Call for Oracle support & training (800) 766-1884
Free Oracle Tips

Home
Corporate Oracle Training
Custom Oracle Training
Oracle New Features Training
Advanced Oracle DBA Classes
Oracle Tuning Courses
Oracle Tips & Tricks
Oracle Training Links
Oracle Training Links
Oracle Training Links

We are top for USA Oracle Training Clients

 

Free Oracle Tips


 
HTML Text AOL

Free Oracle App Server Tips


 
HTML Text

Oracle support

Oracle training

Oracle tuning

Rednecks!

Remote Oracle

Custom Oracle Training

 

   
  Oracle Tips by Burleson

Chapter 2 Introducti

on to Oracle Security

this procedure merely executes the code behind it; the privileges required for the updates come from the calling user. In this case, when JUDY calls the procedure, the privileges given to her are required to update the tables, i.e. JUDY, not PROGOWNER, must have UPDATE privileges on the claims table. If JUDY doesn't have the privileges but PROGOWNER does, the procedure execution will fail.

How is this helpful in designing the HIPAA compliant model? This concept alone is one of the single most important rights management setups required for HIPAA. In this case, a user called PROGOWNER, who does not have any other privilege, can own all your code, and all application users must call the stored programs it owns. However, since each user is separately administered in the privilege management framework, the success of the execution of those codes will depend on the calling user's privileges, and this arrangement works perfectly.

In the default model, known as definer rights, privileges are required to be granted to the user PROGOWNER, and execute privileges on the procedures are to be granted to all the other users who might potentially need to access these procedures. If the privileges are to be revoked, the execute privilege on the procedure needs to be revoked. If the procedure is a package, all other procedures inside the package would also be inaccessible to the user, and that may not be desirable. The invoker model allows for the modularization of code while at the same time allowing rights to be handled properly.


The above text is an excerpt from:

Oracle Privacy Security Auditing

The Final Word on Oracle Security

 

This is the only authoritative book on Oracle Security, Oracle Privacy, and Oracle Auditing written by two of the world’s leading Oracle Security experts.

This indispensable book is only

$39.95

 and has an immediate download of working security scripts:

 

http://rampant-books.com/book_2003_2_audit.htm



 
 
 
 

Oracle performance tuning book

 

 

Oracle performance tuning software

 
Oracle performance tuning software
 
Oracle performance Tuning 10g reference poster
 
Oracle training in Linux commands
 
Oracle training Excel
 
 
 
 

 

email BC:


Copyright © 1996 -  2014 by Burleson Inc. All rights reserved.

Oracle® is the registered trademark of Oracle Corporation.