PRODUCTS

Database
Middleware
Developer Tools
Enterprise Management
Applications Technology
Products A-Z

TECHNOLOGIES

BI & Data Warehousing
Embedded
Java
Linux
.NET
PHP
Security
Windows Server System
Technologies A-Z

ARCHITECTURE

Enterprise 2.0
Extreme Transaction Processing
Service-Oriented Architecture
Virtualization

COMMUNITY

Join OTN
Oracle ACEs
Oracle Wiki
Blogs
Podcasts
Events
Newsletters
Oracle Magazine
Oracle Books
Certification
User Groups
Partner White Papers

Printer View

E-mail this page

Bookmark

Oracle Label Security

Protect PII by controlling Secure Application Roles with
OLS User Authorizations

Create Label Security policy

Define label components

Authorize users

Create procedure to enable role

The Secure Application Role procedure will do the following:

Get the numerical label_tag from the user's current label
Get the numerical label_tag from the 'SENS:PII' label
User label ≥ 'SENS:PII' label → role will be set for user
User label < 'SENS:PII' label → role will not be set for user

SQL> grant pii_role to <user>;
SQL> alter user <user> set default role none;

CREATE OR REPLACE PROCEDURE p_pii_roles authid current_user
 IS    
    session_tag	number;		-- numerical expression of session label
    sens_tag	number;		-- numerical expression of SENS:PII label
  
  BEGIN
  session_tag := sa_util.numeric_label('PROTECT_PII');
                                -- numerical expression of session label

  sens_tag := char_to_label('PROTECT_PII','SENS:PII');
                                -- numerical expression of the SENS:PII label

  if 	dominates (session_tag, sens_tag) = 1 then
                                -- true (1) if session label ≥ SENS:PII label
        dbms_session.set_role('pii_role');
  
  else  null;                   -- else do nothing
  end if;
END p_pii_roles;
/

Create Label Security policy

Define label components

Authorize users

Create procedure to enable role

Technical Information

	Datasheet
	Technical White Paper
	Best practices
	Performance Considerations: Designing applications for Oracle Label Security
	Frequently Asked Questions
	Oracle Label Security with Oracle E-Business Suite: Best Practices

Hands-On

	Using OLS user authorizations to create powerful Command Rules in Oracle Database Vault
	OLS user authorizations in VPD policies: Determine access to application table columns on user authorizations
	Six steps towards a successful multi level security implementation
	Oracle by Example: Installing OLS
	Oracle by Example: Using OLS
	Integrating OLS with Identity Management
	Oracle Magazine: Now Securing Every Row

	Learn More

·	Oracle by Example: Database Security

	Security Options

·	Oracle Database Vault
·	Oracle Advanced Security
·	Oracle Label Security
·	Oracle Secure Backup

	Security Features

·	Data Encryption
·	Virtual Private Database
·	Database Auditing
·	Backup Encryption
·	Proxy Authentication
·	Enterprise User Security
·	Secure Application Roles
·	Fine Grained Auditing

	Related Technologies

·	Audit Vault
·	Secure Backup
·	Configuration Management
·	Information Rights Management
·	Identity Management

	Previous Releases

·	Oracle10g R2 Security
·	Oracle9iR2 Security
·	Oracle9i Security

	Discussion Forums

·	Audit Vault
·	Security
·	Database

E-mail this page

Printer View

	About Oracle \| \| Careers \| Contact Us \| Site Maps \| Legal Notices \| Terms of Use \| Privacy

Oracle Label Security

Protect PII by controlling Secure Application Roles withOLS User Authorizations

Technical Information

Hands-On

Protect PII by controlling Secure Application Roles with
OLS User Authorizations