Call for Oracle support & training (800) 766-1884
Free Oracle Tips

Corporate Oracle Training
Custom Oracle Training
Oracle New Features Training
Advanced Oracle DBA Classes
Oracle Tuning Courses
Oracle Tips & Tricks
Oracle Training Links
Oracle Training Links
Oracle Training Links

We are top for USA Oracle Training Clients


Free Oracle Tips


Free Oracle App Server Tips


Oracle support

Oracle training

Oracle tuning


Remote Oracle

Custom Oracle Training


  Oracle Tips by Burleson

Chapter 2 Introducti

on to Oracle Security

this procedure merely executes the code behind it; the privileges required for the updates come from the calling user. In this case, when JUDY calls the procedure, the privileges given to her are required to update the tables, i.e. JUDY, not PROGOWNER, must have UPDATE privileges on the claims table. If JUDY doesn't have the privileges but PROGOWNER does, the procedure execution will fail.

How is this helpful in designing the HIPAA compliant model? This concept alone is one of the single most important rights management setups required for HIPAA. In this case, a user called PROGOWNER, who does not have any other privilege, can own all your code, and all application users must call the stored programs it owns. However, since each user is separately administered in the privilege management framework, the success of the execution of those codes will depend on the calling user's privileges, and this arrangement works perfectly.

In the default model, known as definer rights, privileges are required to be granted to the user PROGOWNER, and execute privileges on the procedures are to be granted to all the other users who might potentially need to access these procedures. If the privileges are to be revoked, the execute privilege on the procedure needs to be revoked. If the procedure is a package, all other procedures inside the package would also be inaccessible to the user, and that may not be desirable. The invoker model allows for the modularization of code while at the same time allowing rights to be handled properly.

The above text is an excerpt from:

Oracle Privacy Security Auditing

The Final Word on Oracle Security


This is the only authoritative book on Oracle Security, Oracle Privacy, and Oracle Auditing written by two of the world’s leading Oracle Security experts.

This indispensable book is only


 and has an immediate download of working security scripts:


Oracle performance tuning book



Oracle performance tuning software

Oracle performance tuning software
Oracle performance Tuning 10g reference poster
Oracle training in Linux commands
Oracle training Excel


email BC:

Copyright © 1996 -  2014 by Burleson Inc. All rights reserved.

Oracle® is the registered trademark of Oracle Corporation.