Re: Hiding data model
From: Hans Forbrich <fuzzy.graybeard_at_gmail.com>
Date: Wed, 28 Jan 2015 13:15:10 -0700
Message-ID: <54C9434E.4020507_at_gmail.com>
On 28/01/2015 4:39 AM, Harmandeep Singh wrote:
> Hi Experts,
>
> We are having data model for our product, which we do not want to
> expose to our customers. That is we want even the DBA of customer with
> sys privileges should not understand /access the data model( like
> table definitions, columns ).
>
> I am aware of options like VPD, which is data level security feature
> as per my understanding.
>
> Please let me know your thoughts
>
> Thanks,
> Harmandeep Singh
>
Date: Wed, 28 Jan 2015 13:15:10 -0700
Message-ID: <54C9434E.4020507_at_gmail.com>
On 28/01/2015 4:39 AM, Harmandeep Singh wrote:
> Hi Experts,
>
> We are having data model for our product, which we do not want to
> expose to our customers. That is we want even the DBA of customer with
> sys privileges should not understand /access the data model( like
> table definitions, columns ).
>
> I am aware of options like VPD, which is data level security feature
> as per my understanding.
>
> Please let me know your thoughts
>
> Thanks,
> Harmandeep Singh
>
One solution - put the protection into the contract. Model leaks out, you get to sue the customer.
Otherwise, realize that the data dictionary (which is different from, albeit related to, the data model) is the primary tool the DBA has to ensuring your product can be secured and tuned.
The DBAs are actually on your side. Why tick them off? /Hans
-- http://www.freelists.org/webpage/oracle-lReceived on Wed Jan 28 2015 - 21:15:10 CET