Data Access Control

Oracle Data Safe

Data Safe is a unified control center for your Oracle Databases which helps you understand the sensitivity of your data, evaluate risks to data, mask sensitive data, implement and monitor security controls, assess user security, monitor user activity, and address data security compliance requirements. Whether you’re using Oracle Autonomous Database or Oracle Database Cloud Service (Exadata, Virtual Machine, or Bare Metal), Data Safe delivers essential data security capabilities as a service on Oracle Cloud Infrastructure.

Frequently asked questions and answers about Data Safe 

Oracle Database Vault

Stolen privileged user credentials are one of the most common attack vectors used by hackers, insiders, organized criminals, and advanced persistent threats (APTs). Oracle Database Vault provides powerful cyber security controls to help protect application data from unauthorized access and improve compliance with privacy and regulatory requirements.

Frequently asked questions and answers about Oracle Database Vault 

Oracle Label Security

Oracle Label Security enables companies and government organizations to consolidate data with different access requirements (including government classified data) into the same database.  It implements multilevel access controls based on the classification of the data and the access label of the application user.  This powerful capability enables access to sensitive data associated with R&D projects, non-public financial information, or healthcare information to be enforced inside Oracle Database 18c.

Frequently asked questions and answers about Oracle Label Security


Oracle Real Application Security

Oracle RAS provides a declarative model that enables security policies that encompass not only the business objects being protected but also the principals (users and roles) that have permissions to operate on those business objects. RAS is more secure, scalable, and cost effective than traditional Oracle VPD technology.

With Oracle RAS, application users are authenticated in the application-tier as well as in the database. Irrespective of the data access path, the data security policies are enforced in the database kernel based on the end-user native session in the database. The privileges assigned to the user control the type of operations (select, insert, update and delete) that can be performed on rows and columns of the database objects.