 |
|
Oracle Tips by Burleson |
Oracle 10g Steps to Apply a VPD Policy
SQL> select
employee_id, last_name, salary, department_id
2 from employees
3 where employee_id = 117;
EMPLOYEE_ID
LAST_NAME SALARY DEPARTMENT_ID
----------- ------------------ ------ -------------
117
Tobias 2800 30
If manager Raphaely issues the same SQL
statement, the query will rewrite as follows, and he will see all
employees information returned from his own department 30:
SQL> select
employee_id, last_name, salary, department_id
2 from employees
3 where department_id = 30;
EMPLOYEE_ID
LAST_NAME SALARY DEPARTMENT_ID
----------- ------------------ ------ -------------
119 Colmenares 2500 30
118 Himuro 2600 30
117 Tobias 2800 30
116 Baida 2900 30
115 Khoo 3100 30
114 Raphaely 11000 30
The result of applying the VPD policy is
row-level access control and row level security (RLS). Users can
only access the specific data determined by the policy function.
The ability to specify relevant columns in VPD policies provides
higher data security. No matter how users access data, they can no
longer bypass security checks, since security policy is enforced by
the database and not by applications. Furthermore, security can be
built once in the database server, rather than in each application
that accesses data. The Virtual Private Database results in lower
total cost of ownership (TCO) in deploying applications.
Get the complete Oracle10g story:
To get the code instantly, click here:
Need an Oracle Mentor?
BEI is now offering personal mentors for Oracle DBAs where you can have an
Oracle expert right at your fingertips, anytime day or night. We work with
hundreds of Oracle databases every year, so we know exactly how to quickly
assist you with any Oracle question.
Why risk an unplanned outage? You can now get telephone access to Don
Burleson or any of his Oracle Certified DBAs with more than 20 years of
full-time IT experience. Click here for details:
http://www.dba-oracle.com/service_oracle_backup.htm
|
