Book Image

Oracle Database 12c Security Cookbook

By : Zoran Pavlovic, Maja Veselica
Book Image

Oracle Database 12c Security Cookbook

By: Zoran Pavlovic, Maja Veselica

Overview of this book

Businesses around the world are paying much greater attention toward database security than they ever have before. Not only does the current regulatory environment require tight security, particularly when dealing with sensitive and personal data, data is also arguably a company’s most valuable asset - why wouldn’t you want to protect it in a secure and reliable database? Oracle Database lets you do exactly that. It’s why it is one of the world’s leading databases – with a rich portfolio of features to protect data from contemporary vulnerabilities, it’s the go-to database for many organizations. Oracle Database 12c Security Cookbook helps DBAs, developers, and architects to better understand database security challenges. Let it guide you through the process of implementing appropriate security mechanisms, helping you to ensure you are taking proactive steps to keep your data safe. Featuring solutions for common security problems in the new Oracle Database 12c, with this book you can be confident about securing your database from a range of different threats and problems.
Table of Contents (18 chapters)
Oracle Database 12c Security Cookbook
Credits
About the Authors
About the Reviewers
www.PacktPub.com
Preface

Creating audit policies to audit privileges, actions and roles under specified conditions


In this recipe, you will create several unified audit policies.

Getting ready

To complete this recipe, you'll need two existing users:

  • A user who has the audit_admin role (for example, jack)

  • A user who has the create session privilege (for example, john)

Also, you should create the roles hr_role and oe_role as stated here and grant hr_role to the user john.

SQL> create role hr_role;
SQL> grant select any table, create table to hr_role;
SQL> grant insert on hr.departments to hr_role;
SQL> create role oe_role;
SQL> grant drop any table to oe_role;
SQL> grant select, update on oe.orders to oe_role;
SQL> grant oe_role to hr_role;
SQL> grant hr_role to john;

How to do it...

  1. Connect to the database as a user who has the audit_admin role (for example, jack):

    $ sqlplus jack
    
  2. Create audit policy my_policy1:

    SQL> CREATE AUDIT POLICY MY_POLICY1
    PRIVILEGES SELECT ANY TABLE
    ACTIONS CREATE TABLE...