Oracle XS_DATA_SECURITY
Version 21c

General Information
Library Note Morgan's Library Page Header
ACE Director Alum Daniel Morgan, founder of Morgan's Library, is scheduling complimentary technical Workshops on Database Security for the first 30 Oracle Database customers located anywhere in North America, EMEA, LATAM, or APAC that send an email to asra_us@oracle.com. Request a Workshop for your organization today.
Purpose Real Application Security Policy Administrative Interface
AUTHID CURRENT_USER
Constants
Name Data Type Value
 Apply Policy Options
APPLY_DYNAMIC_IS PLS_INTEGER 1
APPLY_ACLOID_COLUMN PLS_INTEGER 2
APPLY_STATIC_IS PLS_INTEGER 3
Dependencies
DBMS_ASSERT XS$COLUMN_CONSTRAINT_TYPE XS$REALM_CONSTRAINT_LIST
DBMS_UTILITY XS$KEY_LIST XS$REALM_CONSTRAINT_TYPE
DBMS_XDS_INT XS$KEY_TYPE XS_ADMIN_INT
PLITBLM XS$LIST XS_ADMIN_UTIL
XS$COLUMN_CONSTRAINT_LIST XS$NAME_LIST XS_DATA_SECURITY_INT
Documented Yes
First Available Not known
Pragma PRAGMA SUPPLEMENTAL_LOG_DATA(default, AUTO);
Security Model Owned by SYS with EXECUTE granted to PUBLIC
Source {ORACLE_HOME}/rdbms/admin/xsds.sql
Subprograms
ADD_COLUMN_CONSTRAINTS DELETE_ACL_PARAMETER REMOVE_COLUMN_CONSTRAINTS
APPEND_REALM_CONSTRAINTS DELETE_POLICY REMOVE_OBJECT_POLICY
APPLY_OBJECT_POLICY DISABLE_OBJECT_POLICY REMOVE_REALM_CONSTRAINTS
CREATE_ACL_PARAMETER ENABLE_OBJECT_POLICY SET_DESCRIPTION
CREATE_POLICY    
 
ADD_COLUMN_CONSTRAINTS
Add a column constraint to data security

Overload 1		 xs_data_security.add_column_constraints(
policy            IN VARCHAR2,
column_constraint IN xs$column_constraint_type);
TBD
Add a list of column constraints to data security

Overload 2		 xs_data_security.add_column_constraints(
policy                 IN VARCHAR2,
column_constraint_list IN xs$column_constraint_list);
TBD
 
APPEND_REALM_CONSTRAINTS
Add a realm constraint to data security

Overload 1		 xs_data_security.append_realm_constraints(
policy           IN VARCHAR2,
realm_constraint IN xs$realm_constraint_type);
TBD
Add a list of realm constraints to data security

Overload 2		 xs_data_security.append_realm_constraints(
policy                IN VARCHAR2,
realm_constraint_list IN xs$realm_constraint_list);
TBD
 
APPLY_OBJECT_POLICY
Apply an XDS policy on a table xs_data_security.apply_object_policy(
policy          IN VARCHAR2,
schema          IN VARCHAR2,
object          IN VARCHAR2,
row_acl         IN BOOLEAN := FALSE,
owner_bypass    IN BOOLEAN := FALSE,
statement_types IN VARCHAR2 := NULL,
aclmv           IN VARCHAR2 := NULL);
exec xs_data_security.apply_object_policy('UWDSPOL', 'C##UWCLASS', 'SERVERS');
 
CREATE_ACL_PARAMETER
Create an ACL parameter xs_data_security.create_acl_parameter(
policy     IN VARCHAR2,
parameter  IN VARCHAR2,
param_type IN NUMBER);
exec xs_data_security.create_acl_parameter('UWDSPOL', 'SERVER_POLICY', xs_admin_util.default_option);
 
CREATE_POLICY
Create a data security policy xs_data_security.create_policy(
name                   IN VARCHAR2,
realm_constraint_list  IN xs$realm_constraint_list,
column_constraint_list IN xs$column_constraint_list := NULL,
description            IN VARCHAR2 := NULL);
TBD
 
DELETE_ACL_PARAMETER
Delete an ACL parameter xs_data_security.delete_acl_parameter(
policy        IN VARCHAR2,
parameter     IN VARCHAR2,
delete_option IN PLS_INTEGER := XS_ADMIN_UTIL.DEFAULT_OPTION);
exec xs_data_security.delete_acl_parameter('UWDSPOL', 'SERVER_POLICY', xs_admin_util.default_option);
 
DELETE_POLICY
Delete a data security policy xs_data_security.delete_policy(
policy        IN VARCHAR2,
delete_option IN PLS_INTEGER := XS_ADMIN_UTIL.DEFAULT_OPTION);
exec xs_data_security.delete_policy('UWDSPOL');
 
DISABLE_OBJECT_POLICY
Disable a table XDS policy xs_data_security.disable_object_policy(
policy IN VARCHAR2,
schema IN VARCHAR2,
object IN VARCHAR2);
exec xs_data_security.disable_object_policy('UWDSPOL', 'C##UWCLASS', 'SERVERS');
 
ENABLE_OBJECT_POLICY
Enable a table XDS policy xs_data_security.enable_object_policy(
policy IN VARCHAR2,
schema IN VARCHAR2,
object IN VARCHAR2);
exec xs_data_security.enable_object_policy('UWDSPOL', 'C##UWCLASS', 'SERVERS');
 
REMOVE_COLUMN_CONSTRAINTS
Remove all data security column constraints xs_data_security.remove_column_constraints(policy IN VARCHAR2);
exec xs_data_security.remove_column_constraints('UWDSPOL');
 
REMOVE_OBJECT_POLICY
Remove an XDS policy from a table xs_data_security.remove_object_policy(
policy IN VARCHAR2,
schema IN VARCHAR2,
object IN VARCHAR2);
exec xs_data_security.remove_object_policy('UWDSPOL', 'C##UWCLASS', 'SERVERS');
 
REMOVE_REALM_CONSTRAINTS
Remove all realm constraints xs_data_security.remove_realm_constraints(policy IN VARCHAR2);
exec xs_data_security.remove_realm_constraints('UWDSPOL');
 
SET_DESCRIPTION
Set a data security policy description xs_data_security.set_description(
policy      IN VARCHAR2,
description IN VARCHAR2);
exec xs_data_security.set_description('UWDSPOL', 'UW Test Policy');

Related Topics
Built-in Functions
Built-in Packages
Database Security
XS_ACL
XS_ACL_INT
XS_ADMIN_INT
XS_ADMIN_UTIL
XS_ADMIN_UTIL_INT
XS_DATA_SECURITY_INT
XS_DATA_SECURITY_UTIL
XS_DATA_SECURITY_UTIL_INT
XS_DIAG
XS_DIAG_INT
XS_MTCACHE_INT
XS_NAMESPACE
XS_NAMESPACE_INT
XS_PRINCIPAL
XS_PRINCIPAL_INT
XS_ROLESET
XS_ROLESET_INT
XS_SECURITY_CLASS
XS_SECURITY_CLASS_INT
What's New In 21c
What's New In 23c

Morgan's Library Page Footer
This site is maintained by Dan Morgan. Last Updated: This site is protected by copyright and trademark laws under U.S. and International law. © 1998-2023 Daniel A. Morgan All Rights Reserved
  DBSecWorx