What is Fine Grained Access Control for Row Level Security Deployment in Oracle Database?
October 2nd 2015 Posted at Databases
Comments Off on What is Fine Grained Access Control for Row Level Security Deployment in Oracle Database?
Fine grained access control FGAC is a feature introduced in Oracle 8i. It allows the implementation of row level security on tables and views. Row level security provides a more granular level of security than previously available in Oracle.
There are lots of new terms related to the implementation of Fine Grained Access Control, and this feature can seem quite complex at first. You need to be familiar with Fine Grained Access Control. You should know what it’s used for and how it’s set up. You should also know what an application context is and how it’s set up.
Some basic benefits of Fine Grained Access Control are following.
Enhanced security- The policies set with the use of FGAC are stored on the server and cannot be bypassed by client software.
Flexibility- Dynamic and complex security policies can be enforced with the use of fine grained access control. This is because it is dynamic in nature and allows the database administrator to create powerful security protocols based on multiple criteria. Based on the various security criteria that are defined, final access decisions don’t need to be made until run time.
Transparency- Changes in security policies can be made without requiring change in application code.
Scalability- The SQL statements used are parsed, optimized, and stored in the shared pool, making them available to other users.
Security policies- A rule or set of rules that should be followed when a script or script set determines whether a particular user should have access to a specific row or set of rows of data in a table. Using fine grained access control, Oracle enforces security policies within the database itself. The enforcement of these policies is being native to the database rather than to an application provide greater security, simplicity, and flexibility.
Application Context is holding area for information that is useful to have easily available. You use the different functions and procedures command to create a context. Oracle also makes several default variables available.
Application security is the attachment of privileges and roles to access such that users won’t be able to misuse the roles or privileges when they are not using application.
Predicate is other feature which is having additional SQL syntax to restrict the rows returned by the SQL statement. The predicate is at the heart of enforcing the security policy.
Later on Oracle introduced advance version of fine grained access control is VPD and fine grained auditing.
Author is offering database services and also writer of Oracle DBA Interview Questions Book.
Find More Oracle Articles
Both comments and pings are currently closed.