MOdule Four..doc.doc.doc


Published on

  • Be the first to comment

  • Be the first to like this

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

MOdule Four..doc.doc.doc

  1. 1. Module 4. Overview It is of fundamental importance to understand Oracle Database architecture. We have discussed some of these topics in the previous modules. In this module, we will cover these topics in details from the point of view of database administrators. To a student beginning to learn Oracle database, it is difficult to visualize Oracle Database architecture without GUI tools. We will use the GUI tools provided by Oracle, such as Oracle Enterprise Manager Console, in our study. Students learn not only these powerful tools but also the Oracle database architecture. 1. Introduction to Oracle Database architecture In this section, the discussion on Oracle Database architecture is divided into the following topics. 2. Database and instance. 3. Oracle network 4. Database storage, tablespaces and datafiles. 5. Schema and schema objects 6. Other database components. II. Introduction to Oracle security. This section focuses on management of Oracle database access through user accounts and database privileges. The topics include establishment of user accounts and manage system, schema object privileges and roles. It is also covered how to grant or revoke a database privilege and to tune database access with roles. III. Introduction of Oracle database dictionary views. The data dictionary is key information resource used by Oracle itself and users as well. The concept of data dictionary will be discussed. Students will learn how to look up for information about an Oracle database. IV. Learning GUI tool to view and manage database. 1. Oracle enterprise Manager Console. 2. Create a database after installation and configure Oracle Network. V. Assignment. References and review questions are listed. Objectives At the conclusion of this module, the student will be able to: • Understand Oracle database architecture. • Understand Oracle database instance, memory structure, user and Oracle processes. • Understand Oracle network. • Create tablespaces and manage database storage and schema objects. • Understand basic Oracle security, user account, role, system and object privileges. and create user account and grant or revock database privileges. • Understand and use Oracle data dictionary views. • Use Oracle Enterprise Manager Console.
  2. 2. Contents I. Introduction to Oracle Database architecture. Basic Oracle database architecture consists of database server and Oracle network. Oracle database server provides database services to any Oracle database clients. Oracle clients are all considered as remote database users. In other words, Oracle clients connect to an Oracle database through a network, even though the clients may be local. This is a typical distributed database system or client-server environment, in which a task is shared between a server and a client. We start with Oracle database server and then discuss Oracle network. In recent years, Oracle has developed a set of GUI tools to help Oracle database administrators (DBA) manage their databases. Oracle Enterprise Manager Console is one of those tools. With this tool, an Oracle database can be easily monitored and its structure can be clearly seen. In this section, we use Oracle Enterprise Manager Console as a tool to help you understand Oracle Database architecture. Part IV of this module provides the instructions on how to use these tools. Figure 1 is a snapshot of Oracle database server from the Oracle Enterprise Manager Console. On the left side under Database folder, there are multiple databases displayed. The blue highlighted database, YUDB, is further extended to reveal all the components in the database. “System” indicates that the user, system, logged in at the moment. Under YUDB, there are eight components, instance, schema, security and storage, etc. Every Oracle database has the same structural organization as shown in YUDB. In this section, each of these components will be discussed. On the right side of Figure 1, it shows the database name and communication information and also will be discussed later when we discuss Oracle network. Figure 1. The organization of an Oracle Database. 1. Database and instance.
  3. 3. When an Oracle database started, several events occur almost spontaneously, including allocating memory, mounting database, and starting oracle processes. After an Oracle database instance is up and running, users can access their data in the database. A user process, including connection and user session, would be established for the user as long as the user stay connected. Even through this is an over simplified description of how an Oracle database server works, it does strike two important facts about an Oracle database instance. One is the allocation of system memory and the other is the start up of both Oracle and user processes. A. The memory architectures of an Oracle instance. The basic memory structures of an Oracle instance include System Global Area (SGA), Program Global Areas (PGA) and Software Code Areas. Each of these memory areas has its own function and stores the information required to accomplish user’s requests. The followings are the discussion of each of theses memory areas. a. System Global Area (SGA) A SGA is allocated when an Oracle instance starts and shared by Oracle processes and multiple users concurrently connected to the instance. It is a group of memory structures, including the database buffer cache, the redo log buffer, the shared pool, the large pool, the data dictionary cache and other miscellaneous information. The information stored in SGA is accessed each time when user requests are processed. • Database Buffer Cache The database buffer cache holds copies of data blocks read from datafiles and is shared by all user processes concurrently connected to the instance. The Figure 2 shows how a database buffer cache works in SGA. Figure 2. Database buffer cache in SGA. When a user process access the database buffer cache to process a user request, it first searches the cache to see whether the data required is available in the cache. It reads the data from cache if it finds the data (called cache hit), or it loads the data from the datafiles if it does not find the data (cache miss). In the case of cache miss, the user process first find a free buffer in the least recently used list (list 1 in Figure 2) of the cache and load the data. If not, it signals the oracle process to move the dirty buffer to write list. The oracle process then manages the write list and writes the data to disk as necessary.
  4. 4. The properties of database buffer cache can be set or modified during or after installation, including size of the database buffer cache and multiple buffer pools. The more detailed discussion on this topic can be found in Database concepts of Oracle documentation . • Redo Log Buffer The redo log buffer is the memory area allocated to hold the information about changes made to the database. The information is copied from user’s memory space by Oracle server process and is stored in redo entries that is a log containing the changes made by INSERT, UPDATE, DELETE, CREATE, ALTER, or DROP operations. The data in the redo log buffer is written to a disk periodically by an Oracle server process and used for database recovery whenever it is necessary Figure 3. the structure of the redo log buffer. The redo log buffer is a circular memory. Oracle process, log writer, writes the data to the redo log files in the database on a physical disk if there is not enough room for newer redo entries.
  5. 5. • Shared Pool The shared pool in the SGA consists of library cache, dictionary cache, and control structures. It is shared among user processes. For instance, data dictionary is stored in library cache and dictionary cache in the shared pool and accessed by almost every database user process. Others include the shared SQL areas, private SQL areas, PL/SQL procedures and packages, and control structures such as locks and library cache handles. b. Program Global Areas (PGA) A program global area (PGA) is a memory region containing data and control information for a single process (server or background). Consequently, a PGA is sometimes called a process global area. A PGA is nonshared memory area to which a process can write. One PGA is allocated for each server process. The PGA is exclusive to that server process and is read and written only by Oracle code acting on behalf of that process. A PGA is allocated by Oracle when a user connects to an Oracle database and a session is created, though this varies by operating system and configuration. A PGA always contains a stack space, which is memory allocated to hold a session's variables, arrays, and other information. If the instance is running without the multi-threaded server, the PGA also contains information about the user's session, such as private SQL areas. If the instance is running in multi-threaded server configuration, this session information is not in the PGA, but is instead allocated in the SGA. B. Oracle and user processes Generally speaking, a process is a mechanism in an operating system that can execute a series of steps. In most cases, a memory area is allocated specifically to run the process. In an Oracle database system, there are two types of the processes running to accomplish the database tasks requested by users. Oracle processes and user processes.
  6. 6. • User processes execute the customized applications, such as Oracle forms and reports, or Oracle tool code, such as SQL*Plus. • Oracle processes, including server processes and background processes, execute the Oracle server code, such as Redo log writer. Oracle processes How server processes and background processes are structured depends on the configuration of an Oracle database server. Two most popular ways to configure an Oracle database server are dedicated server and multi- threaded server. In a dedicated server, for each user, a set of server processes is dedicated to accomplish the user requests. While in a multi- threaded server, multiple user processes share a set of Oracle server processes to complete the tasks. Figure 4 shows how each architecture works. Figure 4. Oracle server architecture.
  7. 7. Server processes are created when user log onto the database instance. These processes parse and execute SQL statements or read the data from the datafiles or return the result to the user. The background processes include Database Writer (DBW0 or DBWn), Log Writer (LGWR), Checkpoint (CKPT), System Monitor (SMON), Process Monitor (PMON), Archiver (ARCn), Recoverer (RECO), Lock (LCK0), Job Queue (SNPn), Queue Monitor (QMNn), Dispatcher (Dnnn), Server (Snnn). Background processes are created automatically when an instance is started. These processes work with the server processes to complete user’s requests and also perform routine check up of the server state or write log files and archive files. For the more detailed discussion on the topics, see Oracle processes in Database concepts. User Processes A user process is established when a user accesses the Oracle database instance. A user process consists of a connection and a session. A connection handles the communication of a user process to an Oracle instance. A session connects a user to an Oracle instance and is established when a user loges onto the server. It lasts from the time the user connects until the time the user disconnects or exits the database application. C. Monitor an Oracle database instance. After an Oracle instance is created, it is routinely monitored by a DBA. Oracle Enterprise Manager, powerful and easy to use, is one of the tools used to monitor an Oracle database. In Figure 5 and 6, the information about the instance, YUDB, is displayed by using Oracle Enterprise Manager console. Learn more about how to use Oracle Enterprise Manager console later in section IV. Figure 5. Oracle instance, YUDB. On the left side of the Figure, under YUDB-system, the instance is fully expended. Under session folder, there are six background processes running currently and one user, system, logs on the instance. More information can be displayed on the right if the sessions folder or any individual session is highlighted. The configuration is highlighted and the general information about instance is shown on the right side of the figure, including state (open/shutdown), host name, instance name and etc. Click on “All Initialization Parameters” button to see all the parameter settings.
  8. 8. Figure 6. Instance memory and user session parameters. On the right side, the memory settings are displayed and can be modified. 700 concurrent users can log on the server. 2. Oracle network Oracle database is a distributed system. Any tasks users request are shared and accomplished by the client workstation and Oracle database server. The
  9. 9. communication between the client and the server is established by Oracle network. The basic structure of Oracle network is shown in Figure 7. Figure 7. Oracle network architecture. Net8 uses either of the two ways to establish connection and data transmission throughout the network. One way is the communication protocols (such as TCP/IP), a set of standards that govern the transmission of data across a network and the other is the application programmatic interfaces (APIs), a set of subroutines that provide, in the case of networks, a means to establish remote process-to-process communication via a communication protocol. Net8 drivers provide an interface between Oracle processes running on the database server and the user processes of Oracle tools running on other computers of the network. In order to establish the communication between client and server, the server must know there is a user request. This is done through a network listener process. When an Oracle instance starts, a listener, TNS listener, is up and running on the host as well. It opens a port (default 1521 for oracle database) and listens to the connection requests from users. The listener determines whether it should use a shared server process or a dedicated server process and establishes an appropriate connection and a communication pathway to the database. Oracle listener is configured using a file, listener.ora. Figure 8 shows two parts of the file. TNSnames.ora is another file used to define the communication information needed to connect to a database. Figure 9 shows a portion of the file used to connect to the Oracle database, YUDB. Figure 8. Listener.ora is used to configure the database listeners. In the Figure, it is a portion of an example Listener.ora file. The LISTENER entry defines the listening protocol address for a listener named LISTENER, and the SID_LIST_LISTENER entry provides information about the database service, including the global database name, the Oracle home location of the database, and the Oracle System Identifier (SID) of the instance.
  10. 10. Figure 9. TNSnames.ora is used to configure the connection descriptors for Oracle database and TNS in the filename stands for Transparent Network Substrate. A connect descriptor is comprised of one or more protocol addresses of the listener and connect data information for the destination service. The following example shows a The ADDRESS portion contains the listener protocol address, and the CONNECT_DATA portion contains the destination service information. In this example, the destination service is a database service named IN the section IV, you will learn how to configure an Oracle listener and create a TNS name for an Oracle database server. 3. Database storage, tablespaces and datafiles. Oracle database storage consists of both logical and physical structures. Figure 10 shows the storage organization of an Oracle database displayed in Oracle Enterprise Manager console. Tablespaces are the logical storage structure in Oracle database associated with the physical files, datafiles. In addition to datafiles, the physical structures that Oracle uses to store the data and information about database include control files, redo log files and archived files. Each Oracle database contains at least one rollback segment used to store the changed data for read consistency and data recovery.
  11. 11. Figure 10. The storage organization of an Oracle Database. Tablespaces are the only logical structure used to organize the physical structure of the database. Each tablespace contains at least one datafile. The size of a tablespace is determined by the size and number of datafiles in the table space. In most cases, there are multiple tablespaces in an Oracle database. There is no limitation on how the tablespaces are used in the database. However, tablespaces are commonly used to organize the database storage by storing highly related information together in the same tablespace. For instance, system tablespace stores system information, such as data dictionary. It is a good practice that each customized task has a designated tablespase to store the information related to the task. The database files are the physical storage of an Oracle database even though it appears that the data is stored in tablespaces. A. Control files. Control files are not in any tablespaces. A control file contains the physical structure of the database, the database name, names and locations of associated databases and online redo log files, the timestamp of the database creation, the current log sequence number and Checkpoint information. The control file of an Oracle database is created at the same time as the database. By default, at least one copy of the control file must be created during database creation. On Window NT, Oracle creates multiple copies. The users are encouraged to duplicate the control file in more then one locations to ensure the safe guard critical information about the database.
  12. 12. B. Datafiles. Datafiles are always associated with a tablespace. They are the storage place of a variety of data in an Oracle database. A tablespace may contain more than one datafiles, however, a datafile can only be in one tablespace. The data associated with schema objects, such as a table, in a tablespace is physically stored in one or more of the datafiles as shown in Figure 11. In Figure 11, the data in Example table is stored in both datafile 1 and 2. Therefore, a schema object does not correspond to a specific datafile; rather, a datafile is a repository for the data of any schema object within a specific tablespace. Figure 11. Usage of datafiles in a tablespace. C. Redologfiles. The most crucial structure for recovery operations is the online redo log, which consists of two or more pre-allocated files that store all changes made to the database as they occur. Every instance of an Oracle database has an associated online redo log to protect the database in case of an instance failure.
  13. 13. D. Archivedfiles. An archived redo log file is a copy of one of the identical filled members of an online redo log group: it includes the redo entries present in the identical members of a group and also preserves the group's unique log sequence number. If you enable archiving, LGWR is not allowed to reuse and hence overwrite an online redo log group until it has been archived. Therefore, the archived redo log contains a copy of every group created since you enabled archiving. The tablespace can be created in SQL*Plus with the DDL command “CREATE TABLESPACE”. However, we will learn to create a tablespace with Enterprise Manage Console. Example of creating tablespaces 2. Schema and schema objects. A schema is a collection of database objects, also known as schema objects, including the logical structures like tables, views, sequences, stored procedures, synonyms, indexes, clusters, and database links. Each user account owns a schema and the objects created with this user account are located in the schema. However, there is no relationship between a tablespace and a schema. Objects in the same schema can be in different tablespaces, and a tablespace can hold objects from different schemas.
  14. 14. Tables A table is the basic unit of data storage in an Oracle database. The tables of a database hold all of the user-accessible data. Views Views do not actually contain or store data; rather, they are the pointers to the data in the tables. The table that a view is based on is referred to as the base table. Views can be based on tables and/or other views. There are two major benefits using views instead of tables, one is that a view can limit access to the data in a table and provide an additional level of table security. Second is that a view hides the complexity of the data and simplify the query. Materialized views A materialized view, also known as snapshot, is built on query as well and provides indirect access to table data. Unlike an ordinary view, which does not take up any storage space or contain any data, a materialized view contains the rows resulting from a query against one or more base tables or views. A materialized view can be stored in the same database as its base table(s) or in a different database. Sequences A sequence generates a serial list of unique numbers for numeric columns of a database's tables. Sequences simplify application programming by automatically generating unique numerical values for the rows of a single table or multiple tables. Program Units Program units refer to stored procedures, functions, packages, triggers, and anonymous blocks. Synonyms A synonym is an alias for a schema object, such as a table, view, sequence, or program unit. Synonyms can be either private or public. The can be used to hide the real name and owner of a schema object, provide public access to a schema object. Indexes Indexes are optional structures associated with tables, which can be created to increase the performance of data retrieval. Just as the indexes in any books, an Oracle indexes provide a faster way to locate specific information in the database. Indexes are logically and physically independent of the data. They can be dropped and created any time with no effect on the tables or other indexes. If an index is dropped, all applications continue to function; however, access to previously indexed data may be slower. Clusters and Hash Clusters In an Oracle database, there is no limitation on where database tables are written in a datafile. If the data in closely related tables are physically dispersed in the datafile, the performance of data sorting can be affected. In this case, the optional structures of Clusters and hash clusters can be created to improve the performance of data retrieval.
  15. 15. Clusters are groups of one or more tables physically stored together. The tables in a cluster share common columns and are often used together. These related columns are called cluster key and are indexed so that rows of the cluster can be retrieved with a minimum amount of I/O. Like indexes, clusters do not affect application design. Whether or not a table is part of a cluster is transparent to users and to applications. Hash clusters also cluster table data in a manner similar to normal, index clusters (clusters keyed with an index rather than a hash function). However, a row is stored in a hash cluster based on the result of applying a hash function to the row's cluster key value. All rows with the same key value are stored together on disk. Hash clusters are a better choice than using an indexed table or index cluster when a table is often queried with equality queries (for example, return all rows for department 10). For such queries, the specified cluster key value is hashed. The resulting hash key value points directly to the area on disk that stores the rows. Dimensions A dimension defines hierarchical (parent/child) relationships between pairs of columns or column sets. Each value at the child level is associated with one and only one value at the parent level. A dimension schema object is a container of logical relationships between tables and does not have any data storage assigned to it. Database Links A database link is a named schema object that describes a path from one database to another. Database links are implicitly used when a reference is made to a global object name in a distributed database.
  16. 16. 3. Other database components. The detailed discussion of the following topics is beyond the scape of the course. The more information can be found here in Oracle documentation. Replication Replication is the process of copying and maintaining database objects, such as tables, in multiple databases that make up a distributed database system. OLAP On-line Analytical Processing (OLAP) applications perform complex analysis of data stored in a data warehouse. JVM Oracle JVM (Java Virtual Machine) stores and executes CORBA and EJB components authored in Java. Client applications use a name service to access these components. Workspace A workspace is a virtual environment that one or more users can share to make changes to the data in the database.
  17. 17. 1. Introduction to Oracle security. An Oracle database is a distributed system and there is always sensitive data in a database. Therefore, Oracle database security is always an issue to be concerned. The Oracle security becomes a bigger issue since currently the more and more database applications move towards internet. In a typical client/server environment, access to an Oracle database requires a user name and password. The scope of a user access is determined by the database privileges pre-assigned to the user account. Even though this is still an effective way to manage the Oracle database access, it is not good enough to serve the internet users in current technology world. For instance, in a multi-tier environment, a user may not be allowed to log on an Oracle database directly, and the user name and password used to log onto a web server may not be the same as that required to log on an Oracle database. This raises a typical issue on synchronizing user credentials in a broad network or “single sign on”. Furthermore, the protection of the user’s credentials passing through internet becomes an even bigger issue to be considered. Discussion on these issues is important, however, it is beyond the coverage of this course. In this section, we will focus on how a user account and its access privileges are managed to provide secure and limited access to a customized Oracle database. 4. User accounts. Any activities performed on an Oracle database require the user login. It is a task for Oracle database administrators (DBA) to create, assign and manage a user account. To establish a user account, a DBA creates a database user and a password. However, it is not enough to even log into an Oracle database with only user name and password. A set of database privileges must be assigned to the user account, such as login privilege like “create sessions” and use of a tablespace. 5. Database privileges: system, object privileges and roles. In an Oracle database, privileges are the rights to access the database and perform a database task, such as making a table or querying data from a table. These privileges can be granted and revoked as well. There are two major categories of database privileges, system, and object privileges. Each of them is discussed below. System privileges. A system privilege is the right to perform a particular action, or to perform an action on any schema objects of a particular type. For example, the privileges to create tablespaces and to delete the rows of any table in a database are system privileges. There are over 60 distinct system privileges. Object Privileges. Object privilege is a privilege or right to perform a particular action on a specific schema object, including tables, views, sequences, procedures, functions and packages. Different object privileges are available for different types of schema objects. For example, the privileges to a table include “select”, “insert”, “update” and “delete” etc. The privilege associated with a procedure is “execute”.
  18. 18. In an Oracle database, Privileges are defined in great details based on what type of action each privilege could allow. Privileges can be grouped together. Such a group of privileges is referred to as a role. A role, like privileges, can be granted or revoked. In general, a role is used to manage the privileges for a database application or to manage the privileges for a user group. 6. Create user and Grant or revoke a privilege. A user account can be created with SQL DDL CREATE USER command. The syntax is shown below, CREATE USER user_name IDENTIFIED BY password DEFAULT TABLESPACE tablespace_name QUOTA size allocated ON tablespace_name TEMPORARY TABLESPACE tablespace_name QUOTA size allocated ON tablespace_name PROFILE profile_name PASSWORD EXPIRE; In this syntax, only “CREATE USER user_name IDENTIFIED BY paswword” is mandatory. The others can be defaulted by Oracle if they are not specified during the creation. The user created with this command can not connect to the database until the proper system privileges are granted to the user. The privileges can be granted or revoked by the following DDL command, GRANT privilege_name, ---- TO user_name; Or REVOKE privilege_name, --- FROM user_name; If a user account should be closed, DDL command, DROP USER user_name can be used. However, it should be done with caution, because DROP USER command essentially remove everything belong to the user from the database, including entire schema. Execution of these commands in SQL*Plus can establish a user account with litter effort. However, in this section, we use the Oracle tool, Enterprise Manage Console, to create a user with proper database privileges. Click the following link and follow the instruction to create a user. The example of creating a user. Note: please review the section IV to learn how to start and use Enterprise Manage Console before doing these exercises. 7. Fine tune database access by creating roles. The role, as stated above, is a collection of the database privileges, including system and object privileges and can be granted to a user. A role can contain other role or roles. Because of the flexibility in building a role, it provides the opportunity to fine tune the access scope for a particular group of users. The example of building a role. Note: please review the section IV to learn how to start and use Enterprise Manage Console before doing these exercises. 1. Introduction of Oracle database dictionary views. Oracle data dictionary is one of the most important parts of an Oracle database. It contains a set of read-only tables and is owned by the user, SYS and located in
  19. 19. system tablespace of the database. The data dictionary is uploaded into the SGA (data dictionary cache) for fast access whenever an Oracle database instance starts. It provides the information about almost every aspect of the Oracle database, including the definitions of all schema objects in the database, default values for columns, integrity constraint information, the names of Oracle users, privileges and roles each user has been granted and auditing information, such as who has accessed or updated various schema objects. The data dictionary of an Oracle database consists of both base tables and user-accessible views. Only Oracle has the right to directly write to these base tables because the importance of the data to the database. The most data in these tables is stored in cryptic format. Any users who need the information about the database can only query the user-accessible views. Those views are also accessible to the users based upon their own privileges. There are three types of the prefixes in front of view names to indicate the scope of content. Most popular ones are listed below, USER_ user's view (what is in the user's schema) ALL_ expanded user's view (what the user can access) DBA_ database administrator's view (what is in all users' schemas) The data dictionary views with three types of the prefixes. They can be composed by put prefix and name together. For instance, USER_TABLES ALL_TABLES and DBA_TABLES. The followings are the views that are often used to retrieve the information about schema objects. USER_ , ALL_, DBA_CATALOG USER_ , ALL_, DBA_CONSTRAINTS USER_ , ALL_, DBA_CONS_COLUMNS USER_ , ALL_, DBA_ERRORS USER_ , ALL_, DBA_INDEXES USER_ , ALL_, DBA_OBJECTS USER_ , ALL_, DBA_SEQUENCES USER_ , ALL_, DBA_SYNONYMS USER_ , ALL_, DBA_TABLES USER_ , ALL_, DBA_TRIGGERS USER_ , ALL_, DBA_USERS USER_ , ALL_, DBA_VIEWS USER_ , DBA_TABLESPACES Dynamic performance tables are not true tables, and they should not be accessed by common users. However, database administrators can query and create views on the tables and grant access to those views to other users. These views are sometimes called fixed views because they cannot be altered or removed by the database administrator. SYS owns the dynamic performance tables; their names all begin with V_$. Views are created on these tables, and then public synonyms are created for the views. The synonym names begin with V$. For example, the V$DATAFILE view contains information about the database's datafiles, and the V$FIXED_TABLE view contains information about all of the dynamic performance tables and views in the database.
  20. 20. 2. Use GUI tool to view and manage database. Oracle provides a set of GUI tools to manage an Oracle database. In Window NT/2000, almost every task can be accomplished with one or the other GUI tools Oracle provides. In this section, we learn Oracle Enterprise Manager Console tool, one of most powerful and complete database management system. We also learn how to create an Oracle database and configure TNS listener and TNS names using database configuration assistant and net configuration assistant. Oracle enterprise Manager Console. Create a database after installation and configure Oracle Network. 3. Assignment. 8. Suggested reading. Database Concepts Database Administration Guide SQL References 9. Review questions. • What are database instance, SGA and ? • How is security enforced in Oracle database? • How to create user? • What are roles, system privileges and object privileges? • What privileges are there in the roles, connect and resource respectively? • What are tablespaces and datafiles? • How to create tablespace? • What is data dictionary? • What is the deference in USER_ , ALL_ , AND DBA_ views or tables. • What a user who is not DBA sees if he accesses USER_TABLES and ALL_TABLES views.