|
||
|
Title: Oracle VPD vs. OLS Post by Pete Finnigan on Oct 13th, 2005, 3:53am Hey all, I am having a hard time coming up with information regarding the differences of VPD and OLS. It seems that some people see them as one in the same and I was under the impression that they are different technology solutions. Can someone provide any information on the pros/cons of each? Second, I found information on VPD dating back to 2001, I believe OLS is a newer feature and is currently being used by the US Govt. (DOD). Are there any other large OLS deployments that anyone here knows of? Thanks in advance! tek |
||
|
Title: Re: Oracle VPD vs. OLS Post by Pete Finnigan on Oct 13th, 2005, 9:36pm Hi Tek, They are definatly two different technologies. VPD is the lower level technology, it allows policies to be defined that act upon tables or views that they are associated with. This is a simplistic description!. Have a look at my [url http://www.petefinnigan.com/orasec.htm]Oracle Security White papers page[/url] where there are links to a two part paper I wrote about Row Level Security (VPD). OLS is based on top of VPD. It takes the metaphor further and associates a label (hence label security) with each record. These labels are then used with a cross reference of users rights to decide whether a record can be accessed. i.e. they have levels such as in secret service or military definitions, such as SECRET, TOP SECRET etc. Users who are allowed to access a certain level (e.g SECRET) then they can access data at that level or lower. You can set up non secret service / military configurations of course. There are links to a set of papers about OLS on my Oracle white papers page - link above. There might be a link to OLS papers in my blog archives as well. cheers Pete |
||
|
Powered by YaBB 1 Gold - SP 1.4! Forum software copyright © 2000-2004 Yet another Bulletin Board |