About Row-Level Security

Some data sources apply row-level security policies to determine what data can be queried by an individual user.

Data security is described using various terms such as row-level security, data-level security, or Virtual Private Database (VPD) policies. This document uses the term row-level security.

Some data sources support connections using a privileged user that can impersonate the end user running a query. Connection pools allow parameterization of connection string information, and on-connection and on-query scripts that run prior to data queries. When Oracle Analytics connects to a data source by using a privileged user that can impersonate the actual end user, the data source’s data security policies apply to the end user queries.

In addition to the connection string and query script configuration, Oracle Analytics provides a Virtual Private Database (VPD) data source property for each database in the semantic model's physical layer. When you enable the Virtual Private Database (VPD) option, you can prevent sharing of query cache between users because each user needs to retrieve only the data they are permitted to query.

You must define the users, permissions, and security policies in the database. Refer to your database documentation for more information.

You can use a connection script to achieve the same row-level security for Oracle Database data sources.