Call for Oracle support & training (800) 766-1884
Free Oracle Tips

Home
Corporate Oracle Training
Custom Oracle Training
Oracle New Features Training
Advanced Oracle DBA Classes
Oracle Tuning Courses
Oracle Tips & Tricks
Oracle Training Links
Oracle Training Links
Oracle Training Links

We are top for USA Oracle Training Clients

 

Free Oracle Tips


 
HTML Text AOL

Free Oracle App Server Tips


 
HTML Text

Oracle support

Oracle training

Oracle tuning

Rednecks!

Remote Oracle

Custom Oracle Training

 

   
  Oracle Tips by Burleson

Chapter 4 General Oracle Security

  CLAIM_ID SSN       CLAIM_AMOUNT S
---------- --------- ------------ -
         1 123456789         1200 P
         2 234567891         1800 P

Note, only the claims with the PROVIDER_ID = 1234567 come back, not the one with 2345671. Why? Because that is how the view is defined – to automatically filter the rows the user is not authorized to see.

In a later chapter, we will explore another concept called Virtual Private Database, or Fine Grained Access Control, that provides even more functionality without the use of views or complex definitions.

Combining the column masking and the view filtering, we can provide the important functionality HIPAA requires. The law says that users should not accidentally see the data they are not supposed to see.

For instance, a senior claim analyst like JUDY should be able to see all claims, but junior analysts like NATHAN should see only the claims below $2000, according to the policies of the company. Nathan can be granted select privileges on a view that filters the claim amounts automatically. Similarly, creating a view to mask the sensitive data also satisfies the requirement.

Action Plan: Identify the different visibility requirements for various users and construct views for each group. Revoke privileges from the base tables and grant on these views.

Program-Based Security


The above text is an excerpt from:

Oracle Privacy Security Auditing

The Final Word on Oracle Security

 

This is the only authoritative book on Oracle Security, Oracle Privacy, and Oracle Auditing written by two of the world’s leading Oracle Security experts.

This indispensable book is only

$39.95

 and has an immediate download of working security scripts:

 

http://rampant-books.com/book_2003_2_audit.htm



 
 
 
 

Oracle performance tuning book

 

 

Oracle performance tuning software

 
Oracle performance tuning software
 
Oracle performance Tuning 10g reference poster
 
Oracle training in Linux commands
 
Oracle training Excel
 
 
 
 

 

email BC:


Copyright © 1996 -  2014 by Burleson Inc. All rights reserved.

Oracle® is the registered trademark of Oracle Corporation.