Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Mailing Lists -> Oracle-L -> New two part paper on Row Level Security

New two part paper on Row Level Security

From: Pete Finnigan <oracle_list_at_peterfinnigan.demon.co.uk>
Date: Mon, 10 Nov 2003 05:04:33 -0800
Message-ID: <F001.005D6381.20031110050433@fatcity.com> 





Hi everyone,



I have recently written a paper on row level security in Oracle for
publication by security focus. This paper is a two part paper and the
first part is published, the second part will be published later this
week.



part one introduces row level security, talks about the various names it
has and also why you might want to use it with listed advantages. I go
on to talk about how it works and how to implement a simple example
working through the various steps with example code. I then go on to
test the example with differing scenarios to check it performs against
the business rules defined. I talk about a couple of issues and tips.



part two goes on to look into how to explore the database looking at
what row level security settings are in use or indeed if it is in use,
by querying v$ views, I also discuss how to use the dictionary views to
understand the setup and then go on to explore how to derive the SQL
including predicate from the database and also how to see if row level
security is in use by inference. I also discuss some of the issues with
its use. As usual I also throughout make suggestions about protecting
what configuration can be read from the database.



A link to part one can be found here: 



http://www.petefinnigan.com/orasec.htm



kind regards



Pete


-- 



Pete Finnigan


email:pete_at_petefinnigan.com


Web site: http://www.petefinnigan.com - Oracle security audit specialists
Book:Oracle security step-by-step Guide - see http://store.sans.org for details.



-- 



Please see the official ORACLE-L FAQ: http://www.orafaq.net


-- 



Author: Pete Finnigan


  INET: oracle_list_at_peterfinnigan.demon.co.uk


Fat City Network Services    -- 858-538-5051 http://www.fatcity.com
San Diego, California        -- Mailing list and web hosting services
---------------------------------------------------------------------


To REMOVE yourself from this mailing list, send an E-Mail message
to: ListGuru_at_fatcity.com (note EXACT spelling of 'ListGuru') and in
the message BODY, include a line containing: UNSUB ORACLE-L
(or the name of mailing list you want to be removed from).  You may
also send the HELP command for other information (like subscribing).
Received on Mon Nov 10 2003 - 07:04:33 CST












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US