SlideShare uma empresa Scribd logo

Database Security

Transferir como DOCX, PDF
Anar Godjaev
Anar Godjaev
Tecnologia
1 de 9
Database Security SQL> --1) Revoke privileges granted in Lab Exercise 1 SQL> connect anar Connected. SQL> -- revoke access modes from users SQL> revoke select on student from able; Revoke succeeded. SQL> revoke update on student from baker; Revoke succeeded. SQL> revoke insert on student from charles; Revoke succeeded. SQL> revoke delete on student from drake; Revoke succeeded. SQL> revoke update (major) on student from elliot; revoke update (major) on student from elliot * ERROR at line 1: ORA-01750: UPDATE/REFERENCES may only be REVOKEd from the whole table, not by column SQL> revoke update on student from elliot; Revoke succeeded.
SQL> revoke select, update on faculty from test; Revoke succeeded. SQL> revoke insert, delete on faculty from seaver; Revoke succeeded. SQL> revoke update (address) on faculty from looney; revoke update (address) on faculty from looney * ERROR at line 1: ORA-01750: UPDATE/REFERENCES may only be REVOKEd from the whole table, not by column SQL> revoke update on faculty from looney; Revoke succeeded. SQL> revoke update, insert on faculty from mills; Revoke succeeded. SQL> SQL> SQL> -- revoke create session from users SQL> revoke create session from able; Revoke succeeded. SQL> revoke create session from baker; Revoke succeeded. SQL> revoke create session from charles; Revoke succeeded. SQL> revoke create session from drake; Revoke succeeded. SQL> revoke create session from elliot; Revoke succeeded. SQL> revoke create session from test; Revoke succeeded. SQL> revoke create session from seaver; Revoke succeeded. SQL> revoke create session from looney;
Revoke succeeded. SQL> revoke create session from mills; Revoke succeeded. SQL> -- 2) Grant Roles Student and Faculty SQL> -- create roles student and faculty SQL> create role student; Role created. SQL> create role faculty; Role created. SQL> SQL> -- grant privileges to roles SQL> grant select on student to student; Grant succeeded. SQL> grant select on faculty to faculty; Grant succeeded. SQL> SQL> -- grant student role to students and faculty role to faculty SQL> grant student to able, baker, charles, drake, elliot; Grant succeeded. SQL> grant faculty to test, seaver, looney, mills; Grant succeeded. SQL> grant create session to student; Grant succeeded. SQL> grant create session to faculty; Grant succeeded. SQL> -- 3)demonstrate select privileges for student and faculty SQL> connect able Connected. SQL> select * from anar.student; STUDENTID NAME MAJOR ST ADDRESS GPA ---------- ---------- ---------------- -- ------------ ---------100 ABLE HISTORY SR 1 UTAH 3 200 BAKER ACCOUNTING JR 2 IOWA 2.7
300 CHARLES 400 DRAKE 500 ELLIOT MATH SR 3 MAINE COMPUTER SCIENCE FR 4 IDAHO COMPUTER SCIENCE SM 5 NEVADA 3.5 2.8 3.25 SQL> connect test Connected. SQL> select * from anar.faculty; FACULTYID ---------980 5430 7650 9870 NAME DE ADDRESS RANK ---------- -- ------------ ---------TEST IM 11 MAIN DEAN SEAVER IS 12 SOUTH PROFESSOR LOONEY IT 14 NORTH INSTRUCTOR MILLS SA 16 EAST LECTURER SQL> -- 4) create view and grant select to faculty on view SQL> connect anar Connected. SQL> create view f_student_view 2 as 3 select studentid, name, major, status from student; View created. SQL> SQL> grant select on f_student_view to faculty; Grant succeeded. SQL>-- 5) Demonstrate that faculty can not see the student GPA SQL> connect test Connected. SQL> select * from anar.student; select * from anar.student * ERROR at line 1: ORA-00942: table or view does not exist SQL> select * from anar.f_student_view faculty; STUDENTID NAME MAJOR ST ---------- ---------- ---------------- -100 ABLE HISTORY SR 200 BAKER ACCOUNTING JR 300 CHARLES MATH SR 400 DRAKE COMPUTER SCIENCE FR 500 ELLIOT COMPUTER SCIENCE SM SQL>-- 6)Create view for students to only be able to update their own address SQL> connect anar Connected. SQL> create or replace view S_Student_Update_Address 2 as 3 select name, address 4 from student
5 where name=user; View created. SQL> grant select on S_Student_Update_Address 2 to student; Grant succeeded. SQL> SQL> grant update (address) on S_Student_Update_Address 2 to student; Grant succeeded. SQL> connect baker Connected. SQL> select * from anar.S_Student_Update_Address; NAME ADDRESS ---------- -----------BAKER 2 IOWA SQL> update anar.S_Student_Update_Address set address = '1 Party St.'; 1 row updated. SQL> select * from anar.S_Student_Update_Address; NAME ADDRESS ---------- -----------BAKER 1 Party St. SQL>-- 7)Revoke grants on Student and Faculty tables in Problem 2 above SQL>-- and create views for Student and faculty to see their own record SQL> connect anar Connected. SQL> revoke select on student from student; Revoke succeeded. SQL> revoke select on faculty from faculty; Revoke succeeded. SQL> spool end; SQL>create viewown_student_record 2 as 3 select * from student where name = user; View created. SQL> grant select on own_student_record to student; Grant succeeded.
SQL> connect able Connected. SQL> select * from anar.own_student_record; STUDENTID NAME MAJOR ST ADDRESS GPA ---------- ---------- ---------------- -- ------------ ---------100 ABLE HISTORY SR 668 CS. 3 SQL> connect baker Connected. SQL> select * from anar.own_student_record; STUDENTID NAME MAJOR ST ADDRESS GPA ---------- ---------- ---------------- -- ------------ ---------200 BAKER ACCOUNTING JR 2 IOWA 2.7 SQL> connect anar Connected. SQL>create viewown_faculty_record 2 as 3 select * from faculty where name = user; View created. SQL> grant select on own_faculty_record 2 to faculty; Grant succeeded. SQL> connect test Connected. SQL> select * from anar.own_faculty_record; FACULTYID NAME DE ADDRESS RANK ---------- ---------- -- ------------ ---------980 TEST IM 11 MAIN DEAN SQL> connect seaver Connected. SQL> select * from anar.own_faculty_record; FACULTYID NAME DE ADDRESS RANK ---------- ---------- -- ------------ ---------5430 SEAVER IS 12 SOUTH PROFESSOR SQL> spool end SQL> -- 8) Create a view "Update_Faculty_Address" SQL> connect anar Connected. SQL> create view Update_Faculty_Address 2 as 3 select name, address 4 from faculty
5 where name=user; View created. SQL> grant update (address) on Update_Faculty_Address 2 to faculty; Grant succeeded. SQL> grant select on Update_Faculty_Address 2 to faculty; Grant succeeded. SQL> connect test Connected. SQL> select * from anar.Update_Faculty_Address; NAME ADDRESS ---------- -----------TEST 11 MAIN SQL> update anar.Update_Faculty_Address set address = '10 Chastain'; 1 row updated. SQL> select * from anar.Update_Faculty_Address; NAME ADDRESS ---------- -----------TEST 10 Chastain SQL>spool end SQL> -- 9) Create a view for students to view their Student, Offering and Enrollment SQL> CREATE VIEW student_offering_enrollment 2 as 3 SELECT s.name, e.offeringnum, o.coursenum, o.facultyid, o.term,o.time from student s, offering o, enrollment e 4 WHERE s.studentid = e.studentid and e.offeringnum=o.offeringnum 5 and s.name = USER; View created. SQL> GRANT SELECT ON student_offering_enrollment TO STUDENT; Grant succeeded. SQL> connect able Connected. SQL> SELECT * FROM anar.student_offering_enrollment; NAME OFFERINGNUM COURS FACULTYID TERM TIME ---------- ----------- ----- ---------- ------ ----ABLE 1111 IS320 5430 FALL 10 AM
SQL> connect baker Connected. SQL> SQL> SELECT * FROM anar.student_offering_enrollment; no rows selected -- Note that baker is not registered for any courses SQL> connect elliot Connected. SQL> SQL> SELECT * FROM anar.student_offering_enrollment; NAME OFFERINGNUM COURS FACULTYID TERM TIME ---------- ----------- ----- ---------- ------ ----ELLIOT 1233 IS320 980 FALL 11 AM SQL> -- 10) Create view for Juniors and seniors to change majors SQL> -- login as user with DBA privileges SQL> connect anar Connected. SQL> create view changeMajors 2 as 3 select name, major 4 from student where name=user; View created. SQL> grant select on changeMajors 2 to student; Grant succeeded. SQL> grant update (major) on changeMajors 2 to student; Grant succeeded. SQL> create or replace view changeMajors 2 as 3 select name, major 4 from student 5 where name=user and (status = 'JR' or status = 'SR'); View created. SQL> connect able Connected. SQL> select * from anar.changeMajors; NAME MAJOR ---------- ---------------ABLE HISTORY SQL> update anar.changeMajors set major = 'G.I.S.';
1 row updated. -- Drake is a freshmen, will not be able to change his/her major SQL> connect drake Connected. SQL> update anar.changeMajors set major = 'G.I.S.'; 0 rows updated. SQL> spool end

Recomendados

Oracle training in hyderabad
Oracle training in hyderabadOracle training in hyderabad
Oracle training in hyderabadKelly Technologies
 
Advanced tips of dbms statas
Advanced tips of dbms statasAdvanced tips of dbms statas
Advanced tips of dbms statasLouis liu
 
Introduction to triggers
Introduction to triggersIntroduction to triggers
Introduction to triggersSyed Awais Mazhar Bukhari
 
Veri̇tabani ve Kullanici Yöneti̇mi̇
Veri̇tabani ve Kullanici Yöneti̇mi̇Veri̇tabani ve Kullanici Yöneti̇mi̇
Veri̇tabani ve Kullanici Yöneti̇mi̇Anar Godjaev
 
Using triggers in my sql database
Using triggers in my sql databaseUsing triggers in my sql database
Using triggers in my sql databaseKimera Richard
 
Db Triggers05ch
Db Triggers05chDb Triggers05ch
Db Triggers05chtheo_10
 
Plsql triggers
Plsql triggersPlsql triggers
Plsql triggersAz Za
 
Database Triggers
Database TriggersDatabase Triggers
Database TriggersAliya Saldanha
 

Recomendados

Oracle training in hyderabad
Oracle training in hyderabadOracle training in hyderabad
Oracle training in hyderabadKelly Technologies
 
Advanced tips of dbms statas
Advanced tips of dbms statasAdvanced tips of dbms statas
Advanced tips of dbms statasLouis liu
 
Introduction to triggers
Introduction to triggersIntroduction to triggers
Introduction to triggersSyed Awais Mazhar Bukhari
 
Veri̇tabani ve Kullanici Yöneti̇mi̇
Veri̇tabani ve Kullanici Yöneti̇mi̇Veri̇tabani ve Kullanici Yöneti̇mi̇
Veri̇tabani ve Kullanici Yöneti̇mi̇Anar Godjaev
 
Using triggers in my sql database
Using triggers in my sql databaseUsing triggers in my sql database
Using triggers in my sql databaseKimera Richard
 
Db Triggers05ch
Db Triggers05chDb Triggers05ch
Db Triggers05chtheo_10
 
Plsql triggers
Plsql triggersPlsql triggers
Plsql triggersAz Za
 
Database Triggers
Database TriggersDatabase Triggers
Database TriggersAliya Saldanha
 
Audit Mekani̇zmasi
Audit Mekani̇zmasiAudit Mekani̇zmasi
Audit Mekani̇zmasiAnar Godjaev
 
PL/SQL
PL/SQLPL/SQL
PL/SQLVaibhav0
 
MySql Triggers Tutorial - The Webs Academy
MySql Triggers Tutorial - The Webs AcademyMySql Triggers Tutorial - The Webs Academy
MySql Triggers Tutorial - The Webs Academythewebsacademy
 
how to protect your sensitive data using oracle database vault
how to protect your sensitive data using oracle database vaulthow to protect your sensitive data using oracle database vault
how to protect your sensitive data using oracle database vaultAnar Godjaev
 
Oracle 10g Database Server Kurulum
Oracle 10g Database Server KurulumOracle 10g Database Server Kurulum
Oracle 10g Database Server KurulumAnar Godjaev
 
Results based management
Results based managementResults based management
Results based managementCentre For Development Alternatives
 
10 Creating Triggers
10 Creating Triggers10 Creating Triggers
10 Creating Triggersrehaniltifat
 
Database Triggers
Database TriggersDatabase Triggers
Database TriggersShaharyar Nawaz
 
Procedures and triggers in SQL
Procedures and triggers in SQLProcedures and triggers in SQL
Procedures and triggers in SQLVikash Sharma
 
TRIGGERS
TRIGGERSTRIGGERS
TRIGGERSdemoiselle
 
Trigger
TriggerTrigger
TriggerVForce Infotech
 
Introduction to triggers
Introduction to triggersIntroduction to triggers
Introduction to triggersCommand Prompt., Inc
 
Trigger and cursor program using sql
Trigger and cursor program using sqlTrigger and cursor program using sql
Trigger and cursor program using sqlSushil Mishra
 
trigger dbms
trigger dbmstrigger dbms
trigger dbmskuldeep100
 
RBM Presentation
RBM PresentationRBM Presentation
RBM PresentationTaye Habtie
 
Classroom management
Classroom managementClassroom management
Classroom managementRashida Aziz
 
Results-Based Management in UNDP
Results-Based Management in UNDPResults-Based Management in UNDP
Results-Based Management in UNDPUNDP Eurasia
 
Verb phrase
Verb phraseVerb phrase
Verb phraseDr. Shadia Banjar
 
Classroom Management Techniques
Classroom Management TechniquesClassroom Management Techniques
Classroom Management TechniquesBaita Sapad
 
Introduction sql
Introduction sqlIntroduction sql
Introduction sqlsagarasuri
 
Best sql plsql_material for B.TECH
Best sql plsql_material for B.TECH Best sql plsql_material for B.TECH
Best sql plsql_material for B.TECH AmIt Prasad
 
Best sql plsql material
Best sql plsql materialBest sql plsql material
Best sql plsql materialpitchaiah yechuri
 

Mais conteúdo relacionado

Destaque

Audit Mekani̇zmasi
Audit Mekani̇zmasiAudit Mekani̇zmasi
Audit Mekani̇zmasiAnar Godjaev
 
MySql Triggers Tutorial - The Webs Academy
MySql Triggers Tutorial - The Webs AcademyMySql Triggers Tutorial - The Webs Academy
MySql Triggers Tutorial - The Webs Academythewebsacademy
 
how to protect your sensitive data using oracle database vault
how to protect your sensitive data using oracle database vaulthow to protect your sensitive data using oracle database vault
how to protect your sensitive data using oracle database vaultAnar Godjaev
 
Oracle 10g Database Server Kurulum
Oracle 10g Database Server KurulumOracle 10g Database Server Kurulum
Oracle 10g Database Server KurulumAnar Godjaev
 
10 Creating Triggers
10 Creating Triggers10 Creating Triggers
10 Creating Triggersrehaniltifat
 
Procedures and triggers in SQL
Procedures and triggers in SQLProcedures and triggers in SQL
Procedures and triggers in SQLVikash Sharma
 
Trigger and cursor program using sql
Trigger and cursor program using sqlTrigger and cursor program using sql
Trigger and cursor program using sqlSushil Mishra
 
RBM Presentation
RBM PresentationRBM Presentation
RBM PresentationTaye Habtie
 
Classroom management
Classroom managementClassroom management
Classroom managementRashida Aziz
 
Results-Based Management in UNDP
Results-Based Management in UNDPResults-Based Management in UNDP
Results-Based Management in UNDPUNDP Eurasia
 
Classroom Management Techniques
Classroom Management TechniquesClassroom Management Techniques
Classroom Management TechniquesBaita Sapad
 

Destaque (19)

Audit Mekani̇zmasi
Audit Mekani̇zmasiAudit Mekani̇zmasi
Audit Mekani̇zmasi
 
PL/SQL
PL/SQLPL/SQL
PL/SQL
 
MySql Triggers Tutorial - The Webs Academy
MySql Triggers Tutorial - The Webs AcademyMySql Triggers Tutorial - The Webs Academy
MySql Triggers Tutorial - The Webs Academy
 
how to protect your sensitive data using oracle database vault
how to protect your sensitive data using oracle database vaulthow to protect your sensitive data using oracle database vault
how to protect your sensitive data using oracle database vault
 
Oracle 10g Database Server Kurulum
Oracle 10g Database Server KurulumOracle 10g Database Server Kurulum
Oracle 10g Database Server Kurulum
 
Results based management
Results based managementResults based management
Results based management
 
10 Creating Triggers
10 Creating Triggers10 Creating Triggers
10 Creating Triggers
 
Database Triggers
Database TriggersDatabase Triggers
Database Triggers
 
Procedures and triggers in SQL
Procedures and triggers in SQLProcedures and triggers in SQL
Procedures and triggers in SQL
 
TRIGGERS
TRIGGERSTRIGGERS
TRIGGERS
 
Trigger
TriggerTrigger
Trigger
 
Introduction to triggers
Introduction to triggersIntroduction to triggers
Introduction to triggers
 
Trigger and cursor program using sql
Trigger and cursor program using sqlTrigger and cursor program using sql
Trigger and cursor program using sql
 
trigger dbms
trigger dbmstrigger dbms
trigger dbms
 
RBM Presentation
RBM PresentationRBM Presentation
RBM Presentation
 
Classroom management
Classroom managementClassroom management
Classroom management
 
Results-Based Management in UNDP
Results-Based Management in UNDPResults-Based Management in UNDP
Results-Based Management in UNDP
 
Verb phrase
Verb phraseVerb phrase
Verb phrase
 
Classroom Management Techniques
Classroom Management TechniquesClassroom Management Techniques
Classroom Management Techniques
 

Semelhante a Database Security

Introduction sql
Introduction sqlIntroduction sql
Introduction sqlsagarasuri
 
Best sql plsql_material for B.TECH
Best sql plsql_material for B.TECH Best sql plsql_material for B.TECH
Best sql plsql_material for B.TECH AmIt Prasad
 
ORACLE, SQL, PL/SQL Made very very Easy Happy Learning....
ORACLE, SQL, PL/SQL Made very very Easy Happy Learning....ORACLE, SQL, PL/SQL Made very very Easy Happy Learning....
ORACLE, SQL, PL/SQL Made very very Easy Happy Learning....Racharla Rohit Varma
 
OpenWorld 2018 - Common Application Developer Disasters
OpenWorld 2018 - Common Application Developer DisastersOpenWorld 2018 - Common Application Developer Disasters
OpenWorld 2018 - Common Application Developer DisastersConnor McDonald
 
Flashback (Practical Test)
Flashback (Practical Test)Flashback (Practical Test)
Flashback (Practical Test)Anar Godjaev
 
1. Create a View that allows students to view their own informatio.docx
1. Create a View that allows students to view their own informatio.docx1. Create a View that allows students to view their own informatio.docx
1. Create a View that allows students to view their own informatio.docxketurahhazelhurst
 
5. Basic Structure of SQL Queries.pdf
5. Basic Structure of SQL Queries.pdf5. Basic Structure of SQL Queries.pdf
5. Basic Structure of SQL Queries.pdfSunita Milind Dol
 
Basic - Oracle Edition Based Redefinition Presentation
Basic - Oracle Edition Based Redefinition PresentationBasic - Oracle Edition Based Redefinition Presentation
Basic - Oracle Edition Based Redefinition PresentationN/A
 
Pluggable database tutorial 2
Pluggable database tutorial 2Pluggable database tutorial 2
Pluggable database tutorial 2Osama Mustafa
 
Relational DB Course
Relational DB Course Relational DB Course
Relational DB Course Sunny U Okoro
 
Oracle Database 12c Application Development
Oracle Database 12c Application DevelopmentOracle Database 12c Application Development
Oracle Database 12c Application DevelopmentSaurabh K. Gupta
 
12c SQL Plan Directives
12c SQL Plan Directives12c SQL Plan Directives
12c SQL Plan DirectivesFranck Pachot
 
GraphQL gifts from Kiwi.com
GraphQL gifts from Kiwi.comGraphQL gifts from Kiwi.com
GraphQL gifts from Kiwi.comMichal Sänger
 

Semelhante a Database Security (20)

Introduction sql
Introduction sqlIntroduction sql
Introduction sql
 
Best sql plsql_material for B.TECH
Best sql plsql_material for B.TECH Best sql plsql_material for B.TECH
Best sql plsql_material for B.TECH
 
Best sql plsql material
Best sql plsql materialBest sql plsql material
Best sql plsql material
 
ORACLE, SQL, PL/SQL Made very very Easy Happy Learning....
ORACLE, SQL, PL/SQL Made very very Easy Happy Learning....ORACLE, SQL, PL/SQL Made very very Easy Happy Learning....
ORACLE, SQL, PL/SQL Made very very Easy Happy Learning....
 
OpenWorld 2018 - Common Application Developer Disasters
OpenWorld 2018 - Common Application Developer DisastersOpenWorld 2018 - Common Application Developer Disasters
OpenWorld 2018 - Common Application Developer Disasters
 
Oracle 11G- PLSQL
Oracle 11G- PLSQLOracle 11G- PLSQL
Oracle 11G- PLSQL
 
7. Nested Subqueries.pdf
7. Nested Subqueries.pdf7. Nested Subqueries.pdf
7. Nested Subqueries.pdf
 
Flashback (Practical Test)
Flashback (Practical Test)Flashback (Practical Test)
Flashback (Practical Test)
 
1. Create a View that allows students to view their own informatio.docx
1. Create a View that allows students to view their own informatio.docx1. Create a View that allows students to view their own informatio.docx
1. Create a View that allows students to view their own informatio.docx
 
Db presn(1)
Db presn(1)Db presn(1)
Db presn(1)
 
5. Basic Structure of SQL Queries.pdf
5. Basic Structure of SQL Queries.pdf5. Basic Structure of SQL Queries.pdf
5. Basic Structure of SQL Queries.pdf
 
SQL(AJ).docx
SQL(AJ).docxSQL(AJ).docx
SQL(AJ).docx
 
Basic - Oracle Edition Based Redefinition Presentation
Basic - Oracle Edition Based Redefinition PresentationBasic - Oracle Edition Based Redefinition Presentation
Basic - Oracle Edition Based Redefinition Presentation
 
Pluggable database tutorial 2
Pluggable database tutorial 2Pluggable database tutorial 2
Pluggable database tutorial 2
 
Relational DB Course
Relational DB Course Relational DB Course
Relational DB Course
 
Oracle Database 12c Application Development
Oracle Database 12c Application DevelopmentOracle Database 12c Application Development
Oracle Database 12c Application Development
 
12c SQL Plan Directives
12c SQL Plan Directives12c SQL Plan Directives
12c SQL Plan Directives
 
Sql plsql
Sql plsqlSql plsql
Sql plsql
 
SQL
SQLSQL
SQL
 
GraphQL gifts from Kiwi.com
GraphQL gifts from Kiwi.comGraphQL gifts from Kiwi.com
GraphQL gifts from Kiwi.com
 

Mais de Anar Godjaev

Asm disk group migration from
Asm disk group migration from Asm disk group migration from
Asm disk group migration from Anar Godjaev
 
How to protect your sensitive data using oracle database vault / Creating and...
How to protect your sensitive data using oracle database vault / Creating and...How to protect your sensitive data using oracle database vault / Creating and...
How to protect your sensitive data using oracle database vault / Creating and...Anar Godjaev
 
Database Vault / Verinin Güvenliği
Database Vault / Verinin GüvenliğiDatabase Vault / Verinin Güvenliği
Database Vault / Verinin GüvenliğiAnar Godjaev
 
Oracle Golden Gate
Oracle Golden GateOracle Golden Gate
Oracle Golden GateAnar Godjaev
 
DataPump ile Single Parititon Export
DataPump ile Single Parititon ExportDataPump ile Single Parititon Export
DataPump ile Single Parititon ExportAnar Godjaev
 
Redologlar ve Yöneti̇mi̇
Redologlar ve Yöneti̇mi̇Redologlar ve Yöneti̇mi̇
Redologlar ve Yöneti̇mi̇Anar Godjaev
 
Instance ve Media Bozukluklarını Inceleme
Instance ve Media Bozukluklarını IncelemeInstance ve Media Bozukluklarını Inceleme
Instance ve Media Bozukluklarını IncelemeAnar Godjaev
 
Conditional Control
Conditional ControlConditional Control
Conditional ControlAnar Godjaev
 
Backup and Recovery
Backup and RecoveryBackup and Recovery
Backup and RecoveryAnar Godjaev
 

Mais de Anar Godjaev (20)

Oracle GoldenGate
Oracle GoldenGateOracle GoldenGate
Oracle GoldenGate
 
Asm disk group migration from
Asm disk group migration from Asm disk group migration from
Asm disk group migration from
 
How to protect your sensitive data using oracle database vault / Creating and...
How to protect your sensitive data using oracle database vault / Creating and...How to protect your sensitive data using oracle database vault / Creating and...
How to protect your sensitive data using oracle database vault / Creating and...
 
Database Vault / Verinin Güvenliği
Database Vault / Verinin GüvenliğiDatabase Vault / Verinin Güvenliği
Database Vault / Verinin Güvenliği
 
Oracle Golden Gate
Oracle Golden GateOracle Golden Gate
Oracle Golden Gate
 
DataPump ile Single Parititon Export
DataPump ile Single Parititon ExportDataPump ile Single Parititon Export
DataPump ile Single Parititon Export
 
Redologlar ve Yöneti̇mi̇
Redologlar ve Yöneti̇mi̇Redologlar ve Yöneti̇mi̇
Redologlar ve Yöneti̇mi̇
 
Contraints
ContraintsContraints
Contraints
 
Oracle SQL
Oracle SQLOracle SQL
Oracle SQL
 
Instance ve Media Bozukluklarını Inceleme
Instance ve Media Bozukluklarını IncelemeInstance ve Media Bozukluklarını Inceleme
Instance ve Media Bozukluklarını Inceleme
 
Conditional Control
Conditional ControlConditional Control
Conditional Control
 
PL/SQL Blocks
PL/SQL BlocksPL/SQL Blocks
PL/SQL Blocks
 
Wait Interface
Wait InterfaceWait Interface
Wait Interface
 
Tuning SGA
Tuning SGATuning SGA
Tuning SGA
 
Parallel Server
Parallel ServerParallel Server
Parallel Server
 
Table Partitions
Table PartitionsTable Partitions
Table Partitions
 
Backup and Recovery
Backup and RecoveryBackup and Recovery
Backup and Recovery
 
Memory Management
Memory ManagementMemory Management
Memory Management
 
LogMiner
LogMinerLogMiner
LogMiner
 
Undo Management
Undo ManagementUndo Management
Undo Management
 

Último

08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdfChristopherTHyatt
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 

Último (20)

08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdf
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 

Database Security

  • 1. Database Security SQL> --1) Revoke privileges granted in Lab Exercise 1 SQL> connect anar Connected. SQL> -- revoke access modes from users SQL> revoke select on student from able; Revoke succeeded. SQL> revoke update on student from baker; Revoke succeeded. SQL> revoke insert on student from charles; Revoke succeeded. SQL> revoke delete on student from drake; Revoke succeeded. SQL> revoke update (major) on student from elliot; revoke update (major) on student from elliot * ERROR at line 1: ORA-01750: UPDATE/REFERENCES may only be REVOKEd from the whole table, not by column SQL> revoke update on student from elliot; Revoke succeeded.
  • 2. SQL> revoke select, update on faculty from test; Revoke succeeded. SQL> revoke insert, delete on faculty from seaver; Revoke succeeded. SQL> revoke update (address) on faculty from looney; revoke update (address) on faculty from looney * ERROR at line 1: ORA-01750: UPDATE/REFERENCES may only be REVOKEd from the whole table, not by column SQL> revoke update on faculty from looney; Revoke succeeded. SQL> revoke update, insert on faculty from mills; Revoke succeeded. SQL> SQL> SQL> -- revoke create session from users SQL> revoke create session from able; Revoke succeeded. SQL> revoke create session from baker; Revoke succeeded. SQL> revoke create session from charles; Revoke succeeded. SQL> revoke create session from drake; Revoke succeeded. SQL> revoke create session from elliot; Revoke succeeded. SQL> revoke create session from test; Revoke succeeded. SQL> revoke create session from seaver; Revoke succeeded. SQL> revoke create session from looney;
  • 3. Revoke succeeded. SQL> revoke create session from mills; Revoke succeeded. SQL> -- 2) Grant Roles Student and Faculty SQL> -- create roles student and faculty SQL> create role student; Role created. SQL> create role faculty; Role created. SQL> SQL> -- grant privileges to roles SQL> grant select on student to student; Grant succeeded. SQL> grant select on faculty to faculty; Grant succeeded. SQL> SQL> -- grant student role to students and faculty role to faculty SQL> grant student to able, baker, charles, drake, elliot; Grant succeeded. SQL> grant faculty to test, seaver, looney, mills; Grant succeeded. SQL> grant create session to student; Grant succeeded. SQL> grant create session to faculty; Grant succeeded. SQL> -- 3)demonstrate select privileges for student and faculty SQL> connect able Connected. SQL> select * from anar.student; STUDENTID NAME MAJOR ST ADDRESS GPA ---------- ---------- ---------------- -- ------------ ---------100 ABLE HISTORY SR 1 UTAH 3 200 BAKER ACCOUNTING JR 2 IOWA 2.7
  • 4. 300 CHARLES 400 DRAKE 500 ELLIOT MATH SR 3 MAINE COMPUTER SCIENCE FR 4 IDAHO COMPUTER SCIENCE SM 5 NEVADA 3.5 2.8 3.25 SQL> connect test Connected. SQL> select * from anar.faculty; FACULTYID ---------980 5430 7650 9870 NAME DE ADDRESS RANK ---------- -- ------------ ---------TEST IM 11 MAIN DEAN SEAVER IS 12 SOUTH PROFESSOR LOONEY IT 14 NORTH INSTRUCTOR MILLS SA 16 EAST LECTURER SQL> -- 4) create view and grant select to faculty on view SQL> connect anar Connected. SQL> create view f_student_view 2 as 3 select studentid, name, major, status from student; View created. SQL> SQL> grant select on f_student_view to faculty; Grant succeeded. SQL>-- 5) Demonstrate that faculty can not see the student GPA SQL> connect test Connected. SQL> select * from anar.student; select * from anar.student * ERROR at line 1: ORA-00942: table or view does not exist SQL> select * from anar.f_student_view faculty; STUDENTID NAME MAJOR ST ---------- ---------- ---------------- -100 ABLE HISTORY SR 200 BAKER ACCOUNTING JR 300 CHARLES MATH SR 400 DRAKE COMPUTER SCIENCE FR 500 ELLIOT COMPUTER SCIENCE SM SQL>-- 6)Create view for students to only be able to update their own address SQL> connect anar Connected. SQL> create or replace view S_Student_Update_Address 2 as 3 select name, address 4 from student
  • 5. 5 where name=user; View created. SQL> grant select on S_Student_Update_Address 2 to student; Grant succeeded. SQL> SQL> grant update (address) on S_Student_Update_Address 2 to student; Grant succeeded. SQL> connect baker Connected. SQL> select * from anar.S_Student_Update_Address; NAME ADDRESS ---------- -----------BAKER 2 IOWA SQL> update anar.S_Student_Update_Address set address = '1 Party St.'; 1 row updated. SQL> select * from anar.S_Student_Update_Address; NAME ADDRESS ---------- -----------BAKER 1 Party St. SQL>-- 7)Revoke grants on Student and Faculty tables in Problem 2 above SQL>-- and create views for Student and faculty to see their own record SQL> connect anar Connected. SQL> revoke select on student from student; Revoke succeeded. SQL> revoke select on faculty from faculty; Revoke succeeded. SQL> spool end; SQL>create viewown_student_record 2 as 3 select * from student where name = user; View created. SQL> grant select on own_student_record to student; Grant succeeded.
  • 6. SQL> connect able Connected. SQL> select * from anar.own_student_record; STUDENTID NAME MAJOR ST ADDRESS GPA ---------- ---------- ---------------- -- ------------ ---------100 ABLE HISTORY SR 668 CS. 3 SQL> connect baker Connected. SQL> select * from anar.own_student_record; STUDENTID NAME MAJOR ST ADDRESS GPA ---------- ---------- ---------------- -- ------------ ---------200 BAKER ACCOUNTING JR 2 IOWA 2.7 SQL> connect anar Connected. SQL>create viewown_faculty_record 2 as 3 select * from faculty where name = user; View created. SQL> grant select on own_faculty_record 2 to faculty; Grant succeeded. SQL> connect test Connected. SQL> select * from anar.own_faculty_record; FACULTYID NAME DE ADDRESS RANK ---------- ---------- -- ------------ ---------980 TEST IM 11 MAIN DEAN SQL> connect seaver Connected. SQL> select * from anar.own_faculty_record; FACULTYID NAME DE ADDRESS RANK ---------- ---------- -- ------------ ---------5430 SEAVER IS 12 SOUTH PROFESSOR SQL> spool end SQL> -- 8) Create a view "Update_Faculty_Address" SQL> connect anar Connected. SQL> create view Update_Faculty_Address 2 as 3 select name, address 4 from faculty
  • 7. 5 where name=user; View created. SQL> grant update (address) on Update_Faculty_Address 2 to faculty; Grant succeeded. SQL> grant select on Update_Faculty_Address 2 to faculty; Grant succeeded. SQL> connect test Connected. SQL> select * from anar.Update_Faculty_Address; NAME ADDRESS ---------- -----------TEST 11 MAIN SQL> update anar.Update_Faculty_Address set address = '10 Chastain'; 1 row updated. SQL> select * from anar.Update_Faculty_Address; NAME ADDRESS ---------- -----------TEST 10 Chastain SQL>spool end SQL> -- 9) Create a view for students to view their Student, Offering and Enrollment SQL> CREATE VIEW student_offering_enrollment 2 as 3 SELECT s.name, e.offeringnum, o.coursenum, o.facultyid, o.term,o.time from student s, offering o, enrollment e 4 WHERE s.studentid = e.studentid and e.offeringnum=o.offeringnum 5 and s.name = USER; View created. SQL> GRANT SELECT ON student_offering_enrollment TO STUDENT; Grant succeeded. SQL> connect able Connected. SQL> SELECT * FROM anar.student_offering_enrollment; NAME OFFERINGNUM COURS FACULTYID TERM TIME ---------- ----------- ----- ---------- ------ ----ABLE 1111 IS320 5430 FALL 10 AM
  • 8. SQL> connect baker Connected. SQL> SQL> SELECT * FROM anar.student_offering_enrollment; no rows selected -- Note that baker is not registered for any courses SQL> connect elliot Connected. SQL> SQL> SELECT * FROM anar.student_offering_enrollment; NAME OFFERINGNUM COURS FACULTYID TERM TIME ---------- ----------- ----- ---------- ------ ----ELLIOT 1233 IS320 980 FALL 11 AM SQL> -- 10) Create view for Juniors and seniors to change majors SQL> -- login as user with DBA privileges SQL> connect anar Connected. SQL> create view changeMajors 2 as 3 select name, major 4 from student where name=user; View created. SQL> grant select on changeMajors 2 to student; Grant succeeded. SQL> grant update (major) on changeMajors 2 to student; Grant succeeded. SQL> create or replace view changeMajors 2 as 3 select name, major 4 from student 5 where name=user and (status = 'JR' or status = 'SR'); View created. SQL> connect able Connected. SQL> select * from anar.changeMajors; NAME MAJOR ---------- ---------------ABLE HISTORY SQL> update anar.changeMajors set major = 'G.I.S.';
  • 9. 1 row updated. -- Drake is a freshmen, will not be able to change his/her major SQL> connect drake Connected. SQL> update anar.changeMajors set major = 'G.I.S.'; 0 rows updated. SQL> spool end