Session 05_vpd - Database Security Virtual Private Database...

Info iconThis preview shows pages 1–9. Sign up to view the full content.

View Full Document Right Arrow Icon
Database Security Virtual Private Database
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Virtual Private Database Any user statement accessing a table or view that has a security policy associated with it clauses the server to modify the statement by appending a where clause The appended where clause is dynamically generated by the function associated with the security policy
Background image of page 2
Example of VPD Suppose we have a requirement in a medical system that Patients can see only their own records, e.g., Original Query Select * on Patient_Personal_Information Modified Query based on VPD Select * on Patient_Personal_Information Where Patient_Username = <Username>
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Detailed VDP Example
Background image of page 4
Create Table Patient_Personal_Information drop table Patient_Personal_Information; create table Patient_Personal_Information (Patient_Id number(10) primary key, Physician_Id number(6) not null, Patient_Username varchar2(10), Patient_Name Varchar2(20), Patient_Address1 varchar2(20), Patient_Address2 varchar2(20), Patient_Phone number(10) );
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Insert some Patients insert into Patient_Personal_Information Values (100, 7, 'Seaverg', 'Geffory Seaver', '700 T', 'Washington, DC', 2023334444); insert into Patient_Personal_Information Values (200, 7, 'looneyh', 'Howard Looney', '800 U', 'Washington, DC', 2023335555); insert into Patient_Personal_Information Values (300, 7, 'michelj', 'John Michel', '400 P', 'Washington, DC', 2023336666); insert into Patient_Personal_Information Values (400, 11, 'cranec', 'Norm Crane', '111 R', 'Washington, DC', 2023337777); insert into Patient_Personal_Information Values (500, 11, 'eganj', 'Jack Egan', '767 S', 'Washington, DC', 2023338888); insert into Patient_Personal_Information Values (600, 11, 'MICHAEL', 'Michael', '912 M', 'Washington, DC', 2023339999);
Background image of page 6
Create Table Medical_Information drop table Medical_Information; create table Medical_Information (Patient_Id number(10) primary key, Test_Performed varchar2(30), Test_Result Varchar2(50), Diagnosis varchar2(50) );
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Insert some records insert into Medical_Information values (100, 'Foot Scan', 'Fracture in 5th metatarsel', 'Broken Toe'); insert into Medical_Information values (200, 'Hand Scan', 'Fracture in 5th metacarpal', 'Broken Finger'); insert into Medical_Information values (300, 'Arm Scan', 'Fracture in Humorous!', 'Definitely not funny!'); insert into Medical_Information values (400, 'Leg Scan', 'Fracture in Femur!', 'Serious Broken Leg'); insert into Medical_Information values (500, 'Leg Scan',
Background image of page 8
Image of page 9
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 12/23/2009 for the course DBST dbst 668 taught by Professor Yelena - ta during the Spring '09 term at MD University College.

Page1 / 33

Session 05_vpd - Database Security Virtual Private Database...

This preview shows document pages 1 - 9. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online