HomeОбразованиеRelated VideosMore From: OracleDBA

How to implement VPD in Oracle Database (Part 1)

3 ratings | 716 views
How to implement VPD (Virtual Private Database) in Oracle Database(9i,10g,11g,12c) Enterprise Edition. PART 1 Video links: Part 1 https://youtu.be/JVvtvh3cN1I Part 2 https://youtu.be/xLcin_Wgbvs Part 3 https://youtu.be/mE1cSbmEwnQ This is Part of Oracle Advance Security. Please view my earlier videos on how to create a database , if you are not having a database. 1)First we will create the users needed for our environment a)Owner of the schema which will have the objects or tables b)security admin user c)non owner user1 & user2 which will have limited access as per data in the rows (here user1 will have access to data with HR and user2 with FINANCE) Object owner creation: -------------- CREATE USER schemaowner IDENTIFIED BY schemaowner DEFAULT TABLESPACE users TEMPORARY TABLESPACE temp; GRANT connect, resource TO schemaowner; alter user schemaowner quota unlimited on users; security admin user creation: -------------- CREATE USER SEC_ADM IDENTIFIED BY sec_adm default tablespace users temporary tablespace TEMP; GRANT CONNECT, RESOURCE TO sec_adm; alter user sec_adm quota unlimited on users; garnts for the sec_adm user: ------------- GRANT CREATE SESSION,CREATE ANY CONTEXT,CREATE PROCEDURE,CREATE TRIGGER, ADMINISTER DATABASE TRIGGER TO SEC_ADM; GRANT EXECUTE ON DBMS_SESSION TO SEC_ADM; GRANT EXECUTE ON DBMS_RLS TO SEC_ADM; create user with restricted access on table: ----------------------- CREATE USER user1 IDENTIFIED BY user1 DEFAULT TABLESPACE users TEMPORARY TABLESPACE temp; GRANT connect, resource TO user1; CREATE USER user2 IDENTIFIED BY user2 DEFAULT TABLESPACE users TEMPORARY TABLESPACE temp; GRANT connect, resource TO user2; Now we will log in as schemaowner and create one tables : ------------------- CONN schemaowner/schemaowner This table is the table which contains the secure as well as un-restricted data CREATE TABLE user_data (column1 VARCHAR2(50) NOT NULL, user_id VARCHAR2(30) NOT NULL); Now to access this table from other schema we need to give the select and insert privs to: GRANT SELECT, INSERT ON user_data TO sec_adm,user1, user2;
Html code for embedding videos on your blog
Text Comments (0)

Would you like to comment?

Join YouTube for a free account, or sign in if you are already a member.