Chapter 7. Privilege Analysis

In this chapter, we will cover the following tasks:

  • Creating a database analysis policy
  • Creating a role analysis policy
  • Creating a context analysis policy
  • Creating a combined analysis policy
  • Starting and stopping privilege analysis
  • Reporting on used system privileges
  • Reporting on used object privileges
  • Reporting on unused system privileges
  • Reporting on unused object privileges
  • How to revoke unused privileges
  • Dropping the analysis

Introduction

Privilege analysis is a new security feature, introduced in Oracle Database 12c. It is only available in Oracle Database Enterprise Edition, and from licensing viewpoint, it is part of Oracle Database Vault option.

Privilege analysis is very useful to implement and maintain the least privilege ...

Get Oracle Database 12c Security Cookbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.