SlideShare ist ein Scribd-Unternehmen logo

Database 12c

‱
‱
Zoran Pavlovic
Zoran Pavlovic

This document discusses new architecture and security features in Oracle Database 12c. It introduces container databases (CDBs) which allow for multiple pluggable databases (PDBs). It describes how common and local users, privileges, roles, and data dictionaries are implemented and managed across CDBs and PDBs. It also covers new PL/SQL privilege checking, code-based access control, unplugging and plugging PDBs into different CDBs, cloning PDBs, and upgrading databases to 12c.

Technologie
1 von 62
parallel Architecture Changes and New Security Features in Oracle Database 12c Zoran Pavlović, Security Team Lead, Parallel Maja Veselica, Security Consultant, Parallel
parallel About the Authors Zoran Pavlović, Security Team Lead Zoran Pavlovic works for Parallel as a security team leader. He has worked as an external instructor for Oracle University across EMEA region. As an active member of the Oracle community and a long-time database security enthusiast, Zoran frequently delivers technical presentations and demonstrations about Oracle technologies in Serbia, Croatia, Bulgaria, and online across the Globe. He is an Oracle Certified Professional, Oracle Certified Expert and Oracle Certified Specialist for Database, Security and Java. When Zoran is not helping customers solve various problems in Oracle Database, he enjoys learning more about how Oracle Database works and (beta) testing Oracle products Twitter: @orclarchitect
parallel About the Authors Maja Veselica, Security Consultant Maja Veselica, MSc in Software Engineering, works for Parallel d.o.o. Belgrade, as Security Consultant and Education Manager. She is an instructor for numerous Oracle courses and a regular speaker at Oracle User Group conferences (SrOUG, HrOUG, BGOUG). She possesses several Oracle certificates, such as: Oracle Certified Professional, Oracle Certified Expert and Oracle Certified Specialist for Database, Security and Java. When Maja is not helping customers solve various challenges using Oracle technologies, she enjoys (beta) testing Oracle products. Twitter: @orapassion
parallel Container and Pluggable Databases
parallel Share-nothing databases Instance1 NonCDB1 Instance2 SGA SGA User data Obj$ Tab$ Source$ NonCDB1 User data Obj$ Tab$ Source$
parallel User data Data Dictionary Separation Obj$ Tab$ Source$ Obj$ Tab$ Source$ System Dictionary User Dictionary
parallel User data Data Dictionary Separation Obj$ Tab$ Source$ Obj$ Tab$ Source$
parallel User data CDB root PDB Data Dictionary Separation Obj$ Tab$ Source$ Obj$ Tab$ Source$
parallel CDB New Multi-Tenant Architecture root PDB1 PDB2 Instance SGA seed System objects User-created objects Dblink
parallel Create Database as Container
parallel Create PDB from Seed $ sqlplus / as sysdba SQL*Plus: Release 12.1.0.1.0 Production on Fri May 04 19:45:12 2013 Copyright (c) 1982, 2012, Oracle. All rights reserved. Connected to: Oracle Database 12c Enterprise Edition Release 12.1.0.1.0 - 64bit Production With the Partitioning, OLAP, Data Mining, Real Application Testing and Unified Auditing options SQL> CREATE PLUGGABLE DATABASE pdb1 ADMIN USER pdb1_admin 2 IDENTIFIED BY oracle_4U ROLES=(CONNECT) 3 FILE_NAME_CONVERT=('/u01/app/oracle/oradata/cdb1/pdbseed' 4 ,'/u01/app/oracle/oradata/cdb1/pdb1'); Pluggable database created. cdb1 root pdb1seed Clone
parallel Unplug PDB from CDB SQL> ALTER PLUGGABLE DATABASE pdb1 UNPLUG INTO ’pdb1.xml’; cdb1 root seed pdb1Unplug pdb1.xml SQL> DROP PLUGGABLE DATABASE pdb1 KEEP DATAFILES; pdb1 SQL> ALTER PLUGGABLE DATABASE pdb1 OPEN READ ONLY;
parallel Plug Unplugged PDB in CDB cdb2 root seed pdb1.xml pdb1 pdb1Plug-In SQL> DBMS_PDB.CHECK_PLUG_COMPATIBILITY(pdb_descr_file => ‘/stage/pdb1.xml’, store_report => TRUE); SQL> CREATE PLUGGABLE DATABASE pdb1 USING '/stage/pdb1.xml' NOCOPY; SQL> ALTER PLUGGABLE DATABASE pdb1 OPEN READ WRITE;
parallel Upgrading 12c Database Oracle 12.2 root seed pdb1.xml pdb1 pdb1Plug-In Oracle 12.1 root seed pdb1Unplug pdb1.xml pdb1
parallel Cloning PDBs inside CDB SQL> ALTER PLUGGABLE DATABASE pdb1 CLOSE; Pluggable database altered. SQL> ALTER PLUGGABLE DATABASE pdb1 OPEN READ ONLY; Pluggable database altered. SQL> ALTER SYSTEM SET db_create_file_dest = '/u01/app/oracle/oradata/cdb1/pdb2'; System altered. SQL> CREATE PLUGGABLE DATABASE pdb2 FROM pdb1; Pluggable database created. SQL> ALTER PLUGGABLE DATABASE pdb2 OPEN; Pluggable database altered. cdb1 root pdb1seed Clone pdb2
parallel Plug NonCDB in CDB SQL> EXEC DBMS_PDB.DESCRIBE ('/stage/noncdb/noncdb.xml’); cdb1 root seed noncdbPlug-In noncdb.xml SQL> CREATE PLUGGABLE DATABASE pdb3 USING '/stage/noncdb.xml' NOCOPY; SQL> @$ORACLE_HOME/rdbms/admin/noncdb_to_pdb.sql pdb3
parallel Common and Local Users, Privileges and Roles
parallel CDB root pdb1 Common and Local Users pdb2 c##zoransys loc_usr1 loc_usr2 c##zoran sys c##zoran sys Common users are users created in root container, that have same identity across all containers. Local users are users that are created and exist in only one PDB. They can’t be created in root.
parallel cdb1 root pdb1 Common and Local Users c##zoransys mgrc##zoran sys SQL> CONNECT / AS SYSDBA Connected. SQL> CREATE USER c##zoran IDENTIFIED BY oracle1 CONTAINER = ALL; User created. SQL> CONNECT c##zoran/oracle1@pdb1 Connected. SQL> CREATE USER mgr IDENTIFIED BY oracle1 CONTAINER = CURRENT; User created. loc_usr1 Common user created by common user: Local user created by common user: SQL> CONNECT mgr/oracle1@pdb1 Connected. SQL> CREATE USER loc_usr1 IDENTIFIED BY password; User created. Local user created by local user:
parallel CDB root pdb1 Common and Local Privileges pdb2 c##zoran loc_usr1c##zoran Common privileges are privileges, that when granted can be exercised across all containers. Local privileges are privileges, that when granted can be exercised in context of a single PDB. loc_usr2c##zoran
parallel cdb1 Common and Local Privileges SQL> CONNECT / AS SYSDBA Connected. SQL> GRANT SELECT ANY TABLE TO c##zoran CONTAINER = ALL; Grant succeeded. SQL> CONNECT sys/oracle1@pdb1 AS SYSDBA Connected. SQL> GRANT UPDATE ANY TABLE TO c##zoran CONTAINER = CURRENT; Grant succeeded. Common privilege granted by common user to common user: Local privilege granted by common user to common user: SQL> CONNECT mgr/oracle1@pdb1 Connected. SQL> GRANT UPDATE ANY TABLE TO loc_usr1; Grant succeeded. Local privilege granted by local user to local user: root pdb1 c##zoran loc_usr1c##zoran
parallel Common and Local Roles Local roles are roles created in PDB that exist in only one container. These roles can be granted only locally to either common or local users or roles. Common roles are roles created in root container, that exist in all containers. These roles can have different set of privileges in different containers, and can be granted to either common or local users or roles. CDB root pdb1 pdb2 c##role1 c##role1 loc_role1 c##role1 loc_role2
parallel cdb1 Adding Privs to Common and Local Roles SQL> CREATE ROLE c##role1 CONTAINER = ALL; Role created. SQL> GRANT SELECT ANY TABLE TO c##role1 CONTAINER = ALL; Grant succeeded. SQL> GRANT CREATE TABLE TO c##role1; SQL> CREATE ROLE loc_role1 CONTAINER = CURRENT; Role created. SQL> GRANT UPDATE ANY TABLE TO loc_role1; Grant succeeded. SQL> GRANT ALTER USER TO c##role1; Grant succeeded. SQL> GRANT loc_role1 TO c##role1 CONTAINER = CURRENT; Grant succeeded. SQL> GRANT c##role1 TO loc_role2 CONTAINER = CURRENT; Grant succeeded. root pdb1 in root container: in pdb1 container:
parallel cdb1 Granting Common and Local Roles SQL> GRANT c##role1 to c##zoran CONTAINER = ALL; Grant succeeded. SQL> GRANT c##role2 to c##zoran CONTAINER = CURRENT; Grant succeeded. SQL> GRANT c##role2 to c##zoran CONTAINER = CURRENT; Grant succeeded. SQL> GRANT loc_role to c##zoran CONTAINER = CURRENT; Grant succeeded. SQL> GRANT c##role2 to loc_usr1 CONTAINER = CURRENT; Grant succeeded. GRANT loc_role to loc_usr1 CONTAINER = CURRENT; Grant succeeded. root pdb1
parallel SQL> connect / as sysdba Connected. SQL> create user c##zoran identified by oracle1 container=all; User created. SQL> grant create session, drop any synonym to c##zoran container=all; Grant succeeded. SQL> connect sys/oracle1@pdb1 as sysdba Connected. SQL> grant drop any table to c##zoran container=current; Grant succeeded. SQL> connect c##zoran/oracle1@pdb1 Connected. SQL> drop synonym customers_syn; Synonym dropped. SQL> drop table gldb.customers; Table dropped. SQL> connect c##zoran/oracle1@pdb2 Connected. SQL> drop synonym test_syn; Synonym dropped. SQL> drop table test.a; drop table test.a * ERROR at line 1: ORA-00942: table or view does not exist
parallel Inherit Privileges
parallel SQL> connect zoran/oracle1 Connected. SQL> create user maja identified by oracle1; User created. SQL> grant create session, create procedure to maja; Grant succeeded. SQL> connect maja/oracle1; Connected. SQL> select * from session_roles; No rows selected. SQL> create or replace procedure evil_proc 3 authid current_user 4 as 5 pragma autonomous_transaction; 6 begin 9 execute immediate 'grant dba to maja’; 10 end; 11 / Procedure created. SQL> grant execute on evil_proc to zoran; Grant succeeded. SQL> connect zoran/oracle1 Connected. SQL> exec maja.evil_proc;
parallel SQL> exec maja.evil_proc; PL/SQL procedure successfully completed. SQL> connect maja/oracle1 Connected. SQL> select * from session_roles; ROLE ------------------------------ DBA SELECT_CATALOG_ROLE EXECUTE_CATALOG_ROLE ... XDB_SET_INVOKER OLAP_DBA OLAP_XS_ADMIN 19 rows selected. Inherit Privileges
parallel SQL> connect c##zoran/oracle1@pdb1 Connected. SQL> create user maja identified by oracle1 container=current; User created. SQL> grant create session, create procedure to maja container=current; Grant succeeded. SQL> connect maja/oracle1@pdb1; Connected. SQL> select * from session_roles; No rows selected. SQL> create or replace procedure evil_proc 3 authid current_user 4 as 5 pragma autonomous_transaction; 6 begin 9 execute immediate 'grant dba to maja’; 10 end; 11 / Procedure created. SQL> grant execute on evil_proc to c##zoran; Grant succeeded. SQL> connect c##zoran/oracle1@pdb1 Connected. SQL> exec maja.evil_proc;
parallel SQL> exec maja.evil_proc; ERROR at line 1: ORA-06598: insufficient INHERIT PRIVILEGES privilege ORA-06512: at ”MAJA.EVIL_PROC", line 1 ORA-06512: at line 1 SQL> grant inherit privileges on user c##zoran to maja; Grant succeeded. SQL> exec maja.evil_proc; PL/SQL procedure successfully completed. SQL> connect maja/oracle1 Connected. SQL> select * from session_roles; ROLE ------------------------------ DBA SELECT_CATALOG_ROLE ... 19 rows selected. Inherit Privileges
parallel New PL/SQL Privilege Checking SQL> create or replace procedure evil_proc 2 authid current_user 3 as 4 pragma autonomous_transaction; 5 begin 6 execute immediate 'grant dba to maja’; 7 end; 8 / maja c##zoran
parallel New PL/SQL Privilege Checking SQL> create or replace procedure evil_proc 2 authid current_user 3 as 4 pragma autonomous_transaction; 5 begin 6 execute immediate 'grant dba to maja’; 7 end; 8 / maja c##zoran SQL> GRANT EXECUTE ON MAJA.EVIL_PROC TO c##zoran;
parallel New PL/SQL Privilege Checking SQL> create or replace procedure evil_proc 2 authid current_user 3 as 4 pragma autonomous_transaction; 5 begin 6 execute immediate 'grant dba to maja’; 7 end; 8 / maja c##zoran EXECUTE
parallel New PL/SQL Privilege Checking EXECUTE ERROR at line 1: ORA-06598: insufficient INHERIT PRIVILEGES privilege ORA-06512: at ”maja.evil_proc", line 1 ORA-06512: at line 1 maja c##zoran SQL> create or replace procedure evil_proc 2 authid current_user 3 as 4 pragma autonomous_transaction; 5 begin 6 execute immediate 'grant dba to maja’; 7 end; 8 /
parallel New PL/SQL Privilege Checking SQL> GRANT INHERIT PRIVILEGES ON USER c##zoran TO maja; maja c##zoran SQL> create or replace procedure evil_proc 2 authid current_user 3 as 4 pragma autonomous_transaction; 5 begin 6 execute immediate 'grant dba to maja’; 7 end; 8 /
parallel New PL/SQL Privilege Checking EXECUTE maja SQL> create or replace procedure evil_proc 2 authid current_user 3 as 4 pragma autonomous_transaction; 5 begin 6 execute immediate 'grant dba to maja’; 7 end; 8 / c##zoran
parallel Code Based Access Control
parallel SQL> connect zoran/oracle1 Connected. SQL> create user mike identified by oracle1; User created. SQL> create role proc_role; Role created. SQL> grant create session, create procedure, create table to proc_role; Grant succeeded. SQL> grant proc_role to mike; Grant succeeded. SQL> connect mike/oracle1 Connected. SQL> create or replace procedure c_table 2 as 3 begin 4 execute immediate ‘create table test(a int)’; 5 end; 6 / Procedure created. SQL> exec c_table; Code Based Access Control
parallel SQL> exec c_table; BEGIN c_table; END; * ERROR at line 1: ORA-01031: insufficient privileges ORA-06512: at ”MIKE.C_TABLE", line 4 ORA-06512: at line 1 Code Based Access Control
parallel SQL> connect c##zoran/oracle1@pdb1 Connected. SQL> create user mike identified by oracle1 container=current; User created. SQL> create role proc_role container=current; Role created. SQL> grant create session, create procedure, create table to proc_role; Grant succeeded. SQL> grant proc_role to mike; Grant succeeded. SQL> connect mike/oracle1@pdb1 Connected. SQL> create or replace procedure c_table 2 as 3 begin 4 execute immediate ‘create table test(a int)’; 5 end; 6 / Procedure created. SQL> exec c_table; Code Based Access Control
parallel SQL> exec c_table; BEGIN c_table; END; * ERROR at line 1: ORA-01031: insufficient privileges ORA-06512: at ”MIKE.C_TABLE", line 4 ORA-06512: at line 1 SQL> grant proc_role to procedure c_table; Grant succeeded. SQL> exec c_table; PL/SQL procedure successfully completed. SQL> desc test Name Null? Type ----------------- -------- ------------ A NUMBER(38) Code Based Access Control
parallel SQL> connect c##zoran/oracle1@pdb1 Connected. SQL> create or replace procedure test 2 authid current_user 3 as 4 begin 5 execute immediate ‘create table tjohn(z int)’; 6 end; 7 / Procedure created. SQL> create user john identified by oracle1 container=current; User created. SQL> grant create session to john; Grant succeeded. SQL> create role test_role container=current; Role created. SQL> grant create table to test_role; Grant succeeded. SQL> grant test_role to procedure test; Grant succeeded. SQL> grant execute on test to john; Grant succeeded. Code Based Access Control
parallel SQL> connect john/oracle1@pdb1 Connected. SQL> exec c##zoran.test; PL/SQL procedure successfully completed. SQL> desc tjohn Name Null? Type ----------------- -------- ------------ Z NUMBER(38) Code Based Access Control
parallel Data Reduction
parallel Data Redaction - Full DBMS_REDACT.ADD_POLICY (object_schema => ‘GLDB’, object_name => ’CUSTOMERS’, policy_name => ’CCN_POLICY', column_name => ’CREDIT_CARD', function_type => DBMS_REDACT.FULL, expression => ‘7=7'); NAME CREDIT_CARD tom 3455647456589132 mike 3734982321225691 john 3472586894975806 CUSTOMERS NAME CREDIT_CARD tom 0 mike 0 john 0 SQL> SELECT * FROM CUSTOMERS;
parallel Data Redaction - Partial DBMS_REDACT.ADD_POLICY (object_schema => ‘GLDB’, object_name => ’CUSTOMERS’, policy_name => ’CCN_POLICY', column_name => ’CREDIT_CARD', function_type => DBMS_REDACT.PARTIAL, function_parameters => 'VVVVVVVVVVVVVVVV, VVVV-VVVV-VVVV-VVVV, #,1,12’ expression => ‘7=7'); NAME CREDIT_CARD tom 3455647456589132 mike 3734982321225691 john 3472586894975806 CUSTOMERS SQL> SELECT * FROM CUSTOMERS; NAME CREDIT_CARD tom ####-####-####-9132 mike ####-####-####-5691 john ####-####-####-5806
parallel Data Redaction - Exemptions DBMS_REDACT.ADD_POLICY (object_schema => ‘GLDB’, object_name => ’CUSTOMERS’, policy_name => ’CCN_POLICY', column_name => ’CREDIT_CARD', function_type => DBMS_REDACT.FULL, expression => ‘7=7'); NAME CREDIT_CARD tom 3455647456589132 mike 3734982321225691 john 3472586894975806 CUSTOMERS RMAN> BACKUP TABLESPACE gltbs; NAME CREDIT_CARD tom 3455647456589132 mike 3734982321225691 john 3472586894975806
parallel Data Redaction - Exemptions DBMS_REDACT.ADD_POLICY (object_schema => ‘GLDB’, object_name => ’CUSTOMERS’, policy_name => ’CCN_POLICY', column_name => ’CREDIT_CARD', function_type => DBMS_REDACT.FULL, expression => ‘7=7'); NAME CREDIT_CARD tom 3455647456589132 mike 3734982321225691 john 3472586894975806 CUSTOMERS NAME CREDIT_CARD tom 3455647456589132 mike 3734982321225691 john 3472586894975806 SQL> SELECT * FROM CUSTOMERS; User with EXEMPT REDUCTION POLICY
parallel SQL> connect c##zoran/oracle1@pdb1 Connected. SQL> BEGIN 2 DBMS_REDACT.ADD_POLICY (object_schema => ‘GLDB’, 3 object_name => ’CUSTOMERS’, 4 policy_name => ’CCN_POLICY', 5 column_name => ’CREDIT_CARD', 6 function_type => DBMS_REDACT.PARTIAL, 7 function_parameters => 'VVVVVVVVVVVVVVVV, VVVV-VVVV-VVVV-VVVV, #,1,12’ 8 expression => ‘7=7'); 9 END; 10 / PL/SQL procedure successfully completed. SQL> select * from gldb.customers; NAME CREDIT_CARD ---------------- -------------------- tom 3455647456589132 mike 3734982321225691 john 3472586894975806 SQL> grant select on gldb.customers to maja; Grant succeeded. Data Redaction - Example
parallel SQL> connect maja/oracle1@pdb1 Connected. SQL> select * from gldb.customers; NAME CREDIT_CARD ---------------- -------------------- tom ####-####-####-9132 mike ####-####-####-5691 john ####-####-####-5806 SQL> select * from gldb.customers where credit_card like ‘3472%’; NAME CREDIT_CARD ---------------- -------------------- john ####-####-####-5806 Data Redaction - Example
parallel None ‱ Reduction is NOT applied Full ‱ Columns are redacted to constant values depending on column data type Partial ‱ User- specified positions are replaced by a user- specified character Regular Expression ‱ Pattern for matching and replacing is defined and used for reduction Random ‱ Preserves data types ‱ Randomizes output Available Reduction Types
parallel New Administrative Privileges
parallel New Administrative Privileges PRIVILEGE USERNAME DUTIES SYSBACKUP SYSBACKUP Backup and recovery operations in RMAN and SQL. SYSDG SYSDG Managing Data Guard with Data Guard Broker. SYSKM SYSKM Managing keys for TDE. Password file format_12c
parallel New SYSBACKUP Privilege SQL> connect / as SYSBACKUP Connected. SQL> show user USER is "SYSBACKUP" SQL> select * from session_privs; PRIVILEGE ---------------------------------------- SYSBACKUP SELECT ANY TRANSACTION SELECT ANY DICTIONARY RESUMABLE CREATE ANY DIRECTORY ALTER DATABASE AUDIT ANY CREATE ANY CLUSTER CREATE ANY TABLE UNLIMITED TABLESPACE DROP TABLESPACE ALTER TABLESPACE ALTER SESSION ALTER SYSTEM 14 rows selected. SQL>
parallel New SYSBACKUP Privilege $ rman target ’”zoran/passwd@orcldb AS SYSBACKUP"’ Recovery Manager: Release 12.1.0.1.0 - Beta on Tue May 07 17:41:37 2013 Copyright (c) 1982, 2012, Oracle and/or its affiliates. All rights reserved. connected to target database: ORCLDB (DBID=1625181741) RMAN> select user from dual; using target database control file instead of recovery catalog USER ------------------------------ SYSBACKUP RMAN> SQL> connect / as SYSBACKUP Connected. SQL> SELECT TABLE_NAME FROM DBA_TABLES 2 WHERE OWNER = ‘GLDB’; TABLE_NAME ---------------------------------------- CUSTOMERS ORDERS SQL> SELECT * FROM GLDB.CUSTOMERS; SELECT * FROM GLDB.CUSTOMERS * ERROR at line 1: ORA-01031: insufficient privileges
parallel New SYSDG Privilege SQL> connect / as SYSDG Connected. SQL> show user USER is “SYSDG" SQL> select * from session_privs; PRIVILEGE --------------------------------------- - SYSDG ALTER SYSTEM ALTER SESSION ALTER DATABASE SELECT ANY DICTIONARY 5 rows selected. SQL>
parallel New SYSKM Privilege SQL> connect / as SYSKM Connected. SQL> show user USER is “SYSKM" SQL> select * from session_privs; PRIVILEGE ---------------------------------------- SYSKM ADMINISTER KEY MANAGEMENT 2 rows selected. SQL>
parallel Invisible Columns
parallel Invisible columns SQL> create table t(a int); Table created. SQL> desc t Name Null? Type ----------------- -------- ------------ A NUMBER(38) SQL> insert into t(a) values(1); 1 rows inserted. SQL> alter table add(b int invisible); Table altered. SQL> desc t Name Null? Type ----------------- -------- ------------ A NUMBER(38) SQL> select * from t; A ------------ 1
parallel SQL> insert into t(a,b) values(3,5); 1 rows inserted. SQL> select a,b from t; A B ------------ ------------- 1 3 5 SQL> alter table t modify(b visible); Table altered. SQL> desc t Name Null? Type ----------------- -------- ------------ A NUMBER(38) B NUMBER(38) Invisible columns
parallel SQL> select * from t; A B ------------ ------------- 1 3 5 Invisible columns
parallel Thank you!

Empfohlen

Supercharge your Code to get optimal Database Performance
Supercharge your Code to get optimal Database PerformanceSupercharge your Code to get optimal Database Performance
Supercharge your Code to get optimal Database Performance
gvenzl
 
How Oracle Single/Multitenant will change a DBA's life
How Oracle Single/Multitenant will change a DBA's lifeHow Oracle Single/Multitenant will change a DBA's life
How Oracle Single/Multitenant will change a DBA's life
Guatemala User Group
 
Best Features of Multitenant 12c
Best Features of Multitenant 12cBest Features of Multitenant 12c
Best Features of Multitenant 12c
Guatemala User Group
 
SQL in the Hybrid World
SQL in the Hybrid WorldSQL in the Hybrid World
SQL in the Hybrid World
Tanel Poder
 
New PLSQL in Oracle Database 12c
New PLSQL in Oracle Database 12cNew PLSQL in Oracle Database 12c
New PLSQL in Oracle Database 12c
Connor McDonald
 
Deploying Magento on OCI with MDS
Deploying Magento on OCI with MDSDeploying Magento on OCI with MDS
Deploying Magento on OCI with MDS
Frederic Descamps
 
Big data: current technology scope.
Big data: current technology scope.Big data: current technology scope.
Big data: current technology scope.
Roman Nikitchenko
 
Pi Day 2022 - from IoT to MySQL HeatWave Database Service
Pi Day 2022 - from IoT to MySQL HeatWave Database ServicePi Day 2022 - from IoT to MySQL HeatWave Database Service
Pi Day 2022 - from IoT to MySQL HeatWave Database Service
Frederic Descamps
 

Empfohlen

Supercharge your Code to get optimal Database Performance
Supercharge your Code to get optimal Database PerformanceSupercharge your Code to get optimal Database Performance
Supercharge your Code to get optimal Database Performance
gvenzl
 
How Oracle Single/Multitenant will change a DBA's life
How Oracle Single/Multitenant will change a DBA's lifeHow Oracle Single/Multitenant will change a DBA's life
How Oracle Single/Multitenant will change a DBA's life
Guatemala User Group
 
Best Features of Multitenant 12c
Best Features of Multitenant 12cBest Features of Multitenant 12c
Best Features of Multitenant 12c
Guatemala User Group
 
SQL in the Hybrid World
SQL in the Hybrid WorldSQL in the Hybrid World
SQL in the Hybrid World
Tanel Poder
 
New PLSQL in Oracle Database 12c
New PLSQL in Oracle Database 12cNew PLSQL in Oracle Database 12c
New PLSQL in Oracle Database 12c
Connor McDonald
 
Deploying Magento on OCI with MDS
Deploying Magento on OCI with MDSDeploying Magento on OCI with MDS
Deploying Magento on OCI with MDS
Frederic Descamps
 
Big data: current technology scope.
Big data: current technology scope.Big data: current technology scope.
Big data: current technology scope.
Roman Nikitchenko
 
Pi Day 2022 - from IoT to MySQL HeatWave Database Service
Pi Day 2022 - from IoT to MySQL HeatWave Database ServicePi Day 2022 - from IoT to MySQL HeatWave Database Service
Pi Day 2022 - from IoT to MySQL HeatWave Database Service
Frederic Descamps
 
MySQL 8.0 Document Store - Discovery of a New World
MySQL 8.0 Document Store - Discovery of a New WorldMySQL 8.0 Document Store - Discovery of a New World
MySQL 8.0 Document Store - Discovery of a New World
Frederic Descamps
 
JDBC Next: A New Asynchronous API for Connecting to a Database
JDBC Next: A New Asynchronous API for Connecting to a Database JDBC Next: A New Asynchronous API for Connecting to a Database
JDBC Next: A New Asynchronous API for Connecting to a Database
Yolande Poirier
 
Migrating to Database 12c Multitenant - New Opportunities To Get It Right!
Migrating to Database 12c Multitenant - New Opportunities To Get It Right!Migrating to Database 12c Multitenant - New Opportunities To Get It Right!
Migrating to Database 12c Multitenant - New Opportunities To Get It Right!
Performance Tuning Corporation
 
50 New Features of Java EE 7 in 50 minutes
50 New Features of Java EE 7 in 50 minutes50 New Features of Java EE 7 in 50 minutes
50 New Features of Java EE 7 in 50 minutes
Arun Gupta
 
11. jdbc
11. jdbc11. jdbc
11. jdbc
Rajesh Roky
 
Hadoop 101
Hadoop 101Hadoop 101
Hadoop 101
Nader Ganayem
 
Changes in WebLogic 12.1.3 Every Administrator Must Know
Changes in WebLogic 12.1.3 Every Administrator Must KnowChanges in WebLogic 12.1.3 Every Administrator Must Know
Changes in WebLogic 12.1.3 Every Administrator Must Know
Bruno Borges
 
Oracle ZDM KamaleshRamasamy Sangam2020
Oracle ZDM KamaleshRamasamy Sangam2020Oracle ZDM KamaleshRamasamy Sangam2020
Oracle ZDM KamaleshRamasamy Sangam2020
Kamalesh Ramasamy
 
Faster Java EE Builds with Gradle
Faster Java EE Builds with GradleFaster Java EE Builds with Gradle
Faster Java EE Builds with Gradle
Ryan Cuprak
 
Deep Dive into Automating Oracle GoldenGate Using the New Microservices
Deep Dive into Automating Oracle GoldenGate Using the New MicroservicesDeep Dive into Automating Oracle GoldenGate Using the New Microservices
Deep Dive into Automating Oracle GoldenGate Using the New Microservices
Kal BO
 
Enterprise Java Web Application Frameworks Sample Stack Implementation
Enterprise Java Web Application Frameworks Sample Stack ImplementationEnterprise Java Web Application Frameworks Sample Stack Implementation
Enterprise Java Web Application Frameworks Sample Stack Implementation
Mert ÇalÄ±ĆŸkan
 
Java EE 7 for WebLogic 12c Developers
Java EE 7 for WebLogic 12c DevelopersJava EE 7 for WebLogic 12c Developers
Java EE 7 for WebLogic 12c Developers
Bruno Borges
 
Developing Java EE Applications on IntelliJ IDEA with Oracle WebLogic 12c
Developing Java EE Applications on IntelliJ IDEA with Oracle WebLogic 12cDeveloping Java EE Applications on IntelliJ IDEA with Oracle WebLogic 12c
Developing Java EE Applications on IntelliJ IDEA with Oracle WebLogic 12c
Bruno Borges
 
Batch Applications for Java Platform 1.0: Java EE 7 and GlassFish
Batch Applications for Java Platform 1.0: Java EE 7 and GlassFishBatch Applications for Java Platform 1.0: Java EE 7 and GlassFish
Batch Applications for Java Platform 1.0: Java EE 7 and GlassFish
Arun Gupta
 
Architecting virtualized infrastructure for big data presentation
Architecting virtualized infrastructure for big data presentationArchitecting virtualized infrastructure for big data presentation
Architecting virtualized infrastructure for big data presentation
Vlad Ponomarev
 
Java 11 OMG
Java 11 OMGJava 11 OMG
Java 11 OMG
Hendrik Ebbers
 
(ZDM) Zero Downtime DB Migration to Oracle Cloud
(ZDM) Zero Downtime DB Migration to Oracle Cloud(ZDM) Zero Downtime DB Migration to Oracle Cloud
(ZDM) Zero Downtime DB Migration to Oracle Cloud
Ruggero Citton
 
Java APIs - the missing manual
Java APIs - the missing manualJava APIs - the missing manual
Java APIs - the missing manual
Hendrik Ebbers
 
Oracle 12 Upgrade
Oracle 12 UpgradeOracle 12 Upgrade
Oracle 12 Upgrade
Hanh Nguyen Duy
 
Oracle Data Redaction - EOUC
Oracle Data Redaction - EOUCOracle Data Redaction - EOUC
Oracle Data Redaction - EOUC
Alex Zaballa
 
Socially Recruiting Warehouse Staff
Socially Recruiting Warehouse StaffSocially Recruiting Warehouse Staff
Socially Recruiting Warehouse Staff
Adam Marsh
 
Rulemanager
RulemanagerRulemanager
Rulemanager
Gary Sherman
 

Weitere Àhnliche Inhalte

Was ist angesagt?

Migrating to Database 12c Multitenant - New Opportunities To Get It Right!
Migrating to Database 12c Multitenant - New Opportunities To Get It Right!Migrating to Database 12c Multitenant - New Opportunities To Get It Right!
Migrating to Database 12c Multitenant - New Opportunities To Get It Right!
Performance Tuning Corporation
 
Deep Dive into Automating Oracle GoldenGate Using the New Microservices
Deep Dive into Automating Oracle GoldenGate Using the New MicroservicesDeep Dive into Automating Oracle GoldenGate Using the New Microservices
Deep Dive into Automating Oracle GoldenGate Using the New Microservices
Kal BO
 
Enterprise Java Web Application Frameworks Sample Stack Implementation
Enterprise Java Web Application Frameworks Sample Stack ImplementationEnterprise Java Web Application Frameworks Sample Stack Implementation
Enterprise Java Web Application Frameworks Sample Stack Implementation
Mert ÇalÄ±ĆŸkan
 
Architecting virtualized infrastructure for big data presentation
Architecting virtualized infrastructure for big data presentationArchitecting virtualized infrastructure for big data presentation
Architecting virtualized infrastructure for big data presentation
Vlad Ponomarev
 
Java APIs - the missing manual
Java APIs - the missing manualJava APIs - the missing manual
Java APIs - the missing manual
Hendrik Ebbers
 

Was ist angesagt? (20)

MySQL 8.0 Document Store - Discovery of a New World
MySQL 8.0 Document Store - Discovery of a New WorldMySQL 8.0 Document Store - Discovery of a New World
MySQL 8.0 Document Store - Discovery of a New World
 
JDBC Next: A New Asynchronous API for Connecting to a Database
JDBC Next: A New Asynchronous API for Connecting to a Database JDBC Next: A New Asynchronous API for Connecting to a Database
JDBC Next: A New Asynchronous API for Connecting to a Database
 
Migrating to Database 12c Multitenant - New Opportunities To Get It Right!
Migrating to Database 12c Multitenant - New Opportunities To Get It Right!Migrating to Database 12c Multitenant - New Opportunities To Get It Right!
Migrating to Database 12c Multitenant - New Opportunities To Get It Right!
 
50 New Features of Java EE 7 in 50 minutes
50 New Features of Java EE 7 in 50 minutes50 New Features of Java EE 7 in 50 minutes
50 New Features of Java EE 7 in 50 minutes
 
11. jdbc
11. jdbc11. jdbc
11. jdbc
 
Hadoop 101
Hadoop 101Hadoop 101
Hadoop 101
 
Changes in WebLogic 12.1.3 Every Administrator Must Know
Changes in WebLogic 12.1.3 Every Administrator Must KnowChanges in WebLogic 12.1.3 Every Administrator Must Know
Changes in WebLogic 12.1.3 Every Administrator Must Know
 
Oracle ZDM KamaleshRamasamy Sangam2020
Oracle ZDM KamaleshRamasamy Sangam2020Oracle ZDM KamaleshRamasamy Sangam2020
Oracle ZDM KamaleshRamasamy Sangam2020
 
Faster Java EE Builds with Gradle
Faster Java EE Builds with GradleFaster Java EE Builds with Gradle
Faster Java EE Builds with Gradle
 
Deep Dive into Automating Oracle GoldenGate Using the New Microservices
Deep Dive into Automating Oracle GoldenGate Using the New MicroservicesDeep Dive into Automating Oracle GoldenGate Using the New Microservices
Deep Dive into Automating Oracle GoldenGate Using the New Microservices
 
Enterprise Java Web Application Frameworks Sample Stack Implementation
Enterprise Java Web Application Frameworks Sample Stack ImplementationEnterprise Java Web Application Frameworks Sample Stack Implementation
Enterprise Java Web Application Frameworks Sample Stack Implementation
 
Java EE 7 for WebLogic 12c Developers
Java EE 7 for WebLogic 12c DevelopersJava EE 7 for WebLogic 12c Developers
Java EE 7 for WebLogic 12c Developers
 
Developing Java EE Applications on IntelliJ IDEA with Oracle WebLogic 12c
Developing Java EE Applications on IntelliJ IDEA with Oracle WebLogic 12cDeveloping Java EE Applications on IntelliJ IDEA with Oracle WebLogic 12c
Developing Java EE Applications on IntelliJ IDEA with Oracle WebLogic 12c
 
Batch Applications for Java Platform 1.0: Java EE 7 and GlassFish
Batch Applications for Java Platform 1.0: Java EE 7 and GlassFishBatch Applications for Java Platform 1.0: Java EE 7 and GlassFish
Batch Applications for Java Platform 1.0: Java EE 7 and GlassFish
 
Architecting virtualized infrastructure for big data presentation
Architecting virtualized infrastructure for big data presentationArchitecting virtualized infrastructure for big data presentation
Architecting virtualized infrastructure for big data presentation
 
Java 11 OMG
Java 11 OMGJava 11 OMG
Java 11 OMG
 
(ZDM) Zero Downtime DB Migration to Oracle Cloud
(ZDM) Zero Downtime DB Migration to Oracle Cloud(ZDM) Zero Downtime DB Migration to Oracle Cloud
(ZDM) Zero Downtime DB Migration to Oracle Cloud
 
Java APIs - the missing manual
Java APIs - the missing manualJava APIs - the missing manual
Java APIs - the missing manual
 
Oracle 12 Upgrade
Oracle 12 UpgradeOracle 12 Upgrade
Oracle 12 Upgrade
 
Oracle Data Redaction - EOUC
Oracle Data Redaction - EOUCOracle Data Redaction - EOUC
Oracle Data Redaction - EOUC
 

Andere mochten auch

Excel Tech Pack FINAL BOM
Excel Tech Pack FINAL BOMExcel Tech Pack FINAL BOM
Excel Tech Pack FINAL BOM
Kaitlin Leigh
 
International marketing, Indian Textile Industry, Indian Garment Industry,
International marketing, Indian Textile Industry, Indian Garment Industry, International marketing, Indian Textile Industry, Indian Garment Industry,
International marketing, Indian Textile Industry, Indian Garment Industry,
Vaibhav Mathankar
 
6 to 106 in 4 years - The story of the Atlassian Design team
6 to 106 in 4 years - The story of the Atlassian Design team6 to 106 in 4 years - The story of the Atlassian Design team
6 to 106 in 4 years - The story of the Atlassian Design team
Alastair Simpson
 
Introduce from NuoDi precision mould Co.,Ltd20160925
Introduce from NuoDi precision mould Co.,Ltd20160925Introduce from NuoDi precision mould Co.,Ltd20160925
Introduce from NuoDi precision mould Co.,Ltd20160925
Jessie Yi
 
Wojciech digipak and magazine advert analysis final (2)
Wojciech digipak and magazine advert analysis final (2)Wojciech digipak and magazine advert analysis final (2)
Wojciech digipak and magazine advert analysis final (2)
wojstarrr123
 

Andere mochten auch (19)

Socially Recruiting Warehouse Staff
Socially Recruiting Warehouse StaffSocially Recruiting Warehouse Staff
Socially Recruiting Warehouse Staff
 
Rulemanager
RulemanagerRulemanager
Rulemanager
 
Star theory
Star theoryStar theory
Star theory
 
A New Strategy for Enterprise Storage
A New Strategy for Enterprise StorageA New Strategy for Enterprise Storage
A New Strategy for Enterprise Storage
 
ADF Taskflows for beginners
ADF Taskflows for beginnersADF Taskflows for beginners
ADF Taskflows for beginners
 
Excel Tech Pack FINAL BOM
Excel Tech Pack FINAL BOMExcel Tech Pack FINAL BOM
Excel Tech Pack FINAL BOM
 
VMware Hyper-Converged: EVO:RAIL Overview
VMware Hyper-Converged: EVO:RAIL OverviewVMware Hyper-Converged: EVO:RAIL Overview
VMware Hyper-Converged: EVO:RAIL Overview
 
Integracion Continua en Oracle ADF
Integracion Continua en Oracle ADFIntegracion Continua en Oracle ADF
Integracion Continua en Oracle ADF
 
Automatiza el despliegue de tus aplicaciones atlassian con docker
Automatiza el despliegue de tus aplicaciones atlassian con dockerAutomatiza el despliegue de tus aplicaciones atlassian con docker
Automatiza el despliegue de tus aplicaciones atlassian con docker
 
International marketing, Indian Textile Industry, Indian Garment Industry,
International marketing, Indian Textile Industry, Indian Garment Industry, International marketing, Indian Textile Industry, Indian Garment Industry,
International marketing, Indian Textile Industry, Indian Garment Industry,
 
6 to 106 in 4 years - The story of the Atlassian Design team
6 to 106 in 4 years - The story of the Atlassian Design team6 to 106 in 4 years - The story of the Atlassian Design team
6 to 106 in 4 years - The story of the Atlassian Design team
 
Introduce from NuoDi precision mould Co.,Ltd20160925
Introduce from NuoDi precision mould Co.,Ltd20160925Introduce from NuoDi precision mould Co.,Ltd20160925
Introduce from NuoDi precision mould Co.,Ltd20160925
 
R12 New Features In Order Management
R12 New Features In Order ManagementR12 New Features In Order Management
R12 New Features In Order Management
 
An overview in garment industry (dept. wise)
An overview in garment industry (dept. wise)An overview in garment industry (dept. wise)
An overview in garment industry (dept. wise)
 
Learn Oracle WebLogic Server 12c Administration
Learn Oracle WebLogic Server 12c AdministrationLearn Oracle WebLogic Server 12c Administration
Learn Oracle WebLogic Server 12c Administration
 
Shandong Shuangyi Technology Co.,Ltd.Company introduction
Shandong Shuangyi Technology Co.,Ltd.Company introduction Shandong Shuangyi Technology Co.,Ltd.Company introduction
Shandong Shuangyi Technology Co.,Ltd.Company introduction
 
Audience Research
Audience ResearchAudience Research
Audience Research
 
Wojciech digipak and magazine advert analysis final (2)
Wojciech digipak and magazine advert analysis final (2)Wojciech digipak and magazine advert analysis final (2)
Wojciech digipak and magazine advert analysis final (2)
 
Analysing and troubleshooting Parallel Execution IT Tage 2015
Analysing and troubleshooting Parallel Execution IT Tage 2015Analysing and troubleshooting Parallel Execution IT Tage 2015
Analysing and troubleshooting Parallel Execution IT Tage 2015
 

Ähnlich wie Database 12c

Database Consolidation using the Oracle Multitenant Architecture
Database Consolidation using the Oracle Multitenant ArchitectureDatabase Consolidation using the Oracle Multitenant Architecture
Database Consolidation using the Oracle Multitenant Architecture
Pini Dibask
 
Security Multitenant
Security MultitenantSecurity Multitenant
Security Multitenant
Arush Jain
 
4392091081755796971 emea10 zero_downtimeoperations
4392091081755796971 emea10 zero_downtimeoperations4392091081755796971 emea10 zero_downtimeoperations
4392091081755796971 emea10 zero_downtimeoperations
Locuto Riorama
 
0396 oracle-goldengate-12c-tutorial
0396 oracle-goldengate-12c-tutorial0396 oracle-goldengate-12c-tutorial
0396 oracle-goldengate-12c-tutorial
KlausePaulino
 

Ähnlich wie Database 12c (20)

Oracle 12c PDB insights
Oracle 12c PDB insightsOracle 12c PDB insights
Oracle 12c PDB insights
 
Database Consolidation using the Oracle Multitenant Architecture
Database Consolidation using the Oracle Multitenant ArchitectureDatabase Consolidation using the Oracle Multitenant Architecture
Database Consolidation using the Oracle Multitenant Architecture
 
Upgrade Oracle Database to 12c
Upgrade Oracle Database to 12c Upgrade Oracle Database to 12c
Upgrade Oracle Database to 12c
 
Manual Tecnico OGG Oracle to MySQL
Manual Tecnico OGG Oracle to MySQLManual Tecnico OGG Oracle to MySQL
Manual Tecnico OGG Oracle to MySQL
 
Oracle RAC One Node 12c Overview
Oracle RAC One Node 12c OverviewOracle RAC One Node 12c Overview
Oracle RAC One Node 12c Overview
 
Eouc 12 on 12c osama mustafa
Eouc 12 on 12c osama mustafaEouc 12 on 12c osama mustafa
Eouc 12 on 12c osama mustafa
 
Security Multitenant
Security MultitenantSecurity Multitenant
Security Multitenant
 
Oracle to MySQL DatabaseLink
Oracle to MySQL DatabaseLinkOracle to MySQL DatabaseLink
Oracle to MySQL DatabaseLink
 
2-day-dba-oracle.pptx
2-day-dba-oracle.pptx2-day-dba-oracle.pptx
2-day-dba-oracle.pptx
 
OOW 17 - database consolidation using the oracle multitenant architecture
OOW 17 - database consolidation using the oracle multitenant architectureOOW 17 - database consolidation using the oracle multitenant architecture
OOW 17 - database consolidation using the oracle multitenant architecture
 
4392091081755796971 emea10 zero_downtimeoperations
4392091081755796971 emea10 zero_downtimeoperations4392091081755796971 emea10 zero_downtimeoperations
4392091081755796971 emea10 zero_downtimeoperations
 
Lessons Learnt from Oracle Unified Directory implementation with Oracle E-Bus...
Lessons Learnt from Oracle Unified Directory implementation with Oracle E-Bus...Lessons Learnt from Oracle Unified Directory implementation with Oracle E-Bus...
Lessons Learnt from Oracle Unified Directory implementation with Oracle E-Bus...
 
0396 oracle-goldengate-12c-tutorial
0396 oracle-goldengate-12c-tutorial0396 oracle-goldengate-12c-tutorial
0396 oracle-goldengate-12c-tutorial
 
Oracle 12c and its pluggable databases
Oracle 12c and its pluggable databasesOracle 12c and its pluggable databases
Oracle 12c and its pluggable databases
 
oracle upgrade 2015_509_Swonger_ppt.pptx
oracle upgrade 2015_509_Swonger_ppt.pptxoracle upgrade 2015_509_Swonger_ppt.pptx
oracle upgrade 2015_509_Swonger_ppt.pptx
 
Clone_a_remote_PDB_in_Data_Guard_Environments_19c_1698741799.pdf
Clone_a_remote_PDB_in_Data_Guard_Environments_19c_1698741799.pdfClone_a_remote_PDB_in_Data_Guard_Environments_19c_1698741799.pdf
Clone_a_remote_PDB_in_Data_Guard_Environments_19c_1698741799.pdf
 
Indexes and Indexing in Oracle 12c
Indexes and Indexing in Oracle 12cIndexes and Indexing in Oracle 12c
Indexes and Indexing in Oracle 12c
 
Oracle Enterprise Manager 12c - OEM12c Presentation
Oracle Enterprise Manager 12c - OEM12c PresentationOracle Enterprise Manager 12c - OEM12c Presentation
Oracle Enterprise Manager 12c - OEM12c Presentation
 
Migration to Oracle Multitenant
Migration to Oracle MultitenantMigration to Oracle Multitenant
Migration to Oracle Multitenant
 
The Making of the Oracle R2DBC Driver and How to Take Your Code from Synchron...
The Making of the Oracle R2DBC Driver and How to Take Your Code from Synchron...The Making of the Oracle R2DBC Driver and How to Take Your Code from Synchron...
The Making of the Oracle R2DBC Driver and How to Take Your Code from Synchron...
 

KĂŒrzlich hochgeladen

CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
giselly40
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
Puma Security, LLC
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Enterprise Knowledge
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel AraĂșjo
 

KĂŒrzlich hochgeladen (20)

Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 

Database 12c

  • 1. parallel Architecture Changes and New Security Features in Oracle Database 12c Zoran Pavlović, Security Team Lead, Parallel Maja Veselica, Security Consultant, Parallel
  • 2. parallel About the Authors Zoran Pavlović, Security Team Lead Zoran Pavlovic works for Parallel as a security team leader. He has worked as an external instructor for Oracle University across EMEA region. As an active member of the Oracle community and a long-time database security enthusiast, Zoran frequently delivers technical presentations and demonstrations about Oracle technologies in Serbia, Croatia, Bulgaria, and online across the Globe. He is an Oracle Certified Professional, Oracle Certified Expert and Oracle Certified Specialist for Database, Security and Java. When Zoran is not helping customers solve various problems in Oracle Database, he enjoys learning more about how Oracle Database works and (beta) testing Oracle products Twitter: @orclarchitect
  • 3. parallel About the Authors Maja Veselica, Security Consultant Maja Veselica, MSc in Software Engineering, works for Parallel d.o.o. Belgrade, as Security Consultant and Education Manager. She is an instructor for numerous Oracle courses and a regular speaker at Oracle User Group conferences (SrOUG, HrOUG, BGOUG). She possesses several Oracle certificates, such as: Oracle Certified Professional, Oracle Certified Expert and Oracle Certified Specialist for Database, Security and Java. When Maja is not helping customers solve various challenges using Oracle technologies, she enjoys (beta) testing Oracle products. Twitter: @orapassion
  • 5. parallel Share-nothing databases Instance1 NonCDB1 Instance2 SGA SGA User data Obj$ Tab$ Source$ NonCDB1 User data Obj$ Tab$ Source$
  • 6. parallel User data Data Dictionary Separation Obj$ Tab$ Source$ Obj$ Tab$ Source$ System Dictionary User Dictionary
  • 7. parallel User data Data Dictionary Separation Obj$ Tab$ Source$ Obj$ Tab$ Source$
  • 8. parallel User data CDB root PDB Data Dictionary Separation Obj$ Tab$ Source$ Obj$ Tab$ Source$
  • 11. parallel Create PDB from Seed $ sqlplus / as sysdba SQL*Plus: Release 12.1.0.1.0 Production on Fri May 04 19:45:12 2013 Copyright (c) 1982, 2012, Oracle. All rights reserved. Connected to: Oracle Database 12c Enterprise Edition Release 12.1.0.1.0 - 64bit Production With the Partitioning, OLAP, Data Mining, Real Application Testing and Unified Auditing options SQL> CREATE PLUGGABLE DATABASE pdb1 ADMIN USER pdb1_admin 2 IDENTIFIED BY oracle_4U ROLES=(CONNECT) 3 FILE_NAME_CONVERT=('/u01/app/oracle/oradata/cdb1/pdbseed' 4 ,'/u01/app/oracle/oradata/cdb1/pdb1'); Pluggable database created. cdb1 root pdb1seed Clone
  • 12. parallel Unplug PDB from CDB SQL> ALTER PLUGGABLE DATABASE pdb1 UNPLUG INTO ’pdb1.xml’; cdb1 root seed pdb1Unplug pdb1.xml SQL> DROP PLUGGABLE DATABASE pdb1 KEEP DATAFILES; pdb1 SQL> ALTER PLUGGABLE DATABASE pdb1 OPEN READ ONLY;
  • 13. parallel Plug Unplugged PDB in CDB cdb2 root seed pdb1.xml pdb1 pdb1Plug-In SQL> DBMS_PDB.CHECK_PLUG_COMPATIBILITY(pdb_descr_file => ‘/stage/pdb1.xml’, store_report => TRUE); SQL> CREATE PLUGGABLE DATABASE pdb1 USING '/stage/pdb1.xml' NOCOPY; SQL> ALTER PLUGGABLE DATABASE pdb1 OPEN READ WRITE;
  • 14. parallel Upgrading 12c Database Oracle 12.2 root seed pdb1.xml pdb1 pdb1Plug-In Oracle 12.1 root seed pdb1Unplug pdb1.xml pdb1
  • 15. parallel Cloning PDBs inside CDB SQL> ALTER PLUGGABLE DATABASE pdb1 CLOSE; Pluggable database altered. SQL> ALTER PLUGGABLE DATABASE pdb1 OPEN READ ONLY; Pluggable database altered. SQL> ALTER SYSTEM SET db_create_file_dest = '/u01/app/oracle/oradata/cdb1/pdb2'; System altered. SQL> CREATE PLUGGABLE DATABASE pdb2 FROM pdb1; Pluggable database created. SQL> ALTER PLUGGABLE DATABASE pdb2 OPEN; Pluggable database altered. cdb1 root pdb1seed Clone pdb2
  • 16. parallel Plug NonCDB in CDB SQL> EXEC DBMS_PDB.DESCRIBE ('/stage/noncdb/noncdb.xml’); cdb1 root seed noncdbPlug-In noncdb.xml SQL> CREATE PLUGGABLE DATABASE pdb3 USING '/stage/noncdb.xml' NOCOPY; SQL> @$ORACLE_HOME/rdbms/admin/noncdb_to_pdb.sql pdb3
  • 17. parallel Common and Local Users, Privileges and Roles
  • 18. parallel CDB root pdb1 Common and Local Users pdb2 c##zoransys loc_usr1 loc_usr2 c##zoran sys c##zoran sys Common users are users created in root container, that have same identity across all containers. Local users are users that are created and exist in only one PDB. They can’t be created in root.
  • 19. parallel cdb1 root pdb1 Common and Local Users c##zoransys mgrc##zoran sys SQL> CONNECT / AS SYSDBA Connected. SQL> CREATE USER c##zoran IDENTIFIED BY oracle1 CONTAINER = ALL; User created. SQL> CONNECT c##zoran/oracle1@pdb1 Connected. SQL> CREATE USER mgr IDENTIFIED BY oracle1 CONTAINER = CURRENT; User created. loc_usr1 Common user created by common user: Local user created by common user: SQL> CONNECT mgr/oracle1@pdb1 Connected. SQL> CREATE USER loc_usr1 IDENTIFIED BY password; User created. Local user created by local user:
  • 20. parallel CDB root pdb1 Common and Local Privileges pdb2 c##zoran loc_usr1c##zoran Common privileges are privileges, that when granted can be exercised across all containers. Local privileges are privileges, that when granted can be exercised in context of a single PDB. loc_usr2c##zoran
  • 21. parallel cdb1 Common and Local Privileges SQL> CONNECT / AS SYSDBA Connected. SQL> GRANT SELECT ANY TABLE TO c##zoran CONTAINER = ALL; Grant succeeded. SQL> CONNECT sys/oracle1@pdb1 AS SYSDBA Connected. SQL> GRANT UPDATE ANY TABLE TO c##zoran CONTAINER = CURRENT; Grant succeeded. Common privilege granted by common user to common user: Local privilege granted by common user to common user: SQL> CONNECT mgr/oracle1@pdb1 Connected. SQL> GRANT UPDATE ANY TABLE TO loc_usr1; Grant succeeded. Local privilege granted by local user to local user: root pdb1 c##zoran loc_usr1c##zoran
  • 22. parallel Common and Local Roles Local roles are roles created in PDB that exist in only one container. These roles can be granted only locally to either common or local users or roles. Common roles are roles created in root container, that exist in all containers. These roles can have different set of privileges in different containers, and can be granted to either common or local users or roles. CDB root pdb1 pdb2 c##role1 c##role1 loc_role1 c##role1 loc_role2
  • 23. parallel cdb1 Adding Privs to Common and Local Roles SQL> CREATE ROLE c##role1 CONTAINER = ALL; Role created. SQL> GRANT SELECT ANY TABLE TO c##role1 CONTAINER = ALL; Grant succeeded. SQL> GRANT CREATE TABLE TO c##role1; SQL> CREATE ROLE loc_role1 CONTAINER = CURRENT; Role created. SQL> GRANT UPDATE ANY TABLE TO loc_role1; Grant succeeded. SQL> GRANT ALTER USER TO c##role1; Grant succeeded. SQL> GRANT loc_role1 TO c##role1 CONTAINER = CURRENT; Grant succeeded. SQL> GRANT c##role1 TO loc_role2 CONTAINER = CURRENT; Grant succeeded. root pdb1 in root container: in pdb1 container:
  • 24. parallel cdb1 Granting Common and Local Roles SQL> GRANT c##role1 to c##zoran CONTAINER = ALL; Grant succeeded. SQL> GRANT c##role2 to c##zoran CONTAINER = CURRENT; Grant succeeded. SQL> GRANT c##role2 to c##zoran CONTAINER = CURRENT; Grant succeeded. SQL> GRANT loc_role to c##zoran CONTAINER = CURRENT; Grant succeeded. SQL> GRANT c##role2 to loc_usr1 CONTAINER = CURRENT; Grant succeeded. GRANT loc_role to loc_usr1 CONTAINER = CURRENT; Grant succeeded. root pdb1
  • 25. parallel SQL> connect / as sysdba Connected. SQL> create user c##zoran identified by oracle1 container=all; User created. SQL> grant create session, drop any synonym to c##zoran container=all; Grant succeeded. SQL> connect sys/oracle1@pdb1 as sysdba Connected. SQL> grant drop any table to c##zoran container=current; Grant succeeded. SQL> connect c##zoran/oracle1@pdb1 Connected. SQL> drop synonym customers_syn; Synonym dropped. SQL> drop table gldb.customers; Table dropped. SQL> connect c##zoran/oracle1@pdb2 Connected. SQL> drop synonym test_syn; Synonym dropped. SQL> drop table test.a; drop table test.a * ERROR at line 1: ORA-00942: table or view does not exist
  • 27. parallel SQL> connect zoran/oracle1 Connected. SQL> create user maja identified by oracle1; User created. SQL> grant create session, create procedure to maja; Grant succeeded. SQL> connect maja/oracle1; Connected. SQL> select * from session_roles; No rows selected. SQL> create or replace procedure evil_proc 3 authid current_user 4 as 5 pragma autonomous_transaction; 6 begin 9 execute immediate 'grant dba to maja’; 10 end; 11 / Procedure created. SQL> grant execute on evil_proc to zoran; Grant succeeded. SQL> connect zoran/oracle1 Connected. SQL> exec maja.evil_proc;
  • 28. parallel SQL> exec maja.evil_proc; PL/SQL procedure successfully completed. SQL> connect maja/oracle1 Connected. SQL> select * from session_roles; ROLE ------------------------------ DBA SELECT_CATALOG_ROLE EXECUTE_CATALOG_ROLE ... XDB_SET_INVOKER OLAP_DBA OLAP_XS_ADMIN 19 rows selected. Inherit Privileges
  • 29. parallel SQL> connect c##zoran/oracle1@pdb1 Connected. SQL> create user maja identified by oracle1 container=current; User created. SQL> grant create session, create procedure to maja container=current; Grant succeeded. SQL> connect maja/oracle1@pdb1; Connected. SQL> select * from session_roles; No rows selected. SQL> create or replace procedure evil_proc 3 authid current_user 4 as 5 pragma autonomous_transaction; 6 begin 9 execute immediate 'grant dba to maja’; 10 end; 11 / Procedure created. SQL> grant execute on evil_proc to c##zoran; Grant succeeded. SQL> connect c##zoran/oracle1@pdb1 Connected. SQL> exec maja.evil_proc;
  • 30. parallel SQL> exec maja.evil_proc; ERROR at line 1: ORA-06598: insufficient INHERIT PRIVILEGES privilege ORA-06512: at ”MAJA.EVIL_PROC", line 1 ORA-06512: at line 1 SQL> grant inherit privileges on user c##zoran to maja; Grant succeeded. SQL> exec maja.evil_proc; PL/SQL procedure successfully completed. SQL> connect maja/oracle1 Connected. SQL> select * from session_roles; ROLE ------------------------------ DBA SELECT_CATALOG_ROLE ... 19 rows selected. Inherit Privileges
  • 31. parallel New PL/SQL Privilege Checking SQL> create or replace procedure evil_proc 2 authid current_user 3 as 4 pragma autonomous_transaction; 5 begin 6 execute immediate 'grant dba to maja’; 7 end; 8 / maja c##zoran
  • 32. parallel New PL/SQL Privilege Checking SQL> create or replace procedure evil_proc 2 authid current_user 3 as 4 pragma autonomous_transaction; 5 begin 6 execute immediate 'grant dba to maja’; 7 end; 8 / maja c##zoran SQL> GRANT EXECUTE ON MAJA.EVIL_PROC TO c##zoran;
  • 33. parallel New PL/SQL Privilege Checking SQL> create or replace procedure evil_proc 2 authid current_user 3 as 4 pragma autonomous_transaction; 5 begin 6 execute immediate 'grant dba to maja’; 7 end; 8 / maja c##zoran EXECUTE
  • 34. parallel New PL/SQL Privilege Checking EXECUTE ERROR at line 1: ORA-06598: insufficient INHERIT PRIVILEGES privilege ORA-06512: at ”maja.evil_proc", line 1 ORA-06512: at line 1 maja c##zoran SQL> create or replace procedure evil_proc 2 authid current_user 3 as 4 pragma autonomous_transaction; 5 begin 6 execute immediate 'grant dba to maja’; 7 end; 8 /
  • 35. parallel New PL/SQL Privilege Checking SQL> GRANT INHERIT PRIVILEGES ON USER c##zoran TO maja; maja c##zoran SQL> create or replace procedure evil_proc 2 authid current_user 3 as 4 pragma autonomous_transaction; 5 begin 6 execute immediate 'grant dba to maja’; 7 end; 8 /
  • 36. parallel New PL/SQL Privilege Checking EXECUTE maja SQL> create or replace procedure evil_proc 2 authid current_user 3 as 4 pragma autonomous_transaction; 5 begin 6 execute immediate 'grant dba to maja’; 7 end; 8 / c##zoran
  • 38. parallel SQL> connect zoran/oracle1 Connected. SQL> create user mike identified by oracle1; User created. SQL> create role proc_role; Role created. SQL> grant create session, create procedure, create table to proc_role; Grant succeeded. SQL> grant proc_role to mike; Grant succeeded. SQL> connect mike/oracle1 Connected. SQL> create or replace procedure c_table 2 as 3 begin 4 execute immediate ‘create table test(a int)’; 5 end; 6 / Procedure created. SQL> exec c_table; Code Based Access Control
  • 39. parallel SQL> exec c_table; BEGIN c_table; END; * ERROR at line 1: ORA-01031: insufficient privileges ORA-06512: at ”MIKE.C_TABLE", line 4 ORA-06512: at line 1 Code Based Access Control
  • 40. parallel SQL> connect c##zoran/oracle1@pdb1 Connected. SQL> create user mike identified by oracle1 container=current; User created. SQL> create role proc_role container=current; Role created. SQL> grant create session, create procedure, create table to proc_role; Grant succeeded. SQL> grant proc_role to mike; Grant succeeded. SQL> connect mike/oracle1@pdb1 Connected. SQL> create or replace procedure c_table 2 as 3 begin 4 execute immediate ‘create table test(a int)’; 5 end; 6 / Procedure created. SQL> exec c_table; Code Based Access Control
  • 41. parallel SQL> exec c_table; BEGIN c_table; END; * ERROR at line 1: ORA-01031: insufficient privileges ORA-06512: at ”MIKE.C_TABLE", line 4 ORA-06512: at line 1 SQL> grant proc_role to procedure c_table; Grant succeeded. SQL> exec c_table; PL/SQL procedure successfully completed. SQL> desc test Name Null? Type ----------------- -------- ------------ A NUMBER(38) Code Based Access Control
  • 42. parallel SQL> connect c##zoran/oracle1@pdb1 Connected. SQL> create or replace procedure test 2 authid current_user 3 as 4 begin 5 execute immediate ‘create table tjohn(z int)’; 6 end; 7 / Procedure created. SQL> create user john identified by oracle1 container=current; User created. SQL> grant create session to john; Grant succeeded. SQL> create role test_role container=current; Role created. SQL> grant create table to test_role; Grant succeeded. SQL> grant test_role to procedure test; Grant succeeded. SQL> grant execute on test to john; Grant succeeded. Code Based Access Control
  • 43. parallel SQL> connect john/oracle1@pdb1 Connected. SQL> exec c##zoran.test; PL/SQL procedure successfully completed. SQL> desc tjohn Name Null? Type ----------------- -------- ------------ Z NUMBER(38) Code Based Access Control
  • 45. parallel Data Redaction - Full DBMS_REDACT.ADD_POLICY (object_schema => ‘GLDB’, object_name => ’CUSTOMERS’, policy_name => ’CCN_POLICY', column_name => ’CREDIT_CARD', function_type => DBMS_REDACT.FULL, expression => ‘7=7'); NAME CREDIT_CARD tom 3455647456589132 mike 3734982321225691 john 3472586894975806 CUSTOMERS NAME CREDIT_CARD tom 0 mike 0 john 0 SQL> SELECT * FROM CUSTOMERS;
  • 46. parallel Data Redaction - Partial DBMS_REDACT.ADD_POLICY (object_schema => ‘GLDB’, object_name => ’CUSTOMERS’, policy_name => ’CCN_POLICY', column_name => ’CREDIT_CARD', function_type => DBMS_REDACT.PARTIAL, function_parameters => 'VVVVVVVVVVVVVVVV, VVVV-VVVV-VVVV-VVVV, #,1,12’ expression => ‘7=7'); NAME CREDIT_CARD tom 3455647456589132 mike 3734982321225691 john 3472586894975806 CUSTOMERS SQL> SELECT * FROM CUSTOMERS; NAME CREDIT_CARD tom ####-####-####-9132 mike ####-####-####-5691 john ####-####-####-5806
  • 47. parallel Data Redaction - Exemptions DBMS_REDACT.ADD_POLICY (object_schema => ‘GLDB’, object_name => ’CUSTOMERS’, policy_name => ’CCN_POLICY', column_name => ’CREDIT_CARD', function_type => DBMS_REDACT.FULL, expression => ‘7=7'); NAME CREDIT_CARD tom 3455647456589132 mike 3734982321225691 john 3472586894975806 CUSTOMERS RMAN> BACKUP TABLESPACE gltbs; NAME CREDIT_CARD tom 3455647456589132 mike 3734982321225691 john 3472586894975806
  • 48. parallel Data Redaction - Exemptions DBMS_REDACT.ADD_POLICY (object_schema => ‘GLDB’, object_name => ’CUSTOMERS’, policy_name => ’CCN_POLICY', column_name => ’CREDIT_CARD', function_type => DBMS_REDACT.FULL, expression => ‘7=7'); NAME CREDIT_CARD tom 3455647456589132 mike 3734982321225691 john 3472586894975806 CUSTOMERS NAME CREDIT_CARD tom 3455647456589132 mike 3734982321225691 john 3472586894975806 SQL> SELECT * FROM CUSTOMERS; User with EXEMPT REDUCTION POLICY
  • 49. parallel SQL> connect c##zoran/oracle1@pdb1 Connected. SQL> BEGIN 2 DBMS_REDACT.ADD_POLICY (object_schema => ‘GLDB’, 3 object_name => ’CUSTOMERS’, 4 policy_name => ’CCN_POLICY', 5 column_name => ’CREDIT_CARD', 6 function_type => DBMS_REDACT.PARTIAL, 7 function_parameters => 'VVVVVVVVVVVVVVVV, VVVV-VVVV-VVVV-VVVV, #,1,12’ 8 expression => ‘7=7'); 9 END; 10 / PL/SQL procedure successfully completed. SQL> select * from gldb.customers; NAME CREDIT_CARD ---------------- -------------------- tom 3455647456589132 mike 3734982321225691 john 3472586894975806 SQL> grant select on gldb.customers to maja; Grant succeeded. Data Redaction - Example
  • 50. parallel SQL> connect maja/oracle1@pdb1 Connected. SQL> select * from gldb.customers; NAME CREDIT_CARD ---------------- -------------------- tom ####-####-####-9132 mike ####-####-####-5691 john ####-####-####-5806 SQL> select * from gldb.customers where credit_card like ‘3472%’; NAME CREDIT_CARD ---------------- -------------------- john ####-####-####-5806 Data Redaction - Example
  • 51. parallel None ‱ Reduction is NOT applied Full ‱ Columns are redacted to constant values depending on column data type Partial ‱ User- specified positions are replaced by a user- specified character Regular Expression ‱ Pattern for matching and replacing is defined and used for reduction Random ‱ Preserves data types ‱ Randomizes output Available Reduction Types
  • 53. parallel New Administrative Privileges PRIVILEGE USERNAME DUTIES SYSBACKUP SYSBACKUP Backup and recovery operations in RMAN and SQL. SYSDG SYSDG Managing Data Guard with Data Guard Broker. SYSKM SYSKM Managing keys for TDE. Password file format_12c
  • 54. parallel New SYSBACKUP Privilege SQL> connect / as SYSBACKUP Connected. SQL> show user USER is "SYSBACKUP" SQL> select * from session_privs; PRIVILEGE ---------------------------------------- SYSBACKUP SELECT ANY TRANSACTION SELECT ANY DICTIONARY RESUMABLE CREATE ANY DIRECTORY ALTER DATABASE AUDIT ANY CREATE ANY CLUSTER CREATE ANY TABLE UNLIMITED TABLESPACE DROP TABLESPACE ALTER TABLESPACE ALTER SESSION ALTER SYSTEM 14 rows selected. SQL>
  • 55. parallel New SYSBACKUP Privilege $ rman target ’”zoran/passwd@orcldb AS SYSBACKUP"’ Recovery Manager: Release 12.1.0.1.0 - Beta on Tue May 07 17:41:37 2013 Copyright (c) 1982, 2012, Oracle and/or its affiliates. All rights reserved. connected to target database: ORCLDB (DBID=1625181741) RMAN> select user from dual; using target database control file instead of recovery catalog USER ------------------------------ SYSBACKUP RMAN> SQL> connect / as SYSBACKUP Connected. SQL> SELECT TABLE_NAME FROM DBA_TABLES 2 WHERE OWNER = ‘GLDB’; TABLE_NAME ---------------------------------------- CUSTOMERS ORDERS SQL> SELECT * FROM GLDB.CUSTOMERS; SELECT * FROM GLDB.CUSTOMERS * ERROR at line 1: ORA-01031: insufficient privileges
  • 56. parallel New SYSDG Privilege SQL> connect / as SYSDG Connected. SQL> show user USER is “SYSDG" SQL> select * from session_privs; PRIVILEGE --------------------------------------- - SYSDG ALTER SYSTEM ALTER SESSION ALTER DATABASE SELECT ANY DICTIONARY 5 rows selected. SQL>
  • 57. parallel New SYSKM Privilege SQL> connect / as SYSKM Connected. SQL> show user USER is “SYSKM" SQL> select * from session_privs; PRIVILEGE ---------------------------------------- SYSKM ADMINISTER KEY MANAGEMENT 2 rows selected. SQL>
  • 59. parallel Invisible columns SQL> create table t(a int); Table created. SQL> desc t Name Null? Type ----------------- -------- ------------ A NUMBER(38) SQL> insert into t(a) values(1); 1 rows inserted. SQL> alter table add(b int invisible); Table altered. SQL> desc t Name Null? Type ----------------- -------- ------------ A NUMBER(38) SQL> select * from t; A ------------ 1
  • 60. parallel SQL> insert into t(a,b) values(3,5); 1 rows inserted. SQL> select a,b from t; A B ------------ ------------- 1 3 5 SQL> alter table t modify(b visible); Table altered. SQL> desc t Name Null? Type ----------------- -------- ------------ A NUMBER(38) B NUMBER(38) Invisible columns
  • 61. parallel SQL> select * from t; A B ------------ ------------- 1 3 5 Invisible columns