Scribd Logo
Upload

Welcome to Scribd!

  • 7 views

    Exp - 1 (Database Security)

    Uploaded by

    adityasrivastav2231
    1. Three database roles were created - IST469User, IST469Developer, and IST469DBA. 2. The IST469User role allows connection and data access within the IST469 tablespace. 3. The IST469Developer role allows connection, data access within IST469, and creation/alteration of database objects within the IST469 schema. 4. The IST469DBA role allows system administration functions and use of Oracle Enterprise Manager, but no other privileges like data access or object creation.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    Exp - 1 (Database Security)

    Uploaded by

    adityasrivastav2231
    7 views6 pages
    1. Three database roles were created - IST469User, IST469Developer, and IST469DBA. 2. The IST469User role allows connection and data access within the IST469 tablespace. 3. The IST469Developer role allows connection, data access within IST469, and creation/alteration of database objects within the IST469 schema. 4. The IST469DBA role allows system administration functions and use of Oracle Enterprise Manager, but no other privileges like data access or object creation.

    Original Description:

    Experiments on Database Security

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    1. Three database roles were created - IST469User, IST469Developer, and IST469DBA. 2. The IST469User role allows connection and data access within the IST469 tablespace. 3. The IST469Developer role allows connection, data access within IST469, and creation/alteration of database objects within the IST469 schema. 4. The IST469DBA role allows system administration functions and use of Oracle Enterprise Manager, but no other privileges like data access or object creation.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    7 views6 pages

    Exp - 1 (Database Security)

    Uploaded by

    adityasrivastav2231
    1. Three database roles were created - IST469User, IST469Developer, and IST469DBA. 2. The IST469User role allows connection and data access within the IST469 tablespace. 3. The IST469Developer role allows connection, data access within IST469, and creation/alteration of database objects within the IST469 schema. 4. The IST469DBA role allows system administration functions and use of Oracle Enterprise Manager, but no other privileges like data access or object creation.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    of 6

    20MEI10022 - Aditya Srivastav

    Exp No:
    1 Database Access Control
    (Date)

    Aim/Title: Database Access Control

    Objective:

    1. Make anIST469User Role

    2. Make anIST469Developer Role

    3. Make a IST469DBA Roles

    Introduction:
    A Database Administrator (DBA) is a professional responsible for managing, organizing,
    and maintaining databases within an organization. Their primary role involves ensuring
    that data is securely stored, easily accessible, and efficiently managed. DBAs handle tasks
    such as database design, implementation, performance tuning, security, backups, and
    troubleshooting issues that may arise within the database system. They work with
    database management systems (DBMS) like MySQL, Oracle, SQL Server, PostgreSQL, and
    others, ensuring data integrity, security, and optimal performance while adhering to best
    practices and industry standards. DBAs play a critical role in enabling businesses to
    effectively store, retrieve, and utilize their data for various applications and operations.

    Program Code/Output and Results:

    A. Make anIST469User Role


    a. This role can connect to the database
    b. This role can select, insert, update, and delete data in the IST469 tablespace.
    c. This tablespace is IST469
    d. This user has a 5 MB quota on IST469 tablespace.
    e. This user is a member of the IST469User role.

    Step-1> Connect as a privileged user:


    First, make sure you are connected to your database as a user with administrative privileges,
    such as a DBA account.

    Step-2> Create the Role:


    20MEI10022 - Aditya Srivastav

    Step-3> Grant the necessary privileges to the role:

    You mentioned that this role should be able to connect to the database, select, insert,
    update, and delete data in the IST469 tablespace. You can grant these privileges as
    follows:

    a. Grant connection privilege:

    b. Grant data manipulation privileges:

    Step-4> Set the default tablespace:

    To set the default tablespace for the user, you can use the DEFAULT TABLESPACE
    clause:

    Step-5> Set the tablespace quota:

    To set the user's quota on the IST469 tablespace to 5 MB, you can use the QUOTA clause:
    20MEI10022 - Aditya Srivastav

    Step-6> Make the user a member of the IST469User role:

    To make the user a member of the IST469User role, you can use the GRANT statement:

    Replace the_username with the actual username you want to assign to this role. Commit

    your changes:

    Step-7> Commit changes to save them to the database:

    B. Make anIST469Developer Role

    f. This role can connect to the database

    g. This role can create, alter, and drop tables, sequences and views for the IST469
    Schema.

    h. This role can select, insert, update, and delete data in the IST469
    tablespace.

    Step-1> Connect as a privileged user:

    Make sure you are connected to your database as a user with administrative privileges, such
    as a DBA account.

    Step-2> Create the Role:


    20MEI10022 - Aditya Srivastav

    Step-3> Grant the necessary privileges to the role:

    a. Grant connection privilege:

    b. Grant the privilege to create, alter, and drop tables, sequences, and views in
    the IST469 schema:

    GRANT CREATE TABLE, CREATE SEQUENCE, CREATE VIEW, ALTER ANY TABLE, ALTER
    ANY SEQUENCE, ALTER ANY VIEW, DROP ANY

    c. Grant data manipulation privileges on the IST469 tablespace:

    d. Commit

    C. Make a IST469DBA Roles


    This user can perform all system dba functions including database startup and
    shutdown
    i. This use can create and maintain tablespaces, roles, profiles, users and
    schemas.
    j. This user can use OEM
    k. This user has no other privileges. They cannot create and maintain any other
    database objects, such as tables, views, procedures, etc. They can also not add,
    read or change data from the tables.
    20MEI10022 - Aditya Srivastav

    Step-1> Connect as a privileged user:


    Make sure you are connected to your database as a user with administrative privileges,
    such as a DBA account.

    Step-2> Create the Role:

    Step-3> Grant the necessary privileges to the role:

    i.Grant system DBA functions, including the ability to start and shutdown the database:
    j. Grant the privilege to use Oracle Enterprise Manager (OEM):

    GRANT EM_EXPRESS_BASIC, EM_EXPRESS_ALL,


    EM_DATAPUMP_EXP_FULL_DATABASE TO IST469DBA;

    Step-4> Revoke other privileges:

    To ensure that the user has no other privileges, you can explicitly revoke any unnecessary
    privileges. To prevent the user from creating and maintaining other database objects and
    from adding, reading, or changing data in tables, you can revoke commonly granted
    privileges:

    REVOKE CREATE TABLE, CREATE VIEW, CREATE PROCEDURE, CREATE


    TRIGGER, CREATE FUNCTION, CREATE TYPE, CREATE SEQUENCE FROM
    IST469DBA;

    REVOKE SELECT, INSERT, UPDATE, DELETE ON schema_name.* FROM IST469DBA;


    20MEI10022 - Aditya Srivastav

    Step-5> Commit changes:

    Conclusion:

    functions, use OEM, and revoked other privileges to restrict the ability to create and maintain
    database objects and perform data manipulation operations.

    You might also like