DBMS_RLS and Security
- From: "William Wagman" <wjwagman@xxxxxxxxxxx>
- To: <oracle-l@xxxxxxxxxxxxx>
- Date: Tue, 1 May 2007 16:15:24 -0700
Greetings,
One of my users sent me this URL for a paper on improving security,
http://www.oracle.com/technology/pub/articles/jucan_security.html. The
writer presents a technique for hiding columns using DBMS_RL to create
policies to hide data. Apparently one can even hide data from a user
with full DBA access. I had a conversation with one of my co-workers who
had just attended an Oracle taught security class and she reported that
there are numerous examples of users losing data when attenpting to do
this. Apparently the class instructor also did not have real good
feelings about this technique as well. It apparently also takes
advantage of Oracle Application server's security which makes it appear
that application server is required in order to utilize this
methodology. Unfortunately I don't have a good enough understanding of
the process to give a concise explanation. I am interested in knowing if
others are familiar with this technique, have used it and what your
experiences were.
Thanks.
Bill Wagman
Univ. of California at Davis
IET Campus Data Center
wjwagman@xxxxxxxxxxx
(530) 754-6208
--
//www.freelists.org/webpage/oracle-l
Other related posts:
