Oracle Label Security

Protect PII from unauthorized access

Create Label Security policy

Define label components

Authorize users

Create and apply VPD policy

Oracle Label Security consists of two parts: User clearance labels and data classification labels (row labels). The policy itself determines access rights to rows by comparing the user's clearance with data classification labels. In this example though, the OLS policy will not be applied to a table, and there is no additional column appended to the protected table, which would otherwise hold the row labels. But in order to initially create the policy, the name of the additional column can not be omitted. Since this policy will never be attached to a table, the default policy enforcement option can be set to 'NO_CONTROL', which minimizes any overhead caused by a truly active policy.

Oracle Label Security and Secure Application Roles step 1 of 4

The same could be achieved using the following script:

 BEGIN
  SA_SYSDBA.CREATE_POLICY (
  policy_name => 'PROTECT_PII',
  column_name => 'OLS_COLUMN',
  default_options => 'NO_CONTROL');
 END;
/


Hands-On

	Using OLS user authorizations to create powerful Command Rules in Oracle Database Vault
	OLS user authorizations in VPD policies: Determine access to application table columns based on user authorizations
	Six steps towards a successful multi level security implementation
	Oracle Magazine: Now Securing Every Row


Related Technologies

	Database Firewall
	Audit Vault
	Data Masking (pdf)
	Secure Backup
	Configuration Management
	Identity Management


Discussion Forums

	Security
	Audit Vault
	Database


Technical Information

	Datasheet
	Overview Whitepaper
	Oracle Label Security in Government and Defense Environments
	Technical White Paper
	Best practices
	Frequently Asked Questions
	Oracle Label Security with Oracle E-Business Suite: Best Practices


Security Options

	Oracle Database Vault
	Oracle Advanced Security
	Oracle Label Security


Security Features

	Data Encryption
	Virtual Private Database
	Database Auditing
	Backup Encryption
	Export file encryption
	Proxy Authentication
	Enterprise User Security
	Secure Application Roles
	Fine Grained Auditing

	Popular Downloads
Untitled Document Berkeley DB Enterprise Manager Database EE and XE Developer VMs Enterprise Pack for Eclipse Java JDeveloper and ADF Oracle Linux and Oracle VM MySQL NetBeans IDE NoSQL Database Solaris SQL Developer VirtualBox WebLogic Server

	More Database Downloads
Database Express Edition Database Instant Client Database Mobile Server JDBC Drivers SQL Developer Data Modeler TimesTen In-Memory Database VM Templates for Database .NET Data Access Components

E-mail this page

Printer View

Products and Services

Solutions

Downloads

Store

Support

Training

Partners

About

Oracle Technology Network

Oracle Label Security

Protect PII from unauthorized access

Hands-On

Related Technologies

Discussion Forums

Technical Information

Security Options

Security Features

Hardware and Software, Engineered to Work Together