Virtual Private Database (VPD)
Virtual Private Database(VPD) is the most popular secured database which was introduced by Oracle Database Enterprise. It is used when the object privileges and database roles are inadequate to achieve security requirements. The policies or protocols are directly proportional to security requirements.
VPD is associated with the “application context” feature and these contexts are used to manage the data during the execution of SQL statements. A complex VPD example might read an application context during a login trigger and a simple VPD example might restrict access to data during business hours.
Advantages of VPD:
- Higher Accessibility: Users can easily access the data from anywhere.
- Flexibility: It can be easily modified without breaking the control flow.
- Higher Recovery Rate: The data can be retrieved very easily.
- Dynamically Secured: No need to maintain complex roles.
- No back doors: The security policy is attached to the data so no by-passing is allowed.
Dis-advantages of VPD:
- Difficult column-level security.
- Oracle account ID is required to use this service.
- Hard to examine.
There are the following examples of VPD:
Example 1: The user can see the data of the column of account_mgr_id “149” from the 1st table. It will be specific to itself only unless more queries are provided. VPD can execute the data which has been commanded.
Example 2: In VPD, no application security problems occurred as it can’t be bypassed and all protocols are linked with the customer table. In the below example the customer can see his orders in the order table.
Example 3: In the given image, the hidden query is applied to hide the data which can be confidential so that it can be fully secured and users will have access control over others except for the hidden one.