Free Newsletters:
Database Journal  
DBAnews  
DBASupport

 The Knowledge Center for Oracle Professionals

Search DBAsupport:
 
HOME 11g Central 10g Central 9i Central 8i Central Oracle News Scripts FAQ OCP Zone Resources Technical Docs Tools & Utilities Forums
internet.com

» HOME
» FEATURES
    11g Central
    10g Central
    9i Central
    8i Central
    Oracle News
» COMMUNITY
    Scripts
    Forums
    FAQ
    OCP Zone
» RESOURCES
    Resources
    Technical Docs
    Tools & Utilities
    Tech Jobs

Marketplace Partners
Become a Marketplace Partner


internet.commerce
Be a Commerce Partner

internet.com
IT
Developer
Internet News
Small Business
Personal Technology
International

Search internet.com
Advertise
Corporate Info
Newsletters
Tech Jobs
E-mail Offers

   DBAsupport.com > Oracle > Oracle 9i Central > Featured Stories




UNIX Administrator - Linux/Solaris (IL)
Next Step Systems
US-IL-Chicago

Justtechjobs.com Post A Job | Post A Resume

Oracle Label Security, Part 2: Implementation
Jim Czuprynski, Jim.Czuprynski@us.fujitsu.com


Part one of this series provided some real-life scenarios for which Oracle Label Security (OLS) could be used to effectively enforce the corresponding business rules and the dynamics by which OLS secures data at the row level. In this article, we will delve into how to set up OLS on an Oracle 9i database, how to create a security policy and its label components, and how to apply those security label components to both end users and to the data that needs to be secured.

Preparation: Installing OLS Components

Configuring the DBMS

The first step in applying OLS security is to configure the database and server to utilize OLS. Unfortunately, OLS is not one of the default options when the Oracle DBMS software is first installed on the target server; it must be selected as a custom option from the Oracle Universal Installer (OUI).

Fortunately, if OLS was not installed initially, this can be easily remedied via OUI. Here is a sample OUI screen showing where to locate the option under Oracle 9iR2 for Windows; of course, your installation may vary for UNIX or other operating systems:


Figure 1. Installing OLS from OUI.

Configuring the Database.

After installing OLS via OUI, the corresponding database objects must be installed on the target database as well. The Oracle Database Configuration Assistant (DBCA) allows you to install OLS features by first selecting the Configure database options in a database choice, supplying the SYS user id and password and then selecting the Oracle Label Security option (see below):


Figure 2. Installing OLS Components in an existing database.

However, if scripts are being used to create the new database, or if the target database already exists, OLS can be installed by logging into the target database via SQLPLUS, connecting as the SYS user in SYSDBA mode, and then executing the $ORAHOME\rdbms\admin\catols.sql script. This script creates a new user, LBACSYS, with a default password of LBACSYS, and creates all necessary OLS objects and stores them in the LBACSYS schema.

It is important to note that both of these aforementioned steps must be completed for OLS to work properly, otherwise the Oracle Policy Manager feature will not be able to manage security policy information.

Verifying the Configuration

Once OLS has been installed in the DBMS and the database via the prior steps, it is a good idea to verify that OLS is installed successfully by checking for the existence of the LBACSYS user and its schema objects. The following queries verify how many objects have been created and if they are in a VALID state, and also query DBA_REGISTRY via the following script to show what version of OLS has been successfully installed:

SELECT
     object_type
    ,COUNT(*)
  FROM dba_objects
 WHERE owner='LBACSYS'
 GROUP BY object_type;

OBJECT_TYPE          COUNT(*)
------------------ ----------
FUNCTION                   32
INDEX                      26
LIBRARY                    10
LOB                         1
PACKAGE                    23
PACKAGE BODY               22
PROCEDURE                   2
SEQUENCE                    3
TABLE                      16
TRIGGER                     8
TYPE                        6
TYPE BODY                   5
VIEW                       57

13 rows selected

COL comp_name FORMAT A32
COL version   FORMAT A16
SELECT
     comp_id
    ,comp_name
    ,version
  FROM dba_registry;

COMP_ID                        COMP_NAME                        VERSION
------------------------------ -------------------------------- ---------
CATALOG                        Oracle9i Catalog Views           9.2.0.1.0
CATPROC                        Oracle9i Packages and Types      9.2.0.1.0
OWM                            Oracle Workspace Manager         9.2.0.1.0
JAVAVM                         JServer JAVA Virtual Machine     9.2.0.1.0
XML                            Oracle XDK for Java              9.2.0.2.0
CATJAVA                        Oracle9i Java Packages           9.2.0.1.0
CONTEXT                        Oracle Text                      9.2.0.1.0
XDB                            Oracle XML Database              9.2.0.1.0
OLS                            Oracle Label Security            9.2.0.1.0

9 rows selected

Figure 3. Results of Successful OLS Install.

If the installation has been unsuccessful, Oracle recommends that the CATOLS script mentioned previously should be rerun. Be aware, however, that re-executing the script causes the destruction and recreation of the LBACSYS user and its schema's objects, so any OLS security policies and components information previously created in that schema will cease to exist.

Finally, note that OLS can be completely removed from a database by running the $ORAHOME\rdbms\admin\catnools.sql script from the SYS user in SYSDBA mode.

Previous   Next


Back to DBAsupport.com





internet.comearthweb.comDevx.commediabistro.comGraphics.com

Search:

Jupitermedia Corporation has two divisions: Jupiterimages and JupiterOnlineMedia

Jupitermedia Corporate Info

Legal Notices, Licensing, Reprints, Permissions, Privacy Policy.
Advertise | Newsletters | Tech Jobs | Shopping | E-mail Offers

Solutions

Whitepapers and eBooks

Intel Whitepaper: Comparing Two- and Four-Socket Platforms for Server Virtualization
IBM Solutions Brief: Go Green With IBM System xTM And Intel
HP eBook: Simplifying SQL Server Management
IBM Contest: Are You the Next Superstar? Join the "Search for the XML Superstar" Contest to Find Out
Microsoft PDF: Top 10 Reasons to Move to Server Virtualization with Hyper-V
Microsoft PDF: Six Reasons Why Microsoft's Hyper-V Will Overtake Vmware
Microsoft Step-by-Step Guide: Hyper-V and Failover Clustering
Intel PDF: Quad-Core Impacts More Than the Data Center
Intel PDF: Virtualization Delivers Data Center Efficiency
Go Parallel Article: PDC 2008 in Review
Microsoft PDF: Top 11 Reasons to Upgrade to Windows Server 2008
Avaya Article: Communication-Enabled Mashups: Empowering Both Business Owners and IT
Intel Whitepaper: Building a Real-World Model to Assess Virtualization Platforms
   PDF: Intel Centrino Duo Processor Technology with Intel Core2 Duo Processor
Microsoft Article: Build and Run Virtual Machines with Hyper-V Server 2008
Go Parallel Article: Q&A with a TBB Junkie
IBM Whitepaper: Innovative Collaboration to Advance Your Business
Internet.com eBook: Real Life Rails
IBM eBook: The Pros and Cons of Outsourcing
Internet.com eBook: Best Practices for Developing a Web Site
IBM CXO Whitepaper: The 2008 Global CEO Study "The Enterprise of the Future"
Avaya Article: Call Control XML in Action - A CCXML Auto Attendant
IBM CXO Whitepaper: Unlocking the DNA of the Adaptable Workforce--The Global Human Capital Study 2008
Adobe Acrobat Connect Pro: Web Conferencing and eLearning Whitepapers
HP eBook: Guide to Storage Networking
MORE WHITEPAPERS, EBOOKS, AND ARTICLES

Webcasts

Attend the IBM Service Management World Tour--Register now!
Video: Intel Launches Data Center Efficiency Initiative
Intel Podcast: Talking vPro
Go Parallel Video: Intel(R) Threading Building Blocks: A New Method for Threading in C++
HP Video: Is Your Data Center Ready for a Real World Disaster?
Microsoft Partner Portal Video: Microsoft Gold Certified Partners Build Successful Practices
HP On Demand Webcast: Virtualization in Action
   Go Parallel Video: Performance and Threading Tools for Game Developers
Rackspace Hosting Center: Customer Videos
Intel vPro Developer Virtual Bootcamp
HP Disaster-Proof Solutions eSeminar
HP On Demand Webcast: Discover the Benefits of Virtualization
MORE WEBCASTS, PODCASTS, AND VIDEOS

Downloads and eKits

Microsoft Windows Mobile: Deck the calls-with an HTC Diamond
IBM e-Kit: Reduce Complexity and Cost with BladeCenter
Amyuni Download: PDF & XPS Engine for Your .NET and ActiveX Applications
Acresso Download: Try InstallShield 2009
Microsoft Download: Silverlight 2 SDK
Access Crystal Reports for Eclipse Basic Edition (Free)
   30-Day Trial: SPAMfighter Exchange Module
IBM Energy Efficiency e-Kit Shows You How to Reduce Costs
Red Gate Download: SQL Toolbelt
Iron Speed Designer Application Generator
Microsoft Download: Silverlight 2 Developer Runtime (Windows)
MORE DOWNLOADS, EKITS, AND FREE TRIALS

Tutorials and Demos

VMware Online Virtualization Forum: Learn about the benefits of a virtual infrastructure, network with industry experts--Register today!
Demo: Dual-Core Intel Itanium 2 Processor
IBM IT Innovation Article: Green Servers Provide a Competitive Advantage
   Microsoft Article: Making Designer/Developer Collaboration a Reality
MORE TUTORIALS, DEMOS AND STEP-BY-STEP GUIDES