Advanced Databases DBA: Security and Backups Guide to Oracle 10g 1.
19
Advanced Databases DBA: Security and Backups Guide to Oracle 10g 1
-
Upload
brent-nash -
Category
Documents
-
view
213 -
download
1
Transcript of Advanced Databases DBA: Security and Backups Guide to Oracle 10g 1.
Advanced Databases
Guide to Oracle 10g
1
DBA: Security and Backups
Advanced Databases 2
Agenda
• Understand the need for security.• Learn about System Permissions
and Object permissions.• Understand the purpose of Roles.• Explore Security-focused SQL.• Explain backup and restore options.
Advanced Databases
Guide to Oracle 10g
3
Data Admin –vs- DB Admin
Data Administration
• Owns the DATA• High-level function• Policy & Procedure
Planning• DBMS independent• Strategic• Maps out Security
Plans
Database Administration
• Owns the Database• Technical function• Policy &Procedure
Enforcement• DBMS dependent• Tactical• Carries out Security
Plans
Advanced Databases
Guide to Oracle 10g
4
Data Admin Matrix
• Data Security documentation tool.• Crafted by DA, Carried out by DBA.
Role Object(s) Permissions
OrderEntry
OrdersOrder Items
Insert, Read
Credit Approval
Customers Update
Advanced Databases 5
Security Explained
UserSystemPrivilege
RoleObject
Advanced Databases 6
Specifying System Privileges
• System privilege– Right to perform a specific action– DBA grants system privileges to users or roles– Use System Privileges page in Create User
page
• Object privilege– Associated permissions of an object– DBA or users grant to users or roles
• Admin Option- gives user permissions to grant rights.
Advanced Databases 7
System Privileges Reference
http://docs.oracle.com/cd/B28359_01/server.111/b28286/statements_9013.htm#sthref8513
Advanced Databases
Guide to Oracle 10g
8
System Privileges Example
• Shots of sample SQL statements for privileges
Advanced Databases
Guide to Oracle 10g
9
Roles
• Special database object • Represents collection of system
privileges • Can be assign to multiple users• Create role– Can inherit privileges from other roles
• Simpler than assigning system privileges to each user.
Advanced Databases
Guide to Oracle 10g
10
Role Examples
• Shots of sample SQL statements for Roles
Advanced Databases
Guide to Oracle 10g
11
Advanced Databases
Guide to Oracle 10g
12
TODO
Advanced Databases
Guide to Oracle 10g
13
Database Backup and Recovery
• Important database administration support tasks include:– Backup• Offline/cold• Online/hot
– Recovery
Advanced Databases 14
Creating Offline (Cold) Backups
• Shut down database instance• Copy specific database files to
alternate disk location– Parameter file– Control files– Datafiles– Not redo logs
• Restart database instance
Advanced Databases
Guide to Oracle 10g
15
Creating Online (Hot) Backups
• Create hot backup– Place database instance in ARCHIVELOG
mode– Back up control file– Back up datafiles– Instruct database to write current
contents of redo log files to archive files• Create backup copies of archive log files
Advanced Databases 16
Database Recovery
• Process of restoring database from either cold or hot backup files
• Necessary after database failure• Cold backup recovery:– Shut down database– Restore backed up control file and
datafiles to database server– Restart database
Advanced Databases
Guide to Oracle 10g
17
Database Recovery (continued)
• Hot backup recovery:– Recover database to point at which last
hot backup created– Use control trace file to generate new
copy of control file– Restore backup copies of datafiles– Perform media recovery
Advanced Databases 18
Backup Strategies
• Cold backups– Simplest to perform– Satisfactory for databases whose:
• Contents do not change very much • Users can tolerate downtime while DBA creates
cold backup files
• Hot backups – Complex to perform– Better suited for dynamic, mission-critical
databases
Advanced Databases 19
Questions
