Database security specifications control user database access and place limits on user
capabilities through the use of username/password pairs. Such specifications may
limit the allocation of resources (disk and CPU) to users and mandate the auditing of
users. Database security at the database level also provides control of the access to
and use of specific schema objects in the database.
Usernames, Privileges, Groups, and Roles
The DBA or database security administrator creates usernames that can be used to
connect to the database. Two user accounts are automatically created as part of the
installation process and are assigned the DBA role: SYS and SYSTEM. (The DBA role
is described in a later section.)
Each database username has a password associated with it that prevents unauthorized
access. A new or changed password should:
??? Contain at least eight characters
??? Contain at least one number and one character
??? Not be the username reversed
??? Differ from the username or use name with 1 through 100 appended
??? Not match any word on an internal list of simple words
??? Differ from the previous password (if there is one) by at least three characters
Oracle can check for these characteristics each time a password is created or modified
as part of enforced security policies.
Pages:
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317