Session_10_all_slides1-44

Session_10_all_slides1-44 - Database Security Oracle Label...

Info iconThis preview shows pages 1–11. Sign up to view the full content.

View Full Document Right Arrow Icon
1 Database Security Oracle Label Based Security Session 10
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
2 Create Policy SQL> EXECUTE SA_SYSDBA.CREATE_POLICY ('TEST','TT'); Parameters: policy_name: TEST column_name: TT PL/SQL procedure successfully completed.
Background image of page 2
3 New Policy
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
4 Read/Write on a Table Owner, Granted Select by Owner or have Select any Table Privilege Owner, Granted Update by Owner or have Update any Table Privilege LBAC_ROLE or EXECUTE ON SY_SYSDBA
Background image of page 4
5 Create Policy To Create a Policy you must execute SA_SYSDBA.CREATE_POLICY Example EXECUTE SA_SYSDBA.CREATE_POLICY ('TEST','TT', 'READ_CONTROL'); Parameters policy_name; TEST column_name; TT default options READ_CONTROL
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
6 Default Policy Options READ_CONTROL Applies policy enforcement to all queries; only authorized rows are accessible for SELECT, UPDATE, and DELETE operations. WRITE_CONTROL Determines the ability to INSERT, UPDATE, and DELETE data in a row. If this option is set, it enforces INSERT_CONTROL, UPDATE_CONTROL and DELETE_CONTROL.
Background image of page 6
7 Default Policy Options INSERT_CONTROL Applies policy enforcement to INSERT operations, according to the Oracle Label Security algorithm for write access UPDATE_CONTROL Applies policy enforcement to UPDATE operations on the data columns within a row, according to the Oracle Label Security algorithm for write access
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
8 Default Policy Options DELETE_CONTROL Applies policy enforcement to DELETE operations, according to the Oracle Label Security algorithm for write access LABEL_DEFAULT If the user does not explicitly specify a label on INSERT, the session's default row label value is used.
Background image of page 8
9 Default Policy Options LABEL_UPDATE Applies policy enforcement to UPDATE operations that set or change the value of a label attached to a row. The WRITEUP, WRITEDOWN, and WRITEACROSS privileges are only enforced if the LABEL_UPDATE option is set
Background image of page 9

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
10 Default Policy Options LABEL_CHECK Applies READ_CONTROL policy enforcement to INSERT and UPDATE statements to
Background image of page 10
Image of page 11
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 44

Session_10_all_slides1-44 - Database Security Oracle Label...

This preview shows document pages 1 - 11. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online