General Information
Library Note
Morgan's Library Page Header
Which has the higher priority in your organization: Deploying a new database or securing the ones you already have?
Looking for a website, and resources, dedicated solely to securing Oracle databases? Check out DBSecWorx .
Purpose
Oracle Label Security Internal Policy Administration Utilities
AUTHID
CURRENT_USER
Dependencies
ALL_USERS
LBAC_POLICY_ADMIN
OLS$POL
LBAC$USER_LIBT
LBAC_SERVICES
OLS$POLS
LBAC_CACHE
LBAC_STANDARD
OLS$POLT
LBAC_NAME_LIST
Documented
No
First Available
20c
Security Model
Owned by SYS with EXECUTE granted to PUBLIC
Source
{ORACLE_HOME}/rdbms/admin/prvtolsdd.plb
Subprograms
ALTER_SCHEMA_POLICY (new 21c)
Modify a schema policy
lbac_policy_admin_int.alter_schema_policy(
policy_name IN VARCHAR2,
schema_name IN VARCHAR2,
default_options IN VARCHAR2,
username IN VARCHAR2);
TBD
APPLY_SCHEMA_POLICY (new 21c)
Apply a schema policy
lbac_policy_admin_int.apply_schema_policy(
policy_name IN VARCHAR2,
schema_name IN VARCHAR2,
default_options IN VARCHAR2,
username IN VARCHAR2)
TBD
APPLY_TABLE_POLICY (new 21c)
Apply a table policy
lbac_policy_admin_int.apply_table_policy(
policy_name IN VARCHAR2,
schema_name IN VARCHAR2,
table_name IN VARCHAR2,
table_options IN VARCHAR2,
label_function IN VARCHAR2,
predicate IN VARCHAR2,
username IN VARCHAR2);
TBD
DISABLE_SCHEMA_POLICY (new 21c)
Disable a schema policy
lbac_policy_admin_int.disable_schema_policy(
policy_name IN VARCHAR2,
schema_name IN VARCHAR2,
username IN VARCHAR2);
exec lbac_policy_admin_int.disable_schema_policy ('DATA_ACCESS', 'HR', 'UWCLASS');
DISABLE_TABLE_POLICY (new 21c)
Disable a table policy
lbac_policy_admin_int.disable_table_policy(
policy_name IN VARCHAR2,
schema_name IN VARCHAR2,
table_name IN VARCHAR2,
username IN VARCHAR2);
exec lbac_policy_admin_int.disable_table_policy ('DATA_ACCESS', 'HR', 'EMPLOYEES', 'UWCLASS');
ENABLE_SCHEMA_POLICY (new 21c)
Enable a schema policy
lbac_policy_admin_int.enable_schema_policy(
policy_name IN VARCHAR2,
schema_name IN VARCHAR2,
username IN VARCHAR2);
exec lbac_policy_admin_int.enable_schema_policy ('DATA_ACCESS', 'HR', 'UWCLASS');
ENABLE_TABLE_POLICY (new 21c)
Enable a table policy
lbac_policy_admin_int.enable_table_policy(
policy_name IN VARCHAR2,
schema_name IN VARCHAR2,
table_name IN VARCHAR2,
username IN VARCHAR2);
exec lbac_policy_admin_int.enable_table_policy ('DATA_ACCESS', 'HR', 'EMPLOYEES', 'UWCLASS');
POLICY_SUBSCRIBE (new 21c)
Subscribe to a policy
lbac_policy_admin_int.policy_subscribe(
policy_name IN VARCHAR2,
username IN VARCHAR2);
exec lbac_policy_admin_int.policy_subscribe ('DATA_ACCESS', 'UWCLASS');
POLICY_UNSUBSCRIBE (new 21c)
Unsubscribe from a policy
lbac_policy_admin_int.policy_unsubscribe(
policy_name IN VARCHAR2,
username IN VARCHAR2);
exec lbac_policy_admin_int.policy_unsubscribe ('DATA_ACCESS', 'UWCLASS');
REMOVE_SCHEMA_POLICY (new 21c)
Remove a schema policy
lbac_policy_admin_int.remove_schema_policy(
policy_name IN VARCHAR2,
schema_name IN VARCHAR2,
drop_column IN BOOLEAN,
username IN VARCHAR2);
TBD
REMOVE_TABLE_POLICY (new 21c)
Remove a table policy
lbac_policy_admin_int.remove_table_policy(
policy_name IN VARCHAR2,
schema_name IN VARCHAR2,
table_name IN VARCHAR2,
drop_column IN BOOLEAN,
username IN VARCHAR2);
TBD