See Also:Oracle Database 2 Day + Security Guide for information about Oracle Database security
This chapter contains the following topics:
The following SQL statement creates a database user and password. The user will use a tablespace called
default_tablespace by default; its temporary tablespace is called
temp_tablespace. Tablespaces for Data Mining users should be assigned according to standard DBA practices, depending on system load and system resources.
CREATE USER dmuser IDENTIFIED BY password DEFAULT TABLESPACE default_tablespace TEMPORARY TABLESPACE temp_tablespace QUOTA UNLIMITED on default_tablespace;
You must be logged in as a system administrator to create users and grant privileges.
Note:To create a user that can use the Data Mining sample programs, you need to run two configuration scripts as described in "Create a Data Mining Demo User".
GRANT create mining model TO dmuser; GRANT create procedure TO dmuser; GRANT create session TO dmuser; GRANT create table TO dmuser; GRANT create sequence TO dmuser; GRANT create view TO dmuser; GRANT create job TO dmuser; GRANT create type TO dmuser; GRANT create synonym TO dmuser;
CREATE MINING MODEL privilege is required for creating models. The other privileges may not be required for some mining activities, however it is prudent to grant them all as a group.
SELECT access to the data being mined is always required. The following example allows
dmuser to mine data in the
CUSTOMERS table in the
GRANT SELECT ON sh.customers TO dmuser;
EXECUTE access to the Oracle Text package
ctxsys.ctx_ddl is required for text mining.
GRANT EXECUTE ON ctxsys.ctx_ddl TO dmuser;
Additional access rights are required for exporting and importing mining models, as described in "Exporting and Importing Mining Models".
Additional system and object privileges described in the following sections can be used to enable or restrict particular mining activities.
A system privilege confers the right to perform a particular action in the database or to perform an action on a type of schema objects. For example, the privileges to create tablespaces and to delete the rows of any table in a database are system privileges.
To grant a system privilege, you must either have been granted the system privilege with the
ADMIN OPTION or have been granted the
GRANT ANY PRIVILEGE system privilege.
The system privileges listed in Table 4-1 are required for performing specific operations on mining models.
|System Privilege||Allows you to ....|
Create mining models in your own schema.
Create mining models in any schema.
Change the name or cost matrix of any mining model in any schema.
Drop any mining model in any schema.
Apply a mining model in any schema, also view model details in any schema.
An object privilege confers the right to perform a particular action on a specific schema object. For example, the privilege to delete rows from the
SH.PRODUCTS table is an example of an object privilege.
A user automatically has all object privileges for schema objects contained in his or her schema. A user can grant any object privilege on any schema object he or she owns to any other user or role.