SlideShare a Scribd company logo

Computer Security

Download as DOCX, PDF
H
Hajer alriyami

This document discusses computer security and session management. It begins with an introduction that defines computer security and explains why it is important. It notes that both technical and user-based security measures are needed. The document then discusses session management, explaining that it refers to managing the lifecycle of user sessions. It provides examples of tools for monitoring sessions and discusses dedicated server architectures where each user connection has a dedicated server process. The document also covers blocking sessions that can occur when multiple users try to access the same data simultaneously.

Technology
1 of 6
Download to read offline
1
2
3
4
5
6
Nizwa College of Technology Assignment 2 26s1368 Submitted to: Ms. Kalivani Submitted from: Hajer Mohamed Said Alriyami Submitted date: 16/3/2017 Computer security And Session management
Nizwa College of Technology Assignment 2 26s1368 INTRODUCTION What is Computer Security? Computer Security is the protection of computing systems and the data that they store or access. Why is Computer Security Important? Computer Security allows the University to carry out its mission by:  Enabling people to carry out their jobs, education, and research  Supporting critical business process  Protecting personal and sensitive information Why do I need to learn about Computer Security? Isn't this just an I.T. problem? Good Security Standards follow the "90 / 10" Rule:  10% of security safeguards are technical.  90% of security safeguards rely on the computer user ("YOU") to adhere to good computing practices Example: The lock on the door is the 10%. You remembering to lock the lock, checking to see if the door is closed, ensuring others do not prop the door open, keeping control of the keys, etc. is the 90%. You need both parts for effective security What Does This Mean for Me?  This means that everyone who uses a computer or mobile device needs to understand how to keep their computer, device and data secure. o --> Information Technology Security is everyone's responsibility!  Members of the UCSC community are also responsible for familiarizing themselves and complying with all University policies, procedures and standards relating to information security --
Nizwa College of Technology Assignment 2 26s1368 Security Objectives  Learn "good computing security practices."  Incorporate these practices into your everyday routine. Encourage others to do so as well.  Report anything unusual - Notify your supervisor and the ITS  Support Center if you become aware of a suspected security incident Sessionsand SessionManagement Access Manager sessionmanagement refers to the process ofmanaging the lifecycle requirements of a session, and notification of sessionevents to enable global logout. Administrators can configure Access Manager session lifecycle settings using the Oracle Access Management Console. Here, we will look at several different tools and techniques for managing sessions in the database. Users are very important to a DBA in many ways, but first they are the reason why there is need for a DBA. Users (either real or their electronic counterparts) are what keep the database in motion. Managing sessions means the DBA must monitor, tune and troubleshoot the entire outstanding user's activity in the oracle instance. We have different faces of database activity throughout the day, and over weeks, months, and years. It looks like the same data behaving differently throughout a given period, so there will be moments when the database is reported to be slow, there will be times when the database apparently will hang, and there will be other times when the database's performance will look normalfrom the user's perspective. What is the reason why the database's performance changes? Monitoring, diagnosing, and troubleshooting sessions involve several tools and techniques; specific sections of Enterprise Manager are focused on session management, as we will see throughout this report. The exposed tools behave the same on Unix like and Windows environments; except the troubleshooting last resource, killing the session, which has specific behaviors on Windows platforms due to the specific architecture implementation, and we will have to deal with it by using the oracle tool. In this context the user sessioncan either be a session generated by a real user or by a program directed to perform some activity against the
Nizwa College of Technology Assignment 2 26s1368 database. This session can be connected either in dedicated or shared mode. User sessions in a dedicated server architecture When a user requests a remote connection to the database it must first contact the listener. The listener redirects the request to the Oracle Instance. This will spawn a new Oracle Server Process, which from now on will be the process who will interface the user with the database; if the connection to the database is local to the machine, it may be established across the network or by Inter-Process Communication(IPC) , and the Oracle server process will be spawned too. This Oracle server process will be assigned to the user for the whole time the user remains attached to the database. The new user sessionwill be assigned a Serial Number and a SessionId. These are the numbers used to uniquely identify a user connected to the database. The serial number guarantees that session- level commands are applied to the correct sessionobjects in case a new session is started with the same SID. A user session can be initially monitored with the V$SESSION dynamic view. The PMON background process registers the Oracle instance against the Listener (in a self registration configuration), PMON registers information about dedicated server processeswith the Listener. A User Processstarts a connection against the Oracle instance by looking for the Listener, the Listener redirects the user process to the oracle Server Processand the dialog will be conducted from now on between the oracle server process and the user process. Foreach active connection in
Nizwa College of Technology Assignment 2 26s1368 a DedicatedServerArchitecture there will be one oracle Server Processonthe hostmachine. The connection through a dedicated server is the most widely used connection mode in most Oracle databases. Blocking sessions When two or more different sessions compete for the same row simultaneously, Oracle will immediately raise the lock enqueue mechanism, which lets one process at a time modify the row. The lock will be released once the transaction is finished (after a commit or rollback command is issued). The first process that takes the row locks it, meanwhile the other processes will have to wait. If this wait time is visible to the user then it can be misinterpreted as a slow performance problem. Blocking sessions are issues that should be solved at the program level, but in the mean time it is the DBA's responsibility to detect them and fix them. A blocking sessionmay be normal during productiontime, this is not the real problem. Oracle is prepared to queue sessions, the real problem begins when a session hangs and leaves the other session indefinitely waiting for the row lock to be released. Code use: Create sessionmangers limit Create usermanger1 identified by 123; Grant create sessionto manger1 identified by 123; Alter user manger1 sessionmangers; alter sessionmangers limit password_life_time 10/1440 password_grace_time 2/1440;
Nizwa College of Technology Assignment 2 26s1368 create tablespaceschool_ts datafile 'c:tempschool.dbf' size 100M extent management localautoallocate segmentspace management; create temporary tablespace schooltemp_ts tempfile 'c:tempschooltmp.dbf' size 20M reuse extent management local uniform size 10M; alter user manger1 quota 500 on school_ts; Reference: https://www.safaribooksonline.com http://its.ucsc.edu/policies/index.html its.ucsc.edu/security/training/intro.html https://docs.oracle.com/cd/E27559_01/admin.1112/.../session.htm

More Related Content

DOC
sandeep_Updated _Resume
Sandeep Nair
 
PDF
Two Aspect Validation Control Frameworks for Online Distributed Services
IRJET Journal
 
PDF
Ijarcet vol-2-issue-3-942-946
Editor IJARCET
 
PDF
A DATABASE SYSTEM SECURITY FRAMEWORK
ijcsit
 
PDF
Distributed database security with discretionary access control
Jyotishkar Dey
 
DOC
Where Logs Hide: Logs in Virtualized Environments
Anton Chuvakin
 
PPTX
Presentation1
Kollipara Kiranmai
 
PDF
IRJET- A Research Paper on Block Design-based Key Agreement for Group Dat...
IRJET Journal
 
sandeep_Updated _Resume
Sandeep Nair
 
Two Aspect Validation Control Frameworks for Online Distributed Services
IRJET Journal
 
Ijarcet vol-2-issue-3-942-946
Editor IJARCET
 
A DATABASE SYSTEM SECURITY FRAMEWORK
ijcsit
 
Distributed database security with discretionary access control
Jyotishkar Dey
 
Where Logs Hide: Logs in Virtualized Environments
Anton Chuvakin
 
Presentation1
Kollipara Kiranmai
 
IRJET- A Research Paper on Block Design-based Key Agreement for Group Dat...
IRJET Journal
 

What's hot (10)

DOC
Cst 610 Motivated Minds/newtonhelp.com
amaranthbeg53
 
PDF
Employment Feedback by Securing Data using Anonymous Authentication
IRJET Journal
 
PPTX
01 database security ent-db
uncleRhyme
 
PPTX
Database modeling and security
Neeharika Nidadavolu
 
PDF
Graphical Password Authentication using Image Segmentation
IRJET Journal
 
PDF
IRJET - Study Paper on Various Security Mechanism of Cloud Computing
IRJET Journal
 
PDF
1784 1788
Editor IJARCET
 
DOC
Cyb 610 Motivated Minds/newtonhelp.com
amaranthbeg55
 
PDF
McAfee CDCR Case Study
joepanora
 
PDF
DATABASE PRIVATE SECURITY JURISPRUDENCE: A CASE STUDY USING ORACLE
IJDMS
 
Cst 610 Motivated Minds/newtonhelp.com
amaranthbeg53
 
Employment Feedback by Securing Data using Anonymous Authentication
IRJET Journal
 
01 database security ent-db
uncleRhyme
 
Database modeling and security
Neeharika Nidadavolu
 
Graphical Password Authentication using Image Segmentation
IRJET Journal
 
IRJET - Study Paper on Various Security Mechanism of Cloud Computing
IRJET Journal
 
1784 1788
Editor IJARCET
 
Cyb 610 Motivated Minds/newtonhelp.com
amaranthbeg55
 
McAfee CDCR Case Study
joepanora
 
DATABASE PRIVATE SECURITY JURISPRUDENCE: A CASE STUDY USING ORACLE
IJDMS
 
Ad

Similar to Computer Security (20)

PDF
Oracle database performance tuning
Abishek V S
 
PPTX
Some Oracle AWR observations
Connor McDonald
 
PDF
Data Base
Susan Tullis
 
PDF
Database security best_practices
Tarik Essawi
 
PPT
AWR, ADDM, ASH, Metrics and Advisors.ppt
bugzbinny
 
PDF
ILOUG 2019 - 25 years of hints and tips
Connor McDonald
 
PDF
ITOUG 2019 - 25 years of hints and tips
Connor McDonald
 
PPTX
SQL Server Wait Types Everyone Should Know
Dean Richards
 
PDF
What are you waiting for? (#SQLSat211)
Jason Strate
 
PDF
Ebs dba con4696_pdf_4696_0001
jucaab
 
PDF
Ora 4 the_sqldba
Kellyn Pot'Vin-Gorman
 
PPT
Oracle Wait Events That Everyone Should Know.ppt
TricantinoLopezPerez
 
PPT
Wait events
anujkumarsingh08
 
PDF
Oracle Closed World 2010: Graphing the AAS ala EM + doing some cool linear re...
Kristofferson A
 
PPTX
IOUG Collaborate 2014 ASH/AWR Deep Dive
Kellyn Pot'Vin-Gorman
 
PDF
Database & Technology 1 _ Barbara Rabinowicz _ Database Security Methoda and ...
InSync2011
 
PPT
OOUG: Oracle transaction locking
Kyle Hailey
 
PPTX
Ved du, hvor dine data er - og hvem, der har adgang til dem? Ron Ben Natan, I...
IBM Danmark
 
PPT
Log Management For e-Discovery, Database Monitoring and Other Unusual Uses
Anton Chuvakin
 
PPTX
Unit 2 oracle9i
DrkhanchanaR
 
Oracle database performance tuning
Abishek V S
 
Some Oracle AWR observations
Connor McDonald
 
Data Base
Susan Tullis
 
Database security best_practices
Tarik Essawi
 
AWR, ADDM, ASH, Metrics and Advisors.ppt
bugzbinny
 
ILOUG 2019 - 25 years of hints and tips
Connor McDonald
 
ITOUG 2019 - 25 years of hints and tips
Connor McDonald
 
SQL Server Wait Types Everyone Should Know
Dean Richards
 
What are you waiting for? (#SQLSat211)
Jason Strate
 
Ebs dba con4696_pdf_4696_0001
jucaab
 
Ora 4 the_sqldba
Kellyn Pot'Vin-Gorman
 
Oracle Wait Events That Everyone Should Know.ppt
TricantinoLopezPerez
 
Wait events
anujkumarsingh08
 
Oracle Closed World 2010: Graphing the AAS ala EM + doing some cool linear re...
Kristofferson A
 
IOUG Collaborate 2014 ASH/AWR Deep Dive
Kellyn Pot'Vin-Gorman
 
Database & Technology 1 _ Barbara Rabinowicz _ Database Security Methoda and ...
InSync2011
 
OOUG: Oracle transaction locking
Kyle Hailey
 
Ved du, hvor dine data er - og hvem, der har adgang til dem? Ron Ben Natan, I...
IBM Danmark
 
Log Management For e-Discovery, Database Monitoring and Other Unusual Uses
Anton Chuvakin
 
Unit 2 oracle9i
DrkhanchanaR
 
Ad

More from Hajer alriyami (8)

DOCX
penetration test
Hajer alriyami
 
PPTX
IDS
Hajer alriyami
 
PPTX
Positive thinking
Hajer alriyami
 
DOCX
Policy for PDO
Hajer alriyami
 
DOCX
“3rd Millennium’s Technological Impact to Medicine, Education, and Society”
Hajer alriyami
 
DOCX
Password Cracking
Hajer alriyami
 
PPTX
SSUCCESS
Hajer alriyami
 
PPTX
Presentation1Shell
Hajer alriyami
 
penetration test
Hajer alriyami
 
IDS
Hajer alriyami
 
Positive thinking
Hajer alriyami
 
Policy for PDO
Hajer alriyami
 
“3rd Millennium’s Technological Impact to Medicine, Education, and Society”
Hajer alriyami
 
Password Cracking
Hajer alriyami
 
SSUCCESS
Hajer alriyami
 
Presentation1Shell
Hajer alriyami
 

Recently uploaded (20)

PDF
gpt5_lecture_notes_comprehensive_20250812015547.pdf
Chinchu40
 
PDF
NewMind AI Weekly Chronicles – August ’25 Week III
NewMind AI
 
PDF
WOOl fibre morphology and structure.pdf for textiles
Rajendrakumar868651
 
PPTX
Modernising the Digital Integration Hub
Daniel Toomey
 
PPTX
1. Introduction to Computer Programming.pptx
bonakiduza1024
 
PPTX
OMC Textile Division Presentation 2021.pptx
JahangirAlam816069
 
PPTX
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
PPTX
Tartificialntelligence_presentation.pptx
ry7r52mzb4
 
PDF
project resource management chapter-09.pdf
ssuser00e6e21
 
PDF
Microsoft Solutions Partner Drive Digital Transformation with D365.pdf
Microsoft Dynamics
 
PDF
Hybrid model detection and classification of lung cancer
IAESIJAI
 
PPTX
Final SEM Unit 1 for mit wpu at pune .pptx
anishtilekar08
 
PDF
NewMind AI Weekly Chronicles - August'25-Week II
NewMind AI
 
PDF
Getting started with AI Agents and Multi-Agent Systems
Maxim Salnikov
 
PDF
Transform Your ITIL® 4 & ITSM Strategy with AI in 2025.pdf
PDCA Consulting
 
PDF
ENT215_Completing-a-large-scale-migration-and-modernization-with-AWS.pdf
ssuser28425f
 
PPTX
observCloud-Native Containerability and monitoring.pptx
anupsingh76937
 
PPTX
TechTalks-8-2019-Service-Management-ITIL-Refresh-ITIL-4-Framework-Supports-Ou...
bonakiduza1024
 
PDF
Hindi spoken digit analysis for native and non-native speakers
IAESIJAI
 
PPTX
Group 1 Presentation -Planning and Decision Making .pptx
MatthewLewis227954
 
gpt5_lecture_notes_comprehensive_20250812015547.pdf
Chinchu40
 
NewMind AI Weekly Chronicles – August ’25 Week III
NewMind AI
 
WOOl fibre morphology and structure.pdf for textiles
Rajendrakumar868651
 
Modernising the Digital Integration Hub
Daniel Toomey
 
1. Introduction to Computer Programming.pptx
bonakiduza1024
 
OMC Textile Division Presentation 2021.pptx
JahangirAlam816069
 
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
Tartificialntelligence_presentation.pptx
ry7r52mzb4
 
project resource management chapter-09.pdf
ssuser00e6e21
 
Microsoft Solutions Partner Drive Digital Transformation with D365.pdf
Microsoft Dynamics
 
Hybrid model detection and classification of lung cancer
IAESIJAI
 
Final SEM Unit 1 for mit wpu at pune .pptx
anishtilekar08
 
NewMind AI Weekly Chronicles - August'25-Week II
NewMind AI
 
Getting started with AI Agents and Multi-Agent Systems
Maxim Salnikov
 
Transform Your ITIL® 4 & ITSM Strategy with AI in 2025.pdf
PDCA Consulting
 
ENT215_Completing-a-large-scale-migration-and-modernization-with-AWS.pdf
ssuser28425f
 
observCloud-Native Containerability and monitoring.pptx
anupsingh76937
 
TechTalks-8-2019-Service-Management-ITIL-Refresh-ITIL-4-Framework-Supports-Ou...
bonakiduza1024
 
Hindi spoken digit analysis for native and non-native speakers
IAESIJAI
 
Group 1 Presentation -Planning and Decision Making .pptx
MatthewLewis227954
 

Computer Security

  • 1. Nizwa College of Technology Assignment 2 26s1368 Submitted to: Ms. Kalivani Submitted from: Hajer Mohamed Said Alriyami Submitted date: 16/3/2017 Computer security And Session management
  • 2. Nizwa College of Technology Assignment 2 26s1368 INTRODUCTION What is Computer Security? Computer Security is the protection of computing systems and the data that they store or access. Why is Computer Security Important? Computer Security allows the University to carry out its mission by:  Enabling people to carry out their jobs, education, and research  Supporting critical business process  Protecting personal and sensitive information Why do I need to learn about Computer Security? Isn't this just an I.T. problem? Good Security Standards follow the "90 / 10" Rule:  10% of security safeguards are technical.  90% of security safeguards rely on the computer user ("YOU") to adhere to good computing practices Example: The lock on the door is the 10%. You remembering to lock the lock, checking to see if the door is closed, ensuring others do not prop the door open, keeping control of the keys, etc. is the 90%. You need both parts for effective security What Does This Mean for Me?  This means that everyone who uses a computer or mobile device needs to understand how to keep their computer, device and data secure. o --> Information Technology Security is everyone's responsibility!  Members of the UCSC community are also responsible for familiarizing themselves and complying with all University policies, procedures and standards relating to information security --
  • 3. Nizwa College of Technology Assignment 2 26s1368 Security Objectives  Learn "good computing security practices."  Incorporate these practices into your everyday routine. Encourage others to do so as well.  Report anything unusual - Notify your supervisor and the ITS  Support Center if you become aware of a suspected security incident Sessionsand SessionManagement Access Manager sessionmanagement refers to the process ofmanaging the lifecycle requirements of a session, and notification of sessionevents to enable global logout. Administrators can configure Access Manager session lifecycle settings using the Oracle Access Management Console. Here, we will look at several different tools and techniques for managing sessions in the database. Users are very important to a DBA in many ways, but first they are the reason why there is need for a DBA. Users (either real or their electronic counterparts) are what keep the database in motion. Managing sessions means the DBA must monitor, tune and troubleshoot the entire outstanding user's activity in the oracle instance. We have different faces of database activity throughout the day, and over weeks, months, and years. It looks like the same data behaving differently throughout a given period, so there will be moments when the database is reported to be slow, there will be times when the database apparently will hang, and there will be other times when the database's performance will look normalfrom the user's perspective. What is the reason why the database's performance changes? Monitoring, diagnosing, and troubleshooting sessions involve several tools and techniques; specific sections of Enterprise Manager are focused on session management, as we will see throughout this report. The exposed tools behave the same on Unix like and Windows environments; except the troubleshooting last resource, killing the session, which has specific behaviors on Windows platforms due to the specific architecture implementation, and we will have to deal with it by using the oracle tool. In this context the user sessioncan either be a session generated by a real user or by a program directed to perform some activity against the
  • 4. Nizwa College of Technology Assignment 2 26s1368 database. This session can be connected either in dedicated or shared mode. User sessions in a dedicated server architecture When a user requests a remote connection to the database it must first contact the listener. The listener redirects the request to the Oracle Instance. This will spawn a new Oracle Server Process, which from now on will be the process who will interface the user with the database; if the connection to the database is local to the machine, it may be established across the network or by Inter-Process Communication(IPC) , and the Oracle server process will be spawned too. This Oracle server process will be assigned to the user for the whole time the user remains attached to the database. The new user sessionwill be assigned a Serial Number and a SessionId. These are the numbers used to uniquely identify a user connected to the database. The serial number guarantees that session- level commands are applied to the correct sessionobjects in case a new session is started with the same SID. A user session can be initially monitored with the V$SESSION dynamic view. The PMON background process registers the Oracle instance against the Listener (in a self registration configuration), PMON registers information about dedicated server processeswith the Listener. A User Processstarts a connection against the Oracle instance by looking for the Listener, the Listener redirects the user process to the oracle Server Processand the dialog will be conducted from now on between the oracle server process and the user process. Foreach active connection in
  • 5. Nizwa College of Technology Assignment 2 26s1368 a DedicatedServerArchitecture there will be one oracle Server Processonthe hostmachine. The connection through a dedicated server is the most widely used connection mode in most Oracle databases. Blocking sessions When two or more different sessions compete for the same row simultaneously, Oracle will immediately raise the lock enqueue mechanism, which lets one process at a time modify the row. The lock will be released once the transaction is finished (after a commit or rollback command is issued). The first process that takes the row locks it, meanwhile the other processes will have to wait. If this wait time is visible to the user then it can be misinterpreted as a slow performance problem. Blocking sessions are issues that should be solved at the program level, but in the mean time it is the DBA's responsibility to detect them and fix them. A blocking sessionmay be normal during productiontime, this is not the real problem. Oracle is prepared to queue sessions, the real problem begins when a session hangs and leaves the other session indefinitely waiting for the row lock to be released. Code use: Create sessionmangers limit Create usermanger1 identified by 123; Grant create sessionto manger1 identified by 123; Alter user manger1 sessionmangers; alter sessionmangers limit password_life_time 10/1440 password_grace_time 2/1440;
  • 6. Nizwa College of Technology Assignment 2 26s1368 create tablespaceschool_ts datafile 'c:tempschool.dbf' size 100M extent management localautoallocate segmentspace management; create temporary tablespace schooltemp_ts tempfile 'c:tempschooltmp.dbf' size 20M reuse extent management local uniform size 10M; alter user manger1 quota 500 on school_ts; Reference: https://www.safaribooksonline.com http://its.ucsc.edu/policies/index.html its.ucsc.edu/security/training/intro.html https://docs.oracle.com/cd/E27559_01/admin.1112/.../session.htm