Security Roles   «Prev  Next»

Lesson 12

Simplify Security using Roles Conclusion

Roles are a powerful feature of the Oracle database that make implementing security schemes much easier. In this module, you learned to:
  1. Define a role
  2. Create a role
  3. Grant privileges to a role and a role to a user
  4. Grant default and non-default roles
  5. Create password-protected roles
  6. Allow users to administer a role
  7. Examine why roles don’t affect stored code
  8. List privileges granted to a role
  9. List roles granted to a user
  10. Drop a role from the database
Through the use of roles, and a good security scheme design, you can properly limit access to database objects and system privileges.

Glossary

In this module, you learned the following glossary terms:
  1. Early-Bound: When a value is resolved at compile time, it is called early-bound.
  2. Late-Bound','When a value is resolved at runtime, it is called late-bound.
  3. 'Role: A collection of privileges that can be assigned together.

Database Security Features

Oracle includes basic security for managing user access through roles and privileges. These can be managed through Enterprise Manager
  1. on a local basis or
  2. on a global basis
by leveraging Oracle's enterprise user security, a feature in the Advanced Security Option.
Database security features allow you to implement a Virtual Private Database (VPD) using Oracle by creating and attaching policies to database tables, views, or synonyms. These policies are then enforced by placing a predicate WHERE clause on SELECT, INSERT, UPDATE, DELETE, and/or INDEX statements.
New in Oracle Database 12c, you can redact or mask data queried by users or applications, taking into account assigned privileges. Full data redaction, partial data redaction, or random data redaction of specified columns in tables or views is supported.
Many organizations face the need to meet more stringent compliance requirements for improved data protection, although database usage now can extend beyond organizational boundaries. Oracle has added several options to the database to enable secure deployment in such challenging environments. These options include the
  1. Advanced Security Option,
  2. Label Security Option,
  3. Database Vault Option,
  4. Audit Vault and
  5. Database Firewall Option.

Role Information Deletion - Quiz

Click the Quiz link below to answer a few questions about role information and deletion.
Role Information Deletion - Quiz
The next module is about creating and managing stored code.