Results for privileges


81 to 100 of 2781 results. Prev  Next
Results per page:   20  | 40 | 60


Label Security Administrator's Guide, 11g Release 1 (11.1)

Administering User Labels and Privileges

8.5 Setting Labels & Privileges with SA_SESSION.SET_ACCESS_PROFILEThe SET_ACCESS_PROFILE procedure sets the Oracle Label Security authorizations and privileges of … . That user assumes only the authorizations and privileges of the specified user. By contrast, the … SA_SESSION.SET_ACCESS_PROFILE Parameter Meaning policy_name The name of an existing policy user_name Name of the user whose authorizations and privileges

Label Security Administrator's Guide, 11g Release 1 (11.1)

Understanding Access Controls and Privileges

3.4.2 The Oracle Label Security Algorithm for Read Accessor less than the current session level. No privileges (other than FULL) allow the user to write … special Oracle Label Security privileges. See Also: \"Privileges Defined by Oracle Label Security

Label Security Administrator's Guide, 11g Release 1 (11.1)

Understanding Access Controls and Privileges

3.5 Using Oracle Label Security PrivilegesThis section introduces the Oracle Label Security database and row label privileges: Privileges … Defined by Oracle Label Security Policies Special Access Privileges Special Row Label Privileges System Privileges, Object Privileges, and Policy Privileges

Label Security Administrator's Guide, 11g Release 1 (11.1)

Administering User Labels and Privileges

8.1 Introduction to User Label and Privilege ManagementTo manage user labels and privileges, you must have the EXECUTE privilege for the SA_USER_ADMIN

Label Security Administrator's Guide, 11g Release 1 (11.1)

Administering User Labels and Privileges

8.2.4 SA_USER_ADMIN.ALTER_COMPARTMENTSThe ALTER_COMPARTMENTS procedure changes the write access, the default label indicator, and the row label indicator for each of the compartments in the list. Syntax: PROCEDURE ALTER_COMPARTMENTS (policy_name IN VARCHAR2, user_name IN VARCHAR2, comps IN VARCHAR2, access_mode IN VARCHAR2 DEFAULT NULL, in_def IN VARCHAR2 DEFAULT NULL, in_row IN VARCHAR2 DEFAULT NULL); Table 8-4 Parameters for SA_USER_ADMIN.ALTER_COMPARTMENTS

Label Security Administrator's Guide, 11g Release 1 (11.1)

Administering User Labels and Privileges

8.3.2 SA_USER_ADMIN.SET_DEFAULT_LABELThe SET_DEFAULT_LABEL procedure sets the user's initial session label to the one specified. Syntax: PROCEDURE SET_DEFAULT_LABELS ( policy_name IN VARCHAR2, user_name IN VARCHAR2, def_label IN VARCHAR2); Table 8-13 Parameters for SA_USER_ADMIN.SET_DEFAULT_LABEL Parameter Meaning policy_name Specifies the policy user_name Specifies the user name def_label Specifies the label string to be used to initialize

Label Security Administrator's Guide, 11g Release 1 (11.1)

Understanding Access Controls and Privileges

3.2.1 The Session LabelEach Oracle Label Security user has a set of authorizations that include: A maximum and minimum level A set of authorized compartments A set of authorized groups For each compartment and group, a specification of read-only access, or read/write access The administrator also specifies the user's initial session label when setting up these authorizations for the user. The session label is the particular

Label Security Administrator's Guide, 11g Release 1 (11.1)

Understanding Access Controls and Privileges

3.3 Understanding User AuthorizationsThere are two types of user authorizations: Authorizations Set by the Administrator Computed Session Labels

Label Security Administrator's Guide, 11g Release 1 (11.1)

Understanding Access Controls and Privileges

3.4.1 Introducing Read/Write AccessAlthough data labels are stored in a column within data records, information about user authorizations is stored in relational tables. When a user logs on, the tables are used to dynamically generate user labels for use during the session. 3.4.1.1 Difference Between Read and Write Operations Two fundamental types of access mediation on Data Manipulation language (DML) operations exist, within protected

Label Security Administrator's Guide, 11g Release 1 (11.1)

Administering User Labels and Privileges

8.2.10 SA_USER_ADMIN.DROP_GROUPSThe DROP_GROUPS procedure drops the specified groups from a user's authorizations. Syntax: PROCEDURE DROP_GROUPS (policy_name IN VARCHAR2, user_name IN VARCHAR2, groups IN VARCHAR2); Table 8-10 Parameters for SA_USER_ADMIN.DROP_GROUPS Parameter Meaning policy_name Specifies the policy user_name Specifies the user name groups A comma-delimited list of groups to drop

Label Security Administrator's Guide, 11g Release 1 (11.1)

Understanding Access Controls and Privileges

3.4 Evaluating Labels for Access MediationWhen a table is protected by an Oracle Label Security policy, the user's label components are compared to the row's label components to determine whether the user can access the data. In this way, Oracle Label Security evaluates whether the user is authorized to perform the requested operation on the data in the row. This section explains the rules and options by which user access is mediated. It

Label Security Administrator's Guide, 11g Release 1 (11.1)

Understanding Access Controls and Privileges

3.5.7 Access Mediation and Policy Enforcement OptionsAn administrator can choose from among a set of policy enforcement options when applying an Oracle Label Security policy to individual tables. These options enable enforcement to be tailored differently for each database table. In addition to the access controls based on the labels, a SQL predicate can also be associated with each table. The predicate can further define which rows in the table are

Label Security Administrator's Guide, 11g Release 1 (11.1)

Administering User Labels and Privileges

8.2.5 SA_USER_ADMIN.ADD_COMPARTMENTS8.2.5 SA_USER_ADMIN. ADD_COMPARTMENTS This procedure adds compartments to a user's authorizations, indicating whether the compartments are authorized for write as well as read. Syntax: PROCEDURE ADD_COMPARTMENTS (policy_name IN VARCHAR2, user_name IN VARCHAR2, comps IN VARCHAR2, access_model IN VARCHAR2 DEFAULT NULL, in_def IN VARCHAR2 DEFAULT NULL, in_row IN VARCHAR2 DEFAULT NULL); Table 8-5 Parameters

Label Security Administrator's Guide, 11g Release 1 (11.1)

Administering User Labels and Privileges

8.2.9 SA_USER_ADMIN.ALTER_GROUPSThe ALTER_GROUPS procedure changes the write access, the default label indicator, and the row label indicator for each of the groups in the list. Syntax: PROCEDURE ALTER_GROUPS (policy_name IN VARCHAR2, user_name IN VARCHAR2, groups IN VARCHAR2, access_mode IN VARCHAR2 DEFAULT NULL, in_def IN VARCHAR2 DEFAULT NULL, in_row IN VARCHAR2 DEFAULT NULL); Table 8-9 Parameters for SA_USER_ADMIN.ALTER_GROUPS

Label Security Administrator's Guide, 11g Release 1 (11.1)

Administering User Labels and Privileges

8.3.1 SA_USER_ADMIN.SET_USER_LABELS… See Also: \"Managing Program Unit Privileges with SET_PROG_PRIVS\"

Label Security Administrator's Guide, 11g Release 1 (11.1)

Administering User Labels and Privileges

8.4 Managing User Privileges with SA_USER_ADMIN.SET_USER_PRIVSThe SET_USER_PRIVS procedure sets policy-specific privileges for users. These privileges do not … . The new set of privileges replaces any existing privileges. A NULL value for the privileges … parameter removes the user's privileges for the policy. To assign policy privileges

Label Security Administrator's Guide, 11g Release 1 (11.1)

Understanding Access Controls and Privileges

3 Understanding Access Controls and Privilegeslabel and the user's label. This chapter examines the access controls and privileges that determine … Evaluating Labels for Access Mediation Using Oracle Label Security Privileges Working with Multiple Oracle Label Security Policies

Label Security Administrator's Guide, 11g Release 1 (11.1)

Understanding Access Controls and Privileges

3.2 Understanding Session Label and Row LabelThis section introduces the basic user labels. The Session Label The Row Label Session Label Example

Label Security Administrator's Guide, 11g Release 1 (11.1)

Understanding Access Controls and Privileges

3.4.3 The Oracle Label Security Algorithm for Write AccessIn the context of Oracle Label Security, WRITE_CONTROL enforcement determines the ability to insert, update, or delete data in a row. WRITE_CONTROL enables you to control data access with ever finer granularity. Granularity increases when compartments are added to levels. It increases again when groups are added to compartments. Access control becomes even more fine grained when you can manage the

Label Security Administrator's Guide, 11g Release 1 (11.1)

Administering User Labels and Privileges

8.2.7 SA_USER_ADMIN.DROP_ALL_COMPARTMENTSThe DROP_ALL_COMPARTMENTS procedure drops all compartments from a user's authorizations. Syntax: PROCEDURE DROP_ALL_COMPARTMENTS (policy_name IN VARCHAR2, user_name IN VARCHAR2); Table 8-7 Parameters for SA_USER_ADMIN.DROP_ALL_COMPARTMENTS Parameter Meaning policy_name Specifies the policy user_name Specifies the user name





Was this page helpful?

Integrated Cloud Applications & Platform Services