View
218
Download
0
Category
Tags:
Preview:
Citation preview
یا ذاالمن و االمان
Virtual Private Database
Mohammad Amin Sabbaghian
Database Security – Virtual Private Database 3
What is VPD? Why use VPD? History of VPD Overview of Virtual Private Databases VPD components Benefits of using VPD Drawbacks of using VPD Summary
Agenda
Winter 2015
What is VPD?
Database Security – Virtual Private Database 5
Acronym for Virtual Private Database
VPD enables you to enforce security, directly on tables, views or synonyms
Sometimes referred to as Oracle Row-Level Security (RLS) or Fine Grained Access Control (FGAC)
What is VPD?
Winter 2015
Database Security – Virtual Private Database 6
Allows to define which rows users may have access to
Dynamically returns a predicate against a target table
This activity is transparent to the user executing the SQL
What is VPD?
Winter 2015
Why use VPD?
Database Security – Virtual Private Database 8
Protect confidential and secret information
Regulations such as HIPAA and SOX
You can have one database and control the delivery of the data to the right people
Why use VPD?
Winter 2015
History of VPD
Database Security – Virtual Private Database 10
Oracle VPD was introduced in Oracle 8i Version 8.1.5 as a new solution to enforce granular access control of data at server level
In Oracle8i, the VPD provided the following key features:
- Fine grained Access Control - Application Context - Row Level Security - VPD support for table and view
History of VPD
Winter 2015
Database Security – Virtual Private Database 11
Oracle9i expanded the Virtual Private Database features as follows:
- Oracle Policy Manager - Partitioned fine-grained access control - Global application context - VPD support for synonyms
History of VPD
Winter 2015
Database Security – Virtual Private Database 12
Oracle 10g makes the following three major enhancements in Virtual Private Database:
Column-Level Privacy - It increases performance by limiting the number of queries that the database rewrites. Rewrites only occur when the statement references relevant columns. This feature also leads to more privacy.
Customization - With the introduction of four new types of policies, you can customize VPD to always enforce the same predicate with a static policy or you can have VPD predicates that change dynamically with a non-static policy.
Shared Policies - You can apply a single VPD policy to multiple objects, and therefore reduce administration costs.
11g provides integration for Enterprise manager for Row Level Security Policies.
History of VPD
Winter 2015
Overview of Virtual Private Databases
Database Security – Virtual Private Database 14
A VPD deals with data access VPD controls data access at the row or column
level Oracle10/11g:
Fine-grained access control: associate security policies to database objects
Application Context: define and access application or session attributes
Combining these two features, VPD enables administrators to define and enforce row-level access control policies based on session attributes.
Overview of Virtual Private Databases
Winter 2015
Database Security – Virtual Private Database 15
Overview of Virtual Private Databases (continued)
Winter 2015
Database Security – Virtual Private Database 16
Overview of Virtual Private Databases (continued)
Step 0. Owner gives the policy and its function
Step 1 User sends SQL to the database server.
Step 2 The associated table triggers a pre-defined policy function.
Step 4. The server dynamically rewrites the submitted query by appending the returned predicate to the WHERE clause
Step 5. The modified SQL query is executed.
Step 3. The policy function returns a predicate, based on session attributes or database contents.
Winter 2015
Database Security – Virtual Private Database 17
BEGIN Dbms_rls.add_policy (object_schema=>'ret_schema', Object_name=>'retiree', Policy_name=>'retiree_policy', Function_schema=>'retiree', Policy_function=>'f_retiree_01', Statement_types=>'select', Sec_relevant_cols=>'ssn, sal'); END;
Winter 2015
Example
VPD Components
Database Security – Virtual Private Database 19
Application Context
PL/SQL Function
Security Policies
VPD Components
Winter 2015
Database Security – Virtual Private Database 20
Holds environmental variables - Application name - Username
Gathers information using
Dbms_session.set_context
Application Context
Winter 2015
Database Security – Virtual Private Database 21
Functions are used to construct and return the Predicates that enforce the row-level security
The function must be called in the correct standard, to ensure that the policy can call the function correctly
Function returns a value
PL/SQL Function
Winter 2015
Benefits of using VPD
Database Security – Virtual Private Database 23
Benefits of using VPD
Dynamic Security No need to maintain complex roles and grants
Multiple Security You can place more than one policy on each object, as
well as stack them on other base polices.
Simplicity
No backdoors Users can no longer bypass security polices embedded
in applications, as they are attached to the data Winter 2015
Drawbacks of using VPD
Database Security – Virtual Private Database 25
Drawbacks of using VPD
Requires Oracle User ID VPD requires that an Oracle user Id be
defined to every person who connects to the database. This adds maintenance and overhead
Hard to audit It is hard to write an audit script that defines
the exact access for each user
Winter 2015
VPD Summary
Database Security – Virtual Private Database 27
Summary
A virtual private database allows or prevents data access at the row or column level; implemented using VIEW database object
VPDs are also referred to as row-level security (RLS) or fine-grained access (FGA)
SQL Server does not support VPDs
Winter 2015
Database Security – Virtual Private Database 28
Summary (continued)
Oracle Application context: Allows setting of database application be
retrieved by database sessions SYS_CONTEXT function PL/SQL package DBMS_SESSION SET_CONTEXT procedure
Use Oracle-supplied package DBMS_RLS to add the VPD policy
Oracle data dictionary viewsWinter 2015
Database Security – Virtual Private Database 29
VPD Summary
Security By attaching security policies to tables, views, or synonyms, fine-grained access control ensures that the same security is in force, no matter how a user accesses the data.
Simplicity Adding the security policy to the table, view, or synonym means that you make the addition only once, rather than repeatedly adding it to each of your table-, view-, or synonym-based applications.
Flexibility You can have one security policy for SELECT statements, another for INSERT statements, and still others for UPDATE and DELETE statements.
Winter 2015
Q&A
Database Security – Virtual Private Database 31
http://en.wikipedia.org/wiki/Virtual_private_database
http://docs.oracle.com/cd/B28359_01/network.111/b28531/vpd.htm
http://www.utc.edu/center-information-security-assurance/course-listing/4670-lecture8-vpd.ppt
http://theoicllc.com/R12_GL/VPD_Sparks_Ver2.0.ppt
Winter 2015
Resources
ير9 م@ فBك@ كBل@ أ<س> Bالل@ه
Jد9 م>ن اس> ل>حJ كBل@ ف< Jصم@ أ< Bالل@ه
ل>م>ين< JسBمJور> الBمBأ
ر>يض9 ف> كBل@ م< Jم@ اش Bالل@ه
Recommended