RE: Puzzle - Hiding Data of some rows in a Table

  • From: "VIVEK_SHARMA" <VIVEK_SHARMA@xxxxxxxxxxx>
  • To: <oracle-l@xxxxxxxxxxxxx>
  • Date: Mon, 16 Oct 2006 17:55:15 +0530

Folks

Seems I have NOT communicated properly in the previous e-mail

Puzzle 1 - For a Banking Application, for certain V.I.P. Bank Accounts
e.g. of the President of India (translating to respective rows in a set
of Tables), a general Staff Official should NOT be able to View the
respective Account info. But Bank-wide summation reports e.g. "Income &
Expenditure Report of the Bank as a whole" when fired by the "same"
person should consider the all the Data including those from the VIP
Accounts too.



General Staff may Number about 10,000 people spread across
geographically dispersed Branches of the Bank.



All Staff currently connect thru a common Oracle user & data is owned by
a single (common) schema owner name.



There is NO column for staff_id (Corresponding to each Bank Staff
person) in the Tables currently which probably VPD needs, if I have
interpreted VPD correctly.



NOTE - Application is OLTP in nature with very High performance needs
e.g. Current TPS (Trans/second) stands at a few thousand OLTP
transactions.

Approx a few Million OLTP Transactions (e.g. Debit or Credit
transactions to the Bank Accounts thru respective Staff & thru ATMs) are
passed per day.



Hence Auditing does NOT seem possible.



Also Bank Staff Numbers keep changing with new inductions & attritions.



Qs 1 Should the same be achieved thru suitable Application Design &
Coding Or using some Database Feature is also an Option?



Qs 2 Is row-level encrypting available in 10.2 & applicable to this
situation?



Thanks indeed



**************** CAUTION - Disclaimer *****************
This e-mail contains PRIVILEGED AND CONFIDENTIAL INFORMATION intended solely 
for the use of the addressee(s). If you are not the intended recipient, please 
notify the sender by e-mail and delete the original message. Further, you are 
not to copy, disclose, or distribute this e-mail or its contents to any other 
person and any such actions are unlawful. This e-mail may contain viruses. 
Infosys has taken every reasonable precaution to minimize this risk, but is not 
liable for any damage you may sustain as a result of any virus in this e-mail. 
You should carry out your own virus checks before opening the e-mail or 
attachment. Infosys reserves the right to monitor and review the content of all 
messages sent to or from this e-mail address. Messages sent to or from this 
e-mail address may be stored on the Infosys e-mail system.
***INFOSYS******** End of Disclaimer ********INFOSYS***

Other related posts: