Preface

Oracle Label Security enables access control to reach speci fic (labeled) rows of a database. With Oracle Label Security in place, users with varying privilege levels automatically have (or are excluded from) the right to see or alter labeled rows of data.

This Orac le Label Security Administrator's Guide describes how to use Oracle Label Security to protect sensitive data. It explains the ba sic concepts behind label-based security and provides examples to show how it is used.

This preface contains these topics:

Audience< /font>

The Oracle Label Security Administrator's Guide is intended for database administrators (DBAs), application programmers, security administrators, system operators, and other Oracle users who pe rform the following tasks:

Analyze application security require ments
Create label-based security policies
Administer label-based security policies
Use label-based secu rity policies

To use this document, you need a working knowledge of SQL and Oracle fun damentals. You should also be familiar with Oracle security features described in "Related Documentation ". To use SQL*Loader, you must know how to use the file management facilities of your operating system.

Documentation Accessibility

< a name="971716">

Our goal is to make Oracle products, services, and supporting documentation accessible, with good usability, to the disabled community. To that end, our documentation includes features that make information available to users of a ssistive technology. This documentation is available in HTML format, and contains markup to facilitate access by the disabled communi ty. Standards will continue to evolve over time, and Oracle is actively engaged with other market-leading technology vendors to addre ss technical obstacles so that our documentation can be accessible to all of our customers. For additional information, visit the Ora cle Accessibility Program Web site at

http://www.oracle.com/accessibility/

Accessibility of Code Examples in Documentation

JAWS, a Windows screen reader, may not always correctly read the code examples in this document. The conventions for writing code require that closing braces should appear on an otherwise empty line; however, JAWS may not always read a line of text that consists solely of a bracket or brace.

Accessibility of Links to External Web Sites in Documentation

This docume ntation may contain links to Web sites of other companies or organizations that Oracle does not own or control. Oracle neither evalua tes nor makes any representations regarding the accessibility of these Web sites.

Organization

This document contains:

Part I: Concepts

This part introduces basic conceptual information about Oracle Label Security.

Chapter 1, "I ntroduction to Oracle Label Security"

This chapter introduces Oracle La bel Security in the larger context of data security. It gives an overview of computer security issues and data access controls, and o utlines the architecture and major features of Oracle Label Security.

Chapter 2, "Understanding Data Labels and User Labels"

This chapter discusses the fundamental concepts of data labels and user authorizations, and introduces the terminology that will help you understand Oracle Label Security. It covers label components, label syntax and type, and explains how data labels and user authorizations work together.

Chapter 3, "Understanding Access Controls and Privileges"

This chapter presents the access controls and privileges that determine the type of acce ss users can have to the rows affected. It introduces the concepts of session label and row label, and explains how rows are evaluate d for access mediation.

Par t II: Using Oracle Label Security Functionality

This part provides the information needed by users of Oracle Label Security policies.

Chapter 4, "Working with Labeled D ata"

This chapter explains how to use Oracle Label Security features to manage labeled data. It then shows how to view and change the value of security attributes for a session.

Chapter 5, "Oracle Label Security Using Oracle Internet Directory"

This chapter explains the integration of Oracle Label Security features with those of Oracle Internet Directory. Enabling Oracle Label Security to take advantage of the central directory simplifies management of data labels, user labels and privileges, policies, and enterprise users across multiple databases and domai ns.

Part III: Adminis tering an Oracle Label Security Application

This part explains how to create and manage an Oracle Label Security application.

Chapter 6, "Creating an Oracle Label Security Policy"

This chapter explains how to create an Oracle Label Security policy, and its underlying label components and labels.

Chapter 7, "Administe ring User Labels and Privileges"

This chapter explains how you can set authoriza tions for users, and grant privileges to users or stored program units by means of the available Oracle Label Security packages, or O racle Policy Manager.

Chapter 8, "Implementing Policy Enforcement Options and Labeling Functions"

This chapter explains how to customize the enforcement of Oracle Label Security policies, and how to implement labeling function s and SQL predicates.

Chapter 9, "Applying Policies to Tables and Schemas"

This chapter desc ribes the SA_POLICY_ADMIN package, which enables you to administer policies on tables and schemas.

Chapter 10, "Administering and Using Trusted S tored Program Units"

This chapter explains how to use trusted stored program uni ts to enhance system security.

Chapter 11, "Auditing Under Oracle Label Security"

This chapter explains how Oracle Label Security supplements the Oracle9i audit facility by tracking use of its own adminis trative operations and policy privileges. It describes the SA_AUDIT_ADMIN package, which enables you to set and change the policy aud iting options.

Ch apter 12, "Using Oracle Label Security with a Distributed Database"

This ch apter describes special considerations for using Oracle Label Security in a distributed configuration.

Chapter 13, "Performing DBA Functions Unde r Oracle Label Security"

The standard Oracle9i utilities can be used under Oracle Label Security, but certain restrictions apply, and extra steps may be required to get the expected results . This chapter describes these special considerations.

Chapter 14, "Releasability Using Inverse Groups"

This chapter discusses the Oracle Label Security implementation of releasability using inverse groups.

Part IV: Appendices

Appendix& nbsp;A, "Advanced Topics in Oracle Label Security"

This appendix descri bes dominance relationships, and other ways in which the relationships between labels can be analyzed. It also describes the OCI inte rface for setting session labels.

Appendix C, "Reference"

This appendix documents the MAX_LABEL_ POLICIES initialization parameter, the Oracle Label Security data dictionary tables, and Oracle Label Security restrictions.

Conventions

This section describes the conven tions used in the text and code examples of this documentation set. It describes:

Conventions in Text

We use various conventions in text to help you more quickly identify special terms. The following table describes those conventions and provides examples of their use.

< /a> Convention	Meaning	Example
Bold	Bold typeface indicates terms that are defined in the text or terms that appear in a glossary, or both.	When you specify this clause, you create an index-organized table.
Italics	Italic typeface indicates book titles o r emphasis.	Oracle Database Concepts Ensure that the recovery catalog and target database do not reside on the same disk.
UPPERCASE monospace (fixed-width) font	Uppercase monosp ace typeface indicates elements supplied by the system. Such elements include parameters, privileges, datatypes, RMAN keywords, SQL k eywords, SQL*Plus or utility commands, packages and methods, as well as system-supplied column names, database objects and structures , usernames, and roles.	You can specify this clause only for a NUMBER column. You can back up the database by using the `BACKUP` comman d. Query the `TABLE_NAME` column in the `USER_TABLES` data dictionary v iew. Use the `DBMS_STATS`.`GENERATE_STATS` procedure.
`lowercase monospace (fix ed-width) font`	Lowercase monospace typeface indicates execu tables, filenames, directory names, and sample user-supplied elements. Such elements include computer and database names, net service names, and connect identifiers, as well as user-supplied database objects and structures, column names, packages and classes, userna mes and roles, program units, and parameter values. Note: Some programmatic elements use a mixture of UPPERCASE and lowercase. Enter these elements as shown.	Enter `sqlplus` to open SQL*Plus. The password is spe cified in the `orapwd` file. Back up the datafiles and control files in the `/disk1/oracle/dbs` directory. The `department_id`, `department_name, and location_id columns are in the hr.departments table.` `Set t he QUERY_REWRITE_ENABLED initialization parameter to true. Connect as oe user. The JRepUtil class implements these methods.`
`lowercase ita lic monospace (fixed-width) font`	Lowercase italic mono space font represents placeholders or variables.	You can specify t he `parallel_clause`. Run `U``old_release` `.SQL` where `old_release` refers to the release you installed prior to upgrading.

Conventions in Code Examples

Code examples illustrate SQL, PL/SQL, SQL*Plus, or other command-line statements. They are displ ayed in a monospace (fixed-width) font and separated from normal text as shown in this example:


SELECT username FROM dba_users WHERE username = 'MIGRATE';

The following table describes typographic conventions used in code examples and provides examples of their use.

Convention	Meaning	Example
[ ]	Brackets enclose one or more optional items. Do not enter the br ackets.	`DECIMAL (``digits` `[ ,` `precision` `])`
{ }	Braces enclose tw o or more items, one of which is required. Do not enter the braces.	`{ENABLE \| DISABLE}`
\|	A vertical bar represents a choice of two o r more options within brackets or braces. Enter one of the options. Do not enter the vertical bar.	`{ENABLE \| DISABLE}` `[COMPRESS \| NOCOMPRESS ]`
...	Horizontal ellipsis points indicate either: That we have omitted parts of the code that are not directly related to the example That you can repeat a portion of the code	`CREATE TABLE ... AS` `su bquery``;` `SELECT` `col1``,` `col2``, ... ,` `coln` `FROM employe es;`
. . .	Vertical ellipsis points indicate that we have omitted several lines of code not directly related to the example.
Other notation	You must en ter symbols other than brackets, braces, vertical bars, and ellipsis points as shown.	`acctbal NUMBER(11,2);` `acct CONSTANT NUMBER(4) := 3;`
Italics	Italicized text indicates placeholders or va riables for which you must supply particular values.	`CONNECT SYSTEM/``system_password` `DB_NAME =` `databas e_name`
`UPPERCASE`	Uppercase typeface indicates elements supplied by the system. We show these terms in uppercase in order to distinguish them from terms you define. Unless terms appear in brackets, enter them in the order and with the spelling shown. However, because these terms are not case sensitive, you can enter the m in lowercase.	`SELECT last_name, employee_id FROM employees ;` `SELECT * FROM USER_TABLES;` DROP TABLE hr.employees;
`lowercase`	Lowercase typeface ind icates programmatic elements that you supply. For example, lowercase indicates names of tables, columns, or files. < /a> Note: Some programmatic elements use a mixture of UPPERCASE and lowercase. Enter these elements as shown.	`SELECT last_name, employee_id FROM employees;` `sqlplus hr/hr` `CR EATE USER mjones IDENTIFIED BY ty3MU9;`