To access the database, a user must specify a valid database user account and successfully authenticate as required by that user account. Each database user has a unique database account.
Oracle recommends this to avoid potential security holes and provide meaningful data for certain audit activities. However, users may sometimes share a common database account. In these rare cases, the operating system and applications must provide adequate security for the database. Each user account has:
- Unique username: Usernames cannot exceed 30 bytes, cannot contain special characters, and must start with a letter.
- Authentication method: The most common authentication method is a password. Oracle Database supports password, global, and external authentication methods (such as biometric, certificate, and token authentication).
- Default tablespace: This is a place where a user creates objects if the user does not specify some other tablespace. Note that having a default tablespace does not imply that the user has the privilege of creating objects in that tablespace, nor does it mean that the user has a quota of space in that tablespace in which to create objects. Both of these are granted separately.
- Temporary tablespace: This is a place where temporary objects, such as sorts and temporary tables, are created on behalf of the user by the instance. No quota is applied to temporary tablespaces.
- User profile: This is a set of resource and password restrictions assigned to the user.
- Initial consumer group: This is used by the Resource Manager.
- Account status: Users can access only “open” accounts. The account status may be “locked” and/or “expired.”
A schema is a collection of database objects that are owned by a database user. Schema objects are the logical structures that directly refer to the database’s data. Schema objects include such structures as tables, views, sequences, stored procedures, synonyms, indexes, clusters, and database links. In general, schema objects include everything that your application creates in the database.
Predefined Administrative Accounts
The SYS and SYSTEM accounts have the database administrator (DBA) role granted to them by default. In addition, the SYS account has all privileges with ADMIN OPTION and owns the data dictionary. To connect to the SYS account, you must use the AS SYSDBA clause for a database instance and AS SYSASM for an Automatic Storage Management (ASM) instance. Any user that is granted the SYSDBA privilege can connect to the SYS account by using the AS SYSDBA clause. Only “privileged” users who are granted the SYSDBA, SYSOPER, SYSASM, SYSBACKUP, or SYSDG privileges are allowed to start up and shut down instances. The SYSTEM account does not have the SYSDBA privilege. SYSTEM is also granted the AQ_ADMINISTRATOR_ROLE and MGMT_USER roles. The SYS and SYSTEM accounts are required accounts in the database. They cannot be dropped.
Applying the principle of least privilege, these accounts are not used for routine operations. Users who need DBA privileges have separate accounts with the required privileges granted to them.
The SYSBACKUP, SYSDG, and SYSKM users are created to facilitate separation of duties for database administrators. Each of these provides a designated use for an administrative privilege by the same name. You should create a user and grant the appropriate administrative privilege to that user.
|SYSDBA||Standard database operations, such as starting and shutting down the database instance, creating the server parameter file (SPFILE), and changing the ARCHIVELOG mode Allows the grantee to view user data|
|SYSOPER||Standard database operations, such as starting and shutting down the database instance, creating the server parameter file (SPFILE), and changing the ARCHIVELOG mode|
|SYSBACKUP||Oracle Recovery Manager (RMAN) backup and recovery operations by using RMAN or SQL*Plus|
|SYSDG||Data Guard operations by using the Data Guard Broker or the DGMGRL command-line interface|
|SYSKM||Manage Transparent Data Encryption wallet operations|
Oracle Database includes five administrative privileges that are provided to facilitate separation of duty. The SYSDBA and SYSOPER administrative privileges are used to perform a variety of standard database operations including starting up the database instance and shutting it down. Refer to the Oracle Database Administrator’s Guide for a complete list of authorized operations for the SYSDBA and SYSOPER privileges.
SYSBACKUP, SYSDG, and SYSKM are new to Oracle Database 12c and are tailored for the specific administrative tasks of backup and recovery, Oracle Data Guard, and Transparent Data Encryption key management. In previous releases, the SYSDBA privilege was required for these tasks. These privileges enable you to connect to the database even if the database is not open. Refer to the Oracle Database Security Guide for a list of supported operations for the SYSBACKUP, SYSDG, and SYSKM privileges.