As salamo alaikum wa rahmatullah
You can implement the VPD at column level. If a column with secure data is referenced by a query, you can use column-level VPD to apply a security policy or display the column with NULL values. This approach is different from the row-based VPD. In column-level VPD all rows may be displayed, but the columns may be shielded from the user. You can apply column-level VPD to a table or a view.
To us column-level VPD, specify a value for the sec_relevant_cols input parameters for the ADD_POLICY procedure of DBMS_RLS. For creating policy use the following command:
begin
DBMS_RLS.ADD_POLICY
( object_schema=>'PRACTICE',
object_name=>'Emp',
policy_name=>'EMP_SELECT_POLICY',
function_schema=>'PRACTICE',
policy_function=>'SECURITY_PACKAGE.EMP_SELECT_SECURITY',
sec_relevant_cols=>'Price');
end;
/
Here PRACTICE is name of my local schema, Emp is the name of table, and EMP_SELECT_SECURITY is customized policy function and the Price is the name of Column of EMP table.
You have to create a Package as i created by the name of 'SECURITY_PACKAGE' and i call the Function EMP_SELECT_SECURITY.
--
Mohammad Shahnawaz
Oracle's Passion
You can implement the VPD at column level. If a column with secure data is referenced by a query, you can use column-level VPD to apply a security policy or display the column with NULL values. This approach is different from the row-based VPD. In column-level VPD all rows may be displayed, but the columns may be shielded from the user. You can apply column-level VPD to a table or a view.
To us column-level VPD, specify a value for the sec_relevant_cols input parameters for the ADD_POLICY procedure of DBMS_RLS. For creating policy use the following command:
begin
DBMS_RLS.ADD_POLICY
( object_schema=>'PRACTICE',
object_name=>'Emp',
policy_name=>'EMP_SELECT_POLICY',
function_schema=>'PRACTICE',
policy_function=>'SECURITY_PACKAGE.EMP_SELECT_SECURITY',
sec_relevant_cols=>'Price');
end;
/
Here PRACTICE is name of my local schema, Emp is the name of table, and EMP_SELECT_SECURITY is customized policy function and the Price is the name of Column of EMP table.
You have to create a Package as i created by the name of 'SECURITY_PACKAGE' and i call the Function EMP_SELECT_SECURITY.
--
Mohammad Shahnawaz
Oracle's Passion
No comments:
Post a Comment