Professional Documents
Culture Documents
Controlling User Access: Reserved
Controlling User Access: Reserved
Database
administrator
Users
• Database security:
– System security
– Data security
• System privileges: Gaining access to the database
• Object privileges: Manipulating the content of the
database objects
• Schemas: Collections of objects, such as tables,
views, and sequences
CREATE
CREATE USER
USER scott
scott
IDENTIFIED
IDENTIFIED BY
BY tiger;
tiger;
User
User created.
created.
GRANT
GRANT create
create session,
session, create
create table,
table,
create
create sequence,
sequence, create
create view
view
TO
TO scott;
scott;
Grant
Grant succeeded.
succeeded.
Users
Manager
Privileges
• Create a role
CREATE
CREATE ROLE
ROLE manager;
manager;
Role
Role created.
created.
Object
Privilege Table View Sequence Procedure
ALTER
DELETE
EXECUTE
INDEX
INSERT
REFERENCES
SELECT
UPDATE
GRANT
GRANT object_priv
object_priv [(columns)]
[(columns)]
ON
ON object
object
TO
TO {user|role|PUBLIC}
{user|role|PUBLIC}
[WITH
[WITH GRANT
GRANT OPTION];
OPTION];
REVOKE
REVOKE {privilege
{privilege [,
[, privilege...]|ALL}
privilege...]|ALL}
ON
ON object
object
FROM
FROM {user[,
{user[, user...]|role|PUBLIC}
user...]|role|PUBLIC}
[CASCADE
[CASCADE CONSTRAINTS];
CONSTRAINTS];
REVOKE
REVOKE select,
select, insert
insert
ON
ON departments
departments
FROM
FROM scott;
scott;
Revoke
Revoke succeeded.
succeeded.
Local Remote
EMP Table
SELECT
SELECT **
FROM
FROM emp@HQ.ACME.COM;
emp@HQ.ACME.COM;