Virtual Private Database

Virtual Private Database (VPD), a feature of Oracle Database 11g Enterprise Edition, was introduced in Oracle8i and is one of the most popular security features in the database. VPD is used when the standard object privileges and associated database roles are insufficient to meet application security requirements. VPD policies can be simple or complex depending on your security requirements. VPD can be used in combination with the "application context" feature to enforce sophisticated row and/or column level security requirements for privacy and regulatory compliance. A simple VPD example might restrict access to data during business hours and a more complex VPD example might read an application context during a login trigger and enforce row level security against the ORDERS table.

No matter how users connect to the protected table (via an application, a Web interface or SQL*Plus), the result is the same. There is no "application security problem" anymore, since the access policy is attached to the table, and cannot be bypassed.

image 1

Example: A customer can only see his orders in the 'orders' table (below), when he is listed in the 'customers' table (above)

With "Column Relevance", VPD can be configured such that the policy is enforced only when a critical column is selected:

image 2

image 3

Example: The account manager with the account_mgr_id "149" can see all rows from the customers table, but not the credit limits. As soon as she queries the 'credit_limit' column, she can only see her own customers.

The most advanced configuration ("Column Hiding") of VPD allows for the most effective combination of ease-of-use and security: She still has access to all public information in the 'customers' table, but confidential information remains hidden:

image 4

Example: All 'credit_limit' data cells are empty except those of her own customers.