144 | Chapter 6: Oracle Security, Auditing, and Compliance
Violations of rules are reported as critical, warning, or informational through the EM
interface. Out of the box, security violations are checked on a daily basis. Policies
may be adjusted according to business demands, and violations can be overridden
when they are reported.
Restricting Data Access
There are situations in which a user will have access to a table, but not all of the data
in the table should be viewed. For example, you might have competing suppliers
looking at the same tables. Youmay want them to be able to see the products they
supply and the total of all products from suppliers, but not detailed information
about their competitors. There are a number of ways to do this, as we??™ll describe in
the following sections, using other examples from Human Resources (HR).
View-based security
Youcan think of views as virtual tables defined by queries that extract or derive data
from physical base tables. You can use views to present only the rows or columns
that a certain group of users should be able to access.
Pages:
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325