Security Roles   «Prev  Next»
Lesson 1

Using roles to simplify Security

In the previous module, you learned the basics of assigning object privileges. You may think that assigning privileges for many users takes a lot of SQL commands, and that changing your security scheme is a maintenance nightmare. In this module, you will learn how to use roles to make assigning and maintaining object privileges much easier. By the end of this module, you will know how to:
  1. Define a role
  2. Create a role
  3. Grant privileges to a role and a role to a user
  4. Grant default and non-default roles
  5. Create password-protected roles
  6. Allow users to administer a role
  7. Examine why roles don’t affect stored code
  8. List privileges granted to a role
  9. List roles granted to a user
  10. Drop a role from the database

Oracle Database Cloud

Data is the new currency

Organizations worldwide are experiencing the impact of data breaches at an unprecedented rate. It seems like every day brings a news story about a service provider losing subscribers’ personal information, an employer losing employee HR records, or a government contractor losing sensitive intellectual property. Data is the new currency, and bad actors are often able to leverage stolen data for financial or political advantage for years after a breach has occurred.
And where do organizations keep their sensitive data? At the end of the day, this data is stored and managed in databases. At one point, perimeter security solutions such as network firewalls were considered sufficient for protecting internal systems and repositories such as databases from data theft.
However, the threat environment for organizations has changed considerably in recent years. Tools vary widely depending upon the attackers, from exploiting unpatched systems to very advanced methods where hackers penetrate a network, search for vulnerabilities, and then covertly exfiltrate data from servers. These attacks can go undetected for weeks, months, or even years.
The need to protect data has never been greater. In addition to the monetary and reputational losses arising from data breaches, organizations today operate in an increasingly stringent and fast-evolving regulatory landscape. The United States alone has more than 20 national privacy and data security laws, with additional laws enacted at the state level. The European Union (EU) has harmonized data privacy laws across multiple member states with the General Data Protection Regulation (EU GDPR).