||Oracle Tips by Burleson
Oracle 10g Virtual Private Database
Virtual Private Database (VPD) was first
introduced in Oracle8i. It set a new standard in database security,
being built into the database server, instead of each application
accessing the data. Security is no longer bypassed when a user
accesses the database with an ad hoc query tool or a new
application. Virtual Private Database is a key enabling technology
for organizations building hosted, web-based applications that
expose mission-critical resources to customers.
Virtual Private Database Overview
Virtual Private Database enables the database
to perform query modification based on a security policy you have
defined in a package. A security policy is a restriction associated
with a table or view.
When a user directly or indirectly accesses a
table or view associated with a VPD security policy, the server
dynamically modifies the user’s SQL statement. The modification is
based on a where condition (a predicate) returned by a function
which implements the security policy. The database modifies the
statement dynamically and is transparent to the user.
Data access via Virtual Private Database will
perform the following five steps:
User sends SQL to the database server.
The associated table triggers a pre-defined
The security policy returns a predicate.
The SQL statement is modified according to
the security policy.
Secured data returns to user.
Figure 15.1 Virtual Private Database Overview
In Oracle8i, the Virtual Private Database
provided the following key features:
Oracle9i expanded the Virtual Private Database
features as follows:
Oracle 10g makes the following three major
enhancements in Virtual Private Database:
Get the complete story:
To get the code instantly, click here:
Need an Oracle Mentor?
BEI is now offering personal mentors for Oracle DBAs where you can have an
Oracle expert right at your fingertips, anytime day or night. We work with
hundreds of Oracle databases every year, so we know exactly how to quickly
assist you with any Oracle question.
Why risk an unplanned outage? You can now get telephone access to Don
Burleson or any of his Oracle Certified DBAs with more than 20 years of
full-time IT experience. Click here for details: