Virtual Private Database
The Virtual Private Database feature of Oracle, first introduced in Oracle8i, couples fine-grained
access control with a secure application context. The security policies are attached to the data,
and not to the application; this ensures that security rules are enforced regardless of how the data
is accessed.
For example, a medical application context may return a predicate based on the patient
identification number accessing the data; the returned predicate will be used in a WHERE clause
to ensure that the data retrieved from the table is only the data associated with the patient.
Label Security
Oracle Label Security provides a ???VPD Out-of-the-Box??? solution to restrict access to rows in any
table based on the label of the user requesting the access and the label on the row of the table
itself. Oracle Label Security administrators do not need any special programming skills to assign
security policy labels to users and rows in the table.
This highly granular approach to data security can, for example, allow a DBA at an Application
Service Provider (ASP) to create only one instance of an accounts receivable application and to
use Label Security to restrict rows in each table to an individual company??™s accounts receivable
information.
Real Application Clusters
Oracle??™s Real Application Clusters (RAC) feature, known in previous Oracle versions as the
Oracle Parallel Server option, allows more than one instance, on separate servers, to access
the same database files.
Pages:
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126