081 - Chapter 9. Developing a Simple Security Application


Oracle Security
By William Heney, Marlene Theriault
Table of Contents
Part II:  Implementing Security

Chapter 9. Developing a Simple Security Application

There are many approaches you can use to implement security on your system. In this chapter, we're going to show you a sample application demonstrating one such approach. We're not going to include every detail of every step that was taken to build the original application on which this example is based. Our goal is not to teach you how to implement only one security method. Instead, we'd like to provide you with ideas you can use to build your own system.

The sample application is a credit card review and certification system. To set the stage, we'll provide a brief overview of the system's functionality and present a discussion of the environment and requirements of the system. In Chapter 3, when we talked about database objects, we said that the tables in the database could be used by more than one application. This is the case with the credit card system. There will be references to objects (mostly tables) shared with other applications. We'll refer to these objects as enterprise objects and the entire database as the enterprise database . Access to each object is controlled by the privileges that you give (or don't give) to each user .

In this chapter we'll use these steps in describing how the application was built:

  1. Define the functionality of the application.

  2. Describe the portions of the security plan that pertain to the application.

  3. Explain how to build a role-object matrix ( generally referred to as "the matrix").

  4. Show how to build the views defined in the matrix.

  5. Describe how to build the roles that were defined in the matrix.

  6. Show how to assign privileges to roles and users through the GRANT command.

  7. Explain how to use password-protected roles to implement security on the system.

  8. Discuss the way to use password-protected roles without the users needing to know the role's password.

As you can see from this list of steps, the key to building the sample application is to first define and then use the role-object matrix. The matrix is then used to guide you through your application development cycle so you do not miss a functional area or privilege set.

We'll use many of the terms and definitions that have been discussed elsewhere in this book (e.g., table, view, program, etc.). If you find you're unfamiliar with any of these terms, we suggest that you review Chapter 2 through Chapter 6.


Oracle Security
Oracle Security Handbook : Implement a Sound Security Plan in Your Oracle Environment
ISBN: 0072133252
EAN: 2147483647
Year: 1998
Pages: 154

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net