1. The document discusses database security and authorization concepts through a series of questions and answers. It covers topics like creating and assigning roles, granting privileges to users, creating and modifying database objects, and assigning roles and privileges. 2. Various SQL commands are demonstrated such as CREATE ROLE, GRANT, REVOKE, CREATE TABLE, INSERT, UPDATE, DELETE to create roles, assign privileges to users and roles, and allow users to create, modify and view database objects. 3. The questions cover scenarios like creating and assigning roles with privileges, allowing users to create objects, modifying object data, assigning object and system privileges to roles, and displaying assigned privileges.

1. Database Security
https://www.oercommons.org/search?f.search=database+security&f.ge
neral_subject=&f.sublevel=&f.alignment_standard=
Dr. Girija Narasimhan 1
OER- UNIT 3 Authorization
Exercise Solution

2. Question 1,2,3
1.Create Role Manager.
create role manager;
2. The role Manager has create table privilege.
grant create table to manager;
3. create user induja which has unlimited tablespace and assign 100m quota. Then assign manager
role to user induja.
grant create session to induja identified by induja123;
grant unlimited tablespace to induja;
alter user induja quota 100m on users;
or
alter user induja quota unlimited on users;
or
while creating user assign default tablespace and quota
Dr. Girija Narasimhan 2

3. Question 4,5,6
Dr. Girija Narasimhan 3
4. Assign manager role to user induja.
grant manager to induja;
5. Connect the user session Induja and create table STAFF and insert values.
Conn : induja/induja123
CREATE TABLE STAFF (STAFF_ID NUMBER(4) PRIMARY KEY, STAFF_NAME VARCHAR2(15), SALARY
NUMBER(8));
INSERT INTO STAFF VALUES(11,'NABRAS', 40000);
INSERT INTO STAFF VALUES(12,'SENTHIL',60000);
INSERT INTO STAFF VALUES(13,'AMBU',55000);
commit;
6. Display Staff table
Select * from staff;

4. Question 7,8,9
7. Modify the salary of Staff_id 13 as 65000
update staff set salary=65000 where staff_id=13;
8. The user sinduja assign create table privilege to user arvind; [Hint: conn sinduja and give privilege]
grant create table to sinduja with admin option;
conn sinudja/sinduja123
grant create table to arvind;
9. Login Arvind, create course table and insert values [hint: assign tablespace unlimited]
CONN arvind/arvind123
create table course(course_id number(5) primary key, course_name varchar2(10));
insert into course values(1,'DB');
insert into course values(2,'SE');
insert into course values(3,'NT'); Dr. Girija Narasimhan 4

5. Question 10,11,12,13
10. Delete course_id 3
delete from course where course_id=3;
11. Insert course_id as 13 and course_name is "NT"
insert into course values(13,'NT');
12. Modify the course name as "BUSS" for course_id 13
UPDATE COURSE SET COURSE_NAME='BUSS' WHERE COURSE_ID=13;
13. Create user Meenu, assign select privilege of staff_id, salary column of staff table; [Hint:
create view staffview]
grant create seSsion to meenu identified by me;
CREATE VIEW STAFFVIEW AS SELECT STAFF_ID,SALARY FROM INDUJA.STAFF
grant select ON STAFFVIEW to meenu;
Dr. Girija Narasimhan 5

6. Dr. Girija Narasimhan 6
Question 14,15,16,17
14. Display Object privileges assign to user Meenu.
select * from DBA_TAB_PRIVS where grantee='MEENU';
15. Assign Update column privilege of staff_name, salary of staff table to new role admin_staff.
CREATE ROLE ADMIN_STAFF;
GRANT UPDATE(STAFF_NAME,SALARY) ON INDUJA.STAFF TO ADMIN_STAFF;
16. Remove update privilege of salary column from role admin_staff
REVOKE UPDATE ON INDUJA.STAFF FROM ADMIN_STAFF;
GRANT UPDATE(SALARY) ON INDUJA.STAFF TO ADMIN_STAFF;
17. Create role "HR_HEAD", assign "HR_HEAD" to manager. Assign manager role to Meenu.
CREAE ROLE HR_HEAD;
GRANT HR_HEAD TO MANAGER;
GRANT manager TO MEENU;

7. Question 18,19,20
Dr. Girija Narasimhan 7
18. Display Role assign to user Meenu.
select * from DBA_role_privs where GRANTEE='MEENU';
19. Display Role assign to role Manager
select * from ROLE_role_privs where ROLE='MANAGER';
20. Assign all the privilege of course table to role admin_staff
GRANT ALL ON ARVIND.COURSE TO ADMIN_STAFF;