| |
 |
|
Oracle Tips by Burleson |
Chapter 2 Introduction
to Oracle Security
perspective, this is analogous to allowing users
to select all the tables except a few. This is the most rudimentary
of the object privileges given in an Oracle database. Several types
of accesses, such as select, insert, update, delete, etc. require
different types of privileges, and the users are given these
privileges selectively, depending on what they need to perform in a
specific job. For instance, in the museum case, John and Jeff are
mere visitors, so they are not given viewing privileges for the
diamond, but the person in charge of preparing the exhibit for the
floor, typically the assistant curator, needs access to the room and
to the diamond. Therefore, she has been given authority to get
inside the room, but not take it out of its mount; in other words,
she has only the select privileges on the object, not update, delete
privileges, etc.
In Oracle, objects such as tables can be read (SELECTed),
DELTEd, UPDATEd, or new rows can be INSERTed. All these privileges
can be individually controlled. For instance, the owner of the
CLAIMS table granted permission to user JUDY to select and delete
from it, insert into it, or update data in it. These privileges can
be specified by
GRANT SELECT,
INSERT, UPDATE, DELETE on CLAIMS to JUDY;
However, the user NATHAN has been granted only
SELECT privileges, not anything else. That would be enabled by
GRANT SELECT
ON CLAIMS to NATHAN;
The above text is
an excerpt from:
Oracle Privacy Security Auditing
The
Final Word on Oracle Security
This is the only authoritative
book on Oracle Security, Oracle Privacy, and Oracle Auditing written
by two of the world’s leading Oracle Security experts.
This indispensable book is only $39.95 and has an
immediate download of working security scripts:
http://rampant-books.com/book_2003_2_audit.htm |
