Back to Secure Application Roles homepage

Oracle Label Security

Controlling Secure Application Roles with
OLS User Authorizations

Oracle Label Security and Secure Application Roles step 1 of 4
Oracle Label Security and Secure Application Roles step 2 of 4
Oracle Label Security and Secure Application Roles step 3 of 4
Oracle Label Security and Secure Application Roles step 4 of 4
Create Label Security policy Define label components Authorize users Create procedure to enable role

Labels consists of three components: Required Levels, and optional Compartments and Groups. In this example, the levels will be 'Confidential' and 'Sensitive', and the compartment will be 'PII'; no groups are used:

Oracle Label Security Label Components

The same could be achieved using the following scripts:

  policy_name => 'PROTECT_PII',
  level_num => 1000,
  short_name => 'C',
  long_name => 'CONFIDENTIAL');

  policy_name => 'PROTECT_PII',
  level_num => 2000,
  short_name => 'S',
  long_name => 'SENSITIVE');

  policy_name => 'PROTECT_PII',
  comp_num => 100,
  short_name => 'PII',
  long_name => 'PERS_INFO');


 Using OLS user authorizations to create powerful Command Rules in Oracle Database Vault
 OLS user authorizations in VPD policies: Determine access to application table columns based on user authorizations
 Six steps towards a successful multi level security implementation
 Oracle Magazine: Now Securing Every Row

Related Technologies

 Database Firewall
 Audit Vault
 Data Masking (pdf)
 Secure Backup
 Configuration Management
 Identity Management

Discussion Forums

 Audit Vault

Technical Information

 Overview Whitepaper
 Oracle Label Security in Government and Defense Environments
 Technical White Paper
 Best practices
 Frequently Asked Questions
 Oracle Label Security with Oracle E-Business Suite: Best Practices

Security Options

 Oracle Database Vault
 Oracle Advanced Security
 Oracle Label Security

Security Features

 Data Encryption
 Virtual Private Database
 Database Auditing
 Backup Encryption
 Export file encryption
 Proxy Authentication
 Enterprise User Security
 Secure Application Roles
 Fine Grained Auditing
Kscope 16

Oracle Database Cloud