Oracle XS_DATA_SECURITY
Version 21c

General Information
Library Note Morgan's Library Page Header
Which has the higher priority in your organization: Deploying a new database or securing the ones you already have? Looking for a website, and resources, dedicated solely to securing Oracle databases? Check out DBSecWorx.
Purpose Real Application Security Policy Administrative Interface
AUTHID CURRENT_USER
Constants
Name Data Type Value
 Apply Policy Options
APPLY_DYNAMIC_IS PLS_INTEGER 1
APPLY_ACLOID_COLUMN PLS_INTEGER 2
APPLY_STATIC_IS PLS_INTEGER 3
Dependencies
DBMS_ASSERT XS$COLUMN_CONSTRAINT_TYPE XS$REALM_CONSTRAINT_LIST
DBMS_UTILITY XS$KEY_LIST XS$REALM_CONSTRAINT_TYPE
DBMS_XDS_INT XS$KEY_TYPE XS_ADMIN_INT
PLITBLM XS$LIST XS_ADMIN_UTIL
XS$COLUMN_CONSTRAINT_LIST XS$NAME_LIST XS_DATA_SECURITY_INT
Documented Yes
First Available Not known
Pragma PRAGMA SUPPLEMENTAL_LOG_DATA(default, AUTO);
Security Model Owned by SYS with EXECUTE granted to PUBLIC
Source {ORACLE_HOME}/rdbms/admin/xsds.sql
Subprograms
ADD_COLUMN_CONSTRAINTS DELETE_ACL_PARAMETER REMOVE_COLUMN_CONSTRAINTS
APPEND_REALM_CONSTRAINTS DELETE_POLICY REMOVE_OBJECT_POLICY
APPLY_OBJECT_POLICY DISABLE_OBJECT_POLICY REMOVE_REALM_CONSTRAINTS
CREATE_ACL_PARAMETER ENABLE_OBJECT_POLICY SET_DESCRIPTION
CREATE_POLICY    
 
ADD_COLUMN_CONSTRAINTS
Add a column constraint to data security

Overload 1		 xs_data_security.add_column_constraints(
policy            IN VARCHAR2,
column_constraint IN xs$column_constraint_type);
TBD
Add a list of column constraints to data security

Overload 2		 xs_data_security.add_column_constraints(
policy                 IN VARCHAR2,
column_constraint_list IN xs$column_constraint_list);
TBD
 
APPEND_REALM_CONSTRAINTS
Add a realm constraint to data security

Overload 1		 xs_data_security.append_realm_constraints(
policy           IN VARCHAR2,
realm_constraint IN xs$realm_constraint_type);
TBD
Add a list of realm constraints to data security

Overload 2		 xs_data_security.append_realm_constraints(
policy                IN VARCHAR2,
realm_constraint_list IN xs$realm_constraint_list);
TBD
 
APPLY_OBJECT_POLICY
Apply an XDS policy on a table xs_data_security.apply_object_policy(
policy          IN VARCHAR2,
schema          IN VARCHAR2,
object          IN VARCHAR2,
row_acl         IN BOOLEAN := FALSE,
owner_bypass    IN BOOLEAN := FALSE,
statement_types IN VARCHAR2 := NULL,
aclmv           IN VARCHAR2 := NULL);
exec xs_data_security.apply_object_policy('UWDSPOL', 'C##UWCLASS', 'SERVERS');
 
CREATE_ACL_PARAMETER
Create an ACL parameter xs_data_security.create_acl_parameter(
policy     IN VARCHAR2,
parameter  IN VARCHAR2,
param_type IN NUMBER);
exec xs_data_security.create_acl_parameter('UWDSPOL', 'SERVER_POLICY', xs_admin_util.default_option);
 
CREATE_POLICY
Create a data security policy xs_data_security.create_policy(
name                   IN VARCHAR2,
realm_constraint_list  IN xs$realm_constraint_list,
column_constraint_list IN xs$column_constraint_list := NULL,
description            IN VARCHAR2 := NULL);
TBD
 
DELETE_ACL_PARAMETER
Delete an ACL parameter xs_data_security.delete_acl_parameter(
policy        IN VARCHAR2,
parameter     IN VARCHAR2,
delete_option IN PLS_INTEGER := XS_ADMIN_UTIL.DEFAULT_OPTION);
exec xs_data_security.delete_acl_parameter('UWDSPOL', 'SERVER_POLICY', xs_admin_util.default_option);
 
DELETE_POLICY
Delete a data security policy xs_data_security.delete_policy(
policy        IN VARCHAR2,
delete_option IN PLS_INTEGER := XS_ADMIN_UTIL.DEFAULT_OPTION);
exec xs_data_security.delete_policy('UWDSPOL');
 
DISABLE_OBJECT_POLICY
Disable a table XDS policy xs_data_security.disable_object_policy(
policy IN VARCHAR2,
schema IN VARCHAR2,
object IN VARCHAR2);
exec xs_data_security.disable_object_policy('UWDSPOL', 'C##UWCLASS', 'SERVERS');
 
ENABLE_OBJECT_POLICY
Enable a table XDS policy xs_data_security.enable_object_policy(
policy IN VARCHAR2,
schema IN VARCHAR2,
object IN VARCHAR2);
exec xs_data_security.enable_object_policy('UWDSPOL', 'C##UWCLASS', 'SERVERS');
 
REMOVE_COLUMN_CONSTRAINTS
Remove all data security column constraints xs_data_security.remove_column_constraints(policy IN VARCHAR2);
exec xs_data_security.remove_column_constraints('UWDSPOL');
 
REMOVE_OBJECT_POLICY
Remove an XDS policy from a table xs_data_security.remove_object_policy(
policy IN VARCHAR2,
schema IN VARCHAR2,
object IN VARCHAR2);
exec xs_data_security.remove_object_policy('UWDSPOL', 'C##UWCLASS', 'SERVERS');
 
REMOVE_REALM_CONSTRAINTS
Remove all realm constraints xs_data_security.remove_realm_constraints(policy IN VARCHAR2);
exec xs_data_security.remove_realm_constraints('UWDSPOL');
 
SET_DESCRIPTION
Set a data security policy description xs_data_security.set_description(
policy      IN VARCHAR2,
description IN VARCHAR2);
exec xs_data_security.set_description('UWDSPOL', 'UW Test Policy');

Related Topics
Built-in Functions
Built-in Packages
Database Security
XS_ACL
XS_ACL_INT
XS_ADMIN_INT
XS_ADMIN_UTIL
XS_ADMIN_UTIL_INT
XS_DATA_SECURITY_INT
XS_DATA_SECURITY_UTIL
XS_DATA_SECURITY_UTIL_INT
XS_DIAG
XS_DIAG_INT
XS_MTCACHE_INT
XS_NAMESPACE
XS_NAMESPACE_INT
XS_PRINCIPAL
XS_PRINCIPAL_INT
XS_ROLESET
XS_ROLESET_INT
XS_SECURITY_CLASS
XS_SECURITY_CLASS_INT
What's New In 19c
What's New In 20c-21c

Morgan's Library Page Footer
This site is maintained by Dan Morgan. Last Updated: This site is protected by copyright and trademark laws under U.S. and International law. © 1998-2021 Daniel A. Morgan All Rights Reserved
  DBSecWorx