List of Figures

1-1 Scope of Data Security Needs

1-2 Oracle Label Security Architecture

1-3 Oracle Label Security Label-Based Security

1-4 Oracle9i Enterprise Edition Virtual Private Database Technology

2-1 Data Categorization with Levels, Compartments, Groups

2-2 Label Matrix

2-3 Group Example

2-4 Example: Data Labels and User Labels

2-5 How Label Components Interrelate

3-1 Relationships Between Users, Data, and Labels

3-2 User Session Label

3-3 Setting Up Authorized Levels

3-4 Setting Up Authorized Compartments

3-5 Setting Up Authorized Groups

3-6 Subgroup Inheritance of Read/Write Access

3-7 Label Evaluation Process for Read Access

3-8 Label Evaluation Process for Write Access

3-9 Label Evaluation Process for Read Access with COMPACCESS Privilege

3-10 Label Evaluation Process for Write Access with COMPACCESS Privilege

3-11 Stored Program Unit Execution

5-1 Diagram of Oracle Label Security Metadata Storage in Oracle Internet Directory

5-2 Oracle Label Security Policies Applied through Oracle Internet Directory

6-1 Oracle Policy Manager Interface

8-1 Label Evaluation Process for LABEL_UPDATE

12-1 Using Oracle Label Security with a Distributed Database

12-2 Label Tags in a Distributed Database

12-3 Label Components in a Distributed Database

12-4 Use of Materialized Views for Replication

14-1 Read Access Label Evaluation with Inverse Groups

14-2 Write Access Label Evaluation with Inverse Groups

14-3 Read Access Label Evaluation: COMPACCESS Privilege and Inverse Groups

14-4 Write Access Label Evaluation: COMPACCESS Privilege and Inverse Groups