Sie sind auf Seite 1von 2

Week 4 Written Assignment Stored Procedures as a Security Measure

In our readings we have learned the importance of connections and the use of stored procedures
and functions. For this assignment we will look at stored procedure and function methods
related to securing connections and data in the database.
Note: Dont forget your Oracle 11g documentation resource for the how to examples.
For this assignment you are required to do BOTH Part A and Part B
Part A
Submit short answers that discuss the following questions:
1. What are the advantages of using stored procedures and functions in Oracle?
2. Oracle automatically tracks all object interdependencies for every PL/SQL stored
object. What does this include? When does Oracle automatically recompile a stored
procedure?
3. What is gained when using stored procedures in a client/server environment?
What is the difference between stored procedures and function? When you create a
procedure or function, you may define parameters. What types of parameters can be
declared?
Lab Password Policy
Your task is to develop a single SQL script that will perform all the following tasks of enforcing
password complexity:
1. Connect to SYS user.
2. Create a password complexity function (named as "is481_password") to enforce the following
requirements so that the password

Is at least six (6) characters long


Differs from the user name
Has at least one alpha, one numeric, and one punctuation mark character
Is not simple or obvious, such as welcome, account , oracle, database , or user.
Differs from the previous password by at least 3 characters

Please note the exact spelling on the function name is REQIRED.


Please note the double quotation mark (") was not a part of the specified function name.
3. Create a profile named is481_prof with the following specifications. Please note the exact
spelling on the profile is REQIRED. Test your code before submission.

Number of days the password is valid before it is aged out.


Number of days ahead of expiration the user is warned about the
password expiration.
Number of days before a password can be reused.
Number of times a password can be reused.
Number of failed login tries allowed before the account is locked.
Number of days an account is locked due to failed login tries
PASSWORD_VERIFY_FUNCTION

60 days
1 day
30 days
UNLIMITED
3
13 days
is481_password

4. Assign the above profile to user DBSEC that you have already created. (15 points)
Tips:
1. One SQL(PL/SQL) file is required to complete all the above tasks.
3. Typical syntax on connecting to SYS is: "conn sys/password as sysdba;"
Submission Requirement:
The SQL script file and the screen capture of your creation will be required for full credit.