Glossary

alert log

A file that contains important information and error messages that are generated during database operations.

authenticate

To verify the identity of a user, device, or other entity in a computer system, often as a prerequisite for allowing access to resources in a system.

authorization

Permission given to a user, program, or process to access an object or set of objects. In Oracle Database, authorization is done through the role mechanism. A single person or a group of people can be granted a role or a group of roles. A role, in turn, can be granted other roles.

backup

A representative copy of data. This copy includes important parts of your database such as control files, redo log files, and datafiles.

A backup is a safeguard against unexpected data loss; if you lose your original data, then you can use the backup to make the data available again. A backup is also a safeguard against an application error; if an application makes incorrect changes, then you can restore the backup.

certificate authority

A certificate authority (CA) is a trusted third party that certifies the identity of other entities such as users, databases, administrators, clients, and servers. The certificate authority verifies the user's identity and grants a certificate, signing it with one of the certificate authority's private keys.

COM

Microsoft's Component Object Model is an object-oriented programming architecture and a set of operating system services. These services notify application components of significant events and ensure that they are authorized to run. COM is intended to make it relatively easy to create business applications that work well with Microsoft Transaction Server.

component-based shadow copies

VSS snapshots of Oracle database components. Examples of components include tablespaces or archived redo logs.

connect descriptor

A specially formatted description of the destination for a network connection. A connect descriptor contains destination services and network route information. The destination service is indicated by using its service name for Oracle9i or Oracle8i databases or its Oracle system identifier for Oracle8 Release 8.0 databases. The network route provides, at a minimum, the location of the listener through use of a network address.

connect identifier

A net service name or service name, that maps to a connect descriptor. Users initiate a connect request by passing a username and password along with a connect identifier in a connect string for the services to which they want to connect, for example:

CONNECT username/password@connect_identifier

connect string

See net service name.

control files

Files that record the physical structure of a database and contain the database name, the names and locations of associated databases and online redo log files, the time stamp of the database creation, the current log sequence number, and checkpoint information.

credentials

A username, password, or certificate used to gain access to the database.

data dictionary

A set of read-only tables that provide information about a database.

database alias

See net service name.

decryption

Process of converting contents of a message that has gone through encryption (ciphertext) back into its original readable format (plaintext).

digital certificates

ITU X.509 v3 standard data structures that securely bind an identity to a public key. A certificate is created when an entity's public key is signed by a trusted identity, a certificate authority. The certificate ensures that the entity's information is correct and that the public key actually belongs to that entity.

digital signature

Digital signatures are created when a public key algorithm is used to sign messages with senders' private keys. A digital signature assures that a document is authentic, has not been forged by another entity, has not been altered, and cannot be repudiated by the sender.

downgrade

To convert the data in Oracle Database to an earlier Oracle release. See upgrade and migrate.

dynamic link library

An executable file that a Windows application can load when needed.

encryption

Process of disguising a message, rendering it unreadable to any but the intended recipient.

enterprise domains

Directory constructs consisting of Oracle Database and enterprise users and roles.

enterprise role

A directory structure which contains global roles on multiple databases, and which can be granted to an enterprise user.

enterprise user

A user that has a unique identity across an enterprise. An enterprise user connects to individual databases through a schema and is assigned an enterprise role that determines the user's access privileges on databases.

external procedures

Functions written in a third-generation language (C, for example) and callable from within PL/SQL or SQL as if they were PL/SQL functions or procedures.

external role

Roles created and managed by Windows operating systems. Once an external role is created, you can grant or revoke that role to a database user. You must set init.ora parameter OS_ROLES to true and restart Oracle Database before you can create an external role. You cannot use both Windows operating systems and Oracle Database to grant roles concurrently.

external routine

A function written in a third-generation language (3GL), such as C, and callable from within PL/SQL or SQL as if it were a PL/SQL function or procedure.

external user

A user authenticated by the Windows operating system who can access Oracle Database without being prompted for a password. External users are typically regular database users (non-database administrators) to which you assign standard database roles (such as DBA), but do not want to assign SYSDBA (database administrator) or SYSOPER (database operator) privilege.

external user

The Windows operating system can authenticate a user, who can then access Oracle Database without being prompted for a password. External users are typically regular database users (non-database administrators) to whom you assign standard database roles (such as DBA), but do not want to assign the SYSDBA (database administrator) or SYSOPER (database operator) privilege.

global groups

See Windows global groups.

global role

A role whose privileges are contained within a single database, but which is managed in a directory.

Globalization Support

The Oracle Database architecture that ensures that database utilities, error messages, sort order, date, time, monetary, numeric, and calendar conventions automatically adapt to the native language and locale.

HOME_NAME

Represents the name of an Oracle home. In Oracle Database 11g Release 2 (11.2), all Oracle homes have a unique HOME_NAME.

initialization parameter file

An ASCII text file that contains information needed to initialize a database and instance.

instance

Every Oracle Database is associated with an Oracle Database or Automatic Storage Management instance. When a database is started on a database server (regardless of the type of computer), Oracle Database allocates a memory area called the System Global Area and starts one or more Oracle Database processes. This combination of the System Global Area and Oracle Database processes is called an instance. The memory and processes of an instance manage the associated database's data efficiently and serve the users of the database.

instantiate

Produce a more defined version of some object by replacing variables with values (or other variables).

latch

A simple, low-level serialization mechanism to protect shared data structures in the System Global Area.

Lightweight Directory Access Protocol (LDAP)

A standard, extensible directory access protocol. It is a common language that LDAP clients and servers use to communicate. LDAP is a framework of design conventions supporting industry-standard directory products, such as Oracle Internet Directory.

listener

The Oracle Database server process that listens for and accepts incoming connection requests from client applications. The listener process starts Oracle Database processes to handle subsequent communications with the client; then it goes back to listening for new connection requests.

listener.ora

A configuration file that describes one or more Transparent Network Substrate (TNS) listeners on a server.

local groups

See Windows local groups.

local roles

Roles created and managed by the database. Once a local role is created, you can grant or revoke that role to a database user. You cannot use Windows (for external role management) and Oracle Database (for local role management) concurrently.

Microsoft Management Console

An application that serves as a host for administrative tools called snap-ins. By itself, Microsoft Management Console does not provide any functionality.

Microsoft Transaction Server

A transaction processing system based on COM that runs on an Internet or network server.

migrate

To upgrade or downgrade an Oracle Database or convert the data in a non-Oracle database into an Oracle Database.

mount

To associate a database with an instance that has been started.

multiple Oracle homes

The capability of having multiple Oracle home on a computer.

net service name

The name used by clients to identify an Oracle Net server and the specific system identifier or database for the Oracle Net connection. A net service name is mapped to a port number and protocol. Also known as a connect string, database alias, host string, or service name.

This also identifies the specific system identifier or database to which the connection is attaching, not just the Oracle Net server.

network listener

A listener on a server that listens for connection requests for one or more databases on one or more protocols. See listener.

network service

In an Oracle application network, a service performs tasks for its service consumers. For example, a Names Server provides name resolution services for clients.

obfuscated

Protected by a process often used by companies for intellectual property written in the form of Java programs. The obfuscation process mixes up Java symbols found in the code. It leaves the original program structure intact, allowing the program to run correctly, while changing the names of the classes, methods, and variables to hide the intended behavior. Although it is possible to decompile and read non-obfuscated Java code, obfuscated Java code is sufficiently difficult to decompile to satisfy U.S. government export controls.

Optimal Flexible Architecture

A set of file naming and placement guidelines for Oracle Database software and databases.

ORACLE_BASE

ORACLE_BASE is the root of the Oracle Database directory tree. If you install an OFA-compliant database using Oracle Universal Installer defaults, then ORACLE_BASE is X:\app\oracle\product\11.2.0 where X is any hard drive.

Oracle Call Interface

An application programming interface that enables you to manipulate data and schema in an Oracle Database. You compile and link an Oracle Call Interface application in the same way that you compile and link a non-database application. There is no need for a separate preprocessing or precompilation step.

ORACLE_HOME

Corresponds to the environment in which Oracle Database products run. This environment includes the location of installed product files, the PATH variable pointing to the binary files of installed products, registry entries, net service names, and program groups.

If you install an OFA-compliant database, using Oracle Universal Installer defaults, then Oracle home (known as ORACLE_HOME in this guide) is located beneath ORACLE_BASE. It contains subdirectories for Oracle Database software executables and network files.

Oracle Internet Directory

An Oracle Database-based LDAP V3 directory server, used for centralizing database user, Oracle Net network connector, and database listener parameters. Oracle Internet Directory ships only with Oracle Application Server, not the Oracle Database 11g product set.

Oracle Net

A component of Oracle Net Services that enables a network session from a client application to an Oracle Database server. Once a network session is established, Oracle Net acts as a data courier for the client application and the database server. It is responsible for establishing and maintaining the connection between the client application and database server, and exchanging messages between them. Oracle Net can perform these jobs because it is located on each computer in the network.

Oracle Net Services

A suite of networking components that provide enterprise-wide connectivity solutions in distributed, heterogeneous computing environments. Oracle Net Services are comprised of Oracle Net, listener, Oracle Connection Manager, Oracle Net Configuration Assistant, and Oracle Net Manager.

Oracle PKI

Oracle Advanced Security includes Oracle PKI (public key infrastructure) integration for authentication and single sign-on. Oracle-based applications are integrated with the PKI authentication and encryption framework, using Oracle Wallet Manager.

Oracle Protocol Support

A product that maps the functions of a given network protocol into Oracle Transparent Network Substrate (TNS) architecture. This process translates TNS function calls into requests to the underlying network protocol. This allows TNS to act as an interface among all protocols. Oracle Net requires Oracle Protocol Support.

Oracle services

Windows services that are associated with particular Oracle Database components.

Oracle VSS writer

A service on Windows systems that acts as coordinator between an Oracle database instance and other VSS components, enabling data providers to create a shadow copy of files managed by the Oracle instance. For example, the Oracle VSS writer can place datafiles in hot backup mode to provide a recoverable copy of these datafiles in a shadow copy set.

PL/SQL

Procedural language extension to SQL that is part of Oracle Database.

PL/SQL enables you to mix SQL statements with procedural constructs. You can define and run PL/SQL program units such as procedures, functions, and packages.

precompiler

A programming tool that enables you to embed SQL statements in a high-level source program.

private keys

In public key cryptography, these are the secret keys. They are used primarily for decryption but also for encryption with a digital signature.

privilege

A right to run a particular type of SQL statement or to access another user's object.

process

A mechanism in an operating system that can run an executable. (Some operating systems use the terms job or task.) A process normally has its own private memory area in which it runs. On Windows a process is created when an application runs (such as Oracle Database or Microsoft Word). In addition to an executable program, all processes consist of at least one thread. The Oracle Database master process contains hundreds of threads.

provider

Software or hardware that creates shadow copies on demand. Typically, a provider is a disk storage system. In response to a request from a requester, a provider responds to VSS COM messages to create and maintain shadow copies.

public key

In public key cryptography, this key is made public to all. It is primarily used for encryption but can also be used for verifying signatures.

public key cryptography

Public key cryptography involves information encryption and decryption using a shared public key paired with private keys. Provides for secure, private communications within a public network.

quota

A limit on a resource, such as a limit on the amount of database storage used by a database user. A database administrator can set tablespace quotas for each Oracle Database username.

raw partitions

Portions of a physical disk that are accessed at the lowest possible disk (block) level.

recovery

To restore a physical backup is to reconstruct it and make it available to the Oracle Database server. To recover a restored backup is to update it using redo records (that is, records of changes made to the database after the backup was taken). Recovering a backup involves two distinct operations: rolling forward the backup to a more current time by applying redo data, and rolling back all changes made in uncommitted transactions to their original state.

redo log buffer

A circular buffer in the System Global Area that contains information about changes made to the database.

redo log files

Files that contain a record of all changes made to data in the database buffer cache. If an instance failure occurs, then the redo log files are used to recover the modified data that was in memory.

registry

A Windows repository that stores configuration information for a computer.

remote computer

A computer on a network other than the local computer.

remote database

A database on a computer other than the local database.

requester

An application that uses the VSS API to create shadow copies. Requester applications communicate with VSS writers to gather information on the system and to signal writers to prepare data for backup. The requester maintain control over VSS backup and restore operations by generating COM events through calls in the VSS API.

replication

The process of copying and maintaining database objects in multiple databases that make up a distributed database system.

role

A named groups of related privileges. You can grant a role to users or to another role.

schema

A named collection of objects, such as tables, views, clusters, procedures, and packages, associated with one or more particular users.

services

Executable processes installed in the Windows registry and administered by Windows. Once services are created and started, they can run even when no user is logged on to the computer.

service name

See net service name.

shadow copy

A consistent snapshot of a component or volume.

shadow copy set

A collection of shadow copies that are all taken at the same time.

Shared Server Process

A server configuration which allows many user processes to share very few server processes. The user processes connect to a dispatcher background process, which routes client requests to the next available shared server process.

snap-ins

Administrative tools that run within Microsoft Management Console.

snapshot

(1) Information stored in rollback segments provide transaction recovery and read consistency. Use Rollback segment information to re-create a snapshot of a row before an update.

(2) A point-in-time copy of a master table located on a remote site. Read-only snapshots can be queried, but not updated. Updateable snapshots can be queried and updated. They are periodically refreshed to reflect changes made to the master table, and at the snapshot site.

starter database

A preconfigured, ready-to-use database that requires minimal user input to create.

SYSDBA

A special database administration role that contains all system privileges with the ADMIN OPTION, and the SYSOPER system privilege. SYSDBA also permits CREATE DATABASE actions and time-based recovery.

SYSOPER

A special database administration role that permits a database administrator to perform STARTUP, SHUTDOWN, ALTER DATABASE OPEN/MOUNT, ALTER DATABASE BACKUP, ARCHIVE LOG, and RECOVER, and includes the RESTRICTED SESSION privilege.

System Global Area

A group of shared memory structures that contain data and control information for an Oracle Database instance.

system identifier

A unique name for an Oracle Database instance. To switch between instances of Oracle Database, users must specify the desired system identifier. The system identifier is included in the CONNECT DATA parts of the connect descriptors in a tnsnames.ora file, and in the definition of the network listener in a tnsnames.ora file.

SYSTEM

One of two standard database administrator usernames automatically created with each database. (The other user name is SYS.). The SYSTEM user name is the preferred user name for database administrators to use for database maintenance.

tablespace

A database is divided into one or more logical storage units called tablespaces. Tablespaces are divided into logical units of storage called segments, which are further divided into extents.

thread

An individual path of execution within a process. Threads are objects within a process that run program instructions. Threads allow concurrent operations within a process so that a process can run different parts of its program simultaneously on different processors. A thread is the most fundamental component that can be scheduled on Windows.

tnsnames.ora

A file that contains connect descriptors mapped to net service names. The file can be maintained centrally or locally, for use by all or individual clients.

trace file

Each server and background process can write to an associated trace file. When a process detects an internal error, it dumps information about the error to its trace file. Some information written to a trace file is intended for the database administrator, while other information is intended for Oracle Support Services. Trace file information is also used to tune applications and instances.

trust points

Trust points or trusted certificates are third party identities that are qualified with a level of trust. A trusted certificate is used when an identity is being validated as the entity it claims to be. Certificate authorities you trust are called trusted certificates. If there are several levels of trusted certificates, a trusted certificate at a lower level in the certificate chain does not need to have all its higher level certificates reverified.

universal groups

Universal groups are available in Windows. They can contain other groups, including other universal groups, local groups, and global groups.

upgrade

To convert the data in an Oracle Database into a later release. See downgrade and migrate.

username

A name that can connect to and access objects in a database.

view

A selective presentation of the structure and data of one or more tables. Views can also be based on other views.

volume-based shadow copies

VSS snapshots of complete drives or volumes.

Volume Shadow Copy Service (VSS)

An infrastructure on Windows server platforms that enables requesters, writers and providers to participate in creation of consistent snapshots called Shadow Copies. The VSS service uses well-defined COM interfaces.

Windows global groups

Groups that can be granted permissions and rights in their own domain, member servers and workstations of their domain, and in trusted domains. They can also become members of Windows local groups in all these places. But global groups can contain user accounts only from their own domains.

Windows local groups

Groups that can be granted permissions and rights only for its own computer or, if part of a domain, to the domain controllers of that domain. Local groups can, however, contain user accounts and Windows global groups from both their own domain and from trusted domains

writer

An application or service that stores persistent information on disk and cooperates with providers and requesters within the VSS infrastructure.