REFERENCE SOURCE FOR EXAMPLECOPY FROM ABOVE SOURCEKeeping Information Private with VPDBy Arup NandaOracle's row-level security gives users their own virtual private databases.Ensuring appropriate information privacy is a pressing concern for many businesses today, given privacy legislation such as the United States' HIPAA (Health Insurance Portability and Accountability Act), Gramm-Leach-Bliley Act, Sarbanes-Oxley Act, and the EU's Safe Harbour Law. Other privacy mandates, such as Visa's Cardholder Information Security Program (CISP), also require businesses to ensure that access to information is tightly controlled.Oracle has always included the ability to grant (or deny) users access to database objects, but these privileges are defined at the object level—for an entire table, not for specific rows in that table. Although that approach is sufficientfor many applications, any application touching on financial, health, or other kindsof personal information usually requires more-discrete controls over access and authorization.Oracle's row-level security (RLS) feature, introduced in Oracle8i, provides fine-grained access control—fine-grained means at the individual row level. Rather than opening up an entire table to any individual user who has any privileges on the table, row-level security restricts access to specific rows in a table. The result is that any individual user sees a completely different set of data—only the data that person is authorized to see—so the overall capabilities are sometimes referred to as Oracle's virtual private database, or VPD, feature.1
Using Oracle's VPD capabilities not only ensures that companies can build secure databases to adhere to privacy policies but also provides a more manageable approach to application development, because although the VPD-based policies restrict access to the database tables, they can be easily changedwhen necessary, without requiring modifications to application code.For example, say a bank's account managers (AMs) provide personal customer support to high-net-worth account holders. AMs use a custom banking application to help them check their customers' balances, deposit or withdraw funds, and decide on loan requirements, for example. At one time, the bank's policy was to allow all AMs to access all account holder information, but that policy was recently changed. Now, AMs are assigned to a particular set of customers, and they need to be able to access information pertaining only to those customers. The policy change needs to be reflected in the application, which currently shows all customer information to each AM, not just information on the customers to whom each particular AM is assigned.
You've reached the end of your free preview.
Want to read all 10 pages?
- Spring '14