Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
Home -> Community -> Usenet -> c.d.o.server -> Re: Implementing Data-Level Security
Hello Anup,
I think that it is bad practice to make INSERT, UPDATE or DELETE from client side due to security problems. Front-end must call only PL/SQL stored functions or procedures to perform data modifications according to business rules. PL/SQL code can check data security by means of joint views. The same views can be used in SELECT statements to guarantee read security. The only problem with such approach is that it is very labour intensive.
Andrew Protasov