Re: design multi-division system, How?

Its interesting that you posted this email, just as we are embarking on the same decision path. We are rebuilding some of our applications and are trying to decide whether to go nuts with Oracle's security features, or to just manage it at the application level. And there's pro's and con's to each.

One thing that makes the application-level security attractive is the the complexity of managing our row-level security requirements. We expect that we can provide a row-level security through dynamic views of the tables.

We have had some discussion about also providing column-level security, so that people couldn't see each other's salaries in the employee table, for instance.

The big advantage of using Oracle security wherever you can is that when the user leaves your app, all the security still applies. This works well in our environment, where third party reporting tools proliferate

Wish I could offer more advice, but we're still at the planning stages. I'd appreciate your keeping this thread alive with your progress, and I'll do the same.

Thanks,

    Richard Kemp, VP Development

Hassan Farzadeh wrote in message ...
>We are in the process of developing an application using Delphi 3 C/S and
>Oracle 7.3. The challenge we have is with multi-division companies. Each
>user within a division needs to access certain parts of the tables or
 views.
>What is the best way of maintaing the user security and audit-trails?
>Should we logon as a SYSDBA internally and maintain the security within our
>app or create individual users in Oracle and maintain security rights in
>Oracle using privilages and roles?
>Please send any comments to hassan_at_3log.com.
>Thanks in advance
>
>
>
>
>
>
>
Received on Thu May 21 1998 - 00:00:00 CDT