Greetings, One of my users sent me this URL for a paper on improving security, http://www.oracle.com/technology/pub/articles/jucan_security.html. The writer presents a technique for hiding columns using DBMS_RL to create policies to hide data. Apparently one can even hide data from a user with full DBA access. I had a conversation with one of my co-workers who had just attended an Oracle taught security class and she reported that there are numerous examples of users losing data when attenpting to do this. Apparently the class instructor also did not have real good feelings about this technique as well. It apparently also takes advantage of Oracle Application server's security which makes it appear that application server is required in order to utilize this methodology. Unfortunately I don't have a good enough understanding of the process to give a concise explanation. I am interested in knowing if others are familiar with this technique, have used it and what your experiences were. Thanks. Bill Wagman Univ. of California at Davis IET Campus Data Center wjwagman@xxxxxxxxxxx (530) 754-6208 -- //www.freelists.org/webpage/oracle-l