Profiles- Users and Basic Security

18 Jun by Leondre Morris

Profiles- Users and Basic Security

When you create users, requirements call for strong passwords and for the passwords to adhere to a set of security rules. You may want to ensure that a certain user is not capable of consuming inordinate amounts of CPU resources. These two examples can be done in database profiles. An Oracle profile is a database object that serves two purposes:

• Enforces password security settings

• Limits system resources that a user consumes

Tip don’t confuse a database profile with a sQL profile.a database profile is an object assigned to a user that enforces password security and constrains database resource usage, whereas a sQL profile is associated with a sQL statement and contains corrections to statistics to help the optimizer generate a more efficient execution plan.

Limiting Database Resource Usage

As mentioned earlier, the password profile settings take effect as soon as you assign the profile to a user. Unlike password settings, kernel resource profile restrictions don’t take effect until you set the RESOURCE_LIMIT initialization parameter to TRUE, which is the default, for your database; for example,

To view the current setting of the RESOURCE_LIMIT parameter, issue this query:

When you create a user, if you don’t specify a profile, then the DEFAULT profile is assigned to the user. You can modify the DEFAULT profile with the ALTER PROFILE statement. The next example modifies the DEFAULT profile to limit CPU_PER_SESSION to 240,000 (in hundredths of seconds):

This limits any user with the DEFAULT profile to 2,400 seconds of CPU use. You can set various limits in a profile. The following are examples of database resource settings you can limit:

•     CONNECT_TIME

• CPU_PER_SESSION

•    IDLE_TIME

• LOGICAL_READS_PER_SESSION

•     SESSIONS_PER_USER

You can also create a custom profile and assign it to users via the CREATE PROFILE statement. You can then assign that profile to any existing database users. The following SQL statement creates a profile that limits resources, such as the amount of CPU and individual session can consume:

After you create a profile, you can assign it to a user. In the next example, the user hsolo is assigned USER_PROFILE_LIMIT:

Leave a Reply

Your email address will not be published. Required fields are marked *