single process; used by a single Oracle process and is not shared among processes