tailieunhanh - Applied Oracle Security: Developing Secure Database and Middleware Environments- P58

Applied Oracle Security: Developing Secure Database and Middleware Environments- P58:Computer security is a field of study that continues to undergo significant changes at an extremely fast pace. As a result of research combined with increases in computing capacity, computer security has reached what many consider to be “early adulthood.” From advances in encryption and encryption devices to identity management and enterprise auditing, the computer security field is as vast and complex as it is sophisticated and powerful | 544 Part IV Applied Security for Oracle APEX and Oracle Business Intelligence Oproductmanagers Columns Data Constraints 1 Grants 1 Statistic Sort. Filter IS USERJJAME PRODUCT Ibiproductl 2biproduct2 Game Consoles Portable PCs 3biproduct2 Desktop PCs FIGURE 14-4 The PRODUCT_MANAGERS table block titled GET_PRODUCTS. This initialization block uses row-wise initialization to create and populate a session variable called PRODUCT. Here is the query in that initialization block select PRODUCT variable_name product variable_value from where username USER This query returns the appropriate products for each product manager. The predicate here user_name USER ensures that only the correct products are returned. Figures 14-5 and 14-6 show the Utilities dashboard included as part of this example. Figure 14-5 shows the variables when BIPRODUCT1 is logged into Oracle BI and Figure 14-6 shows the variables when BIPRODUCT2 is logged into Oracle BI. Notice that BIPRODUCT1 has a session variable of PRODUCT Game Consoles and BIPRODUCT2 has a session variable of PRODUCT Portable PCs Desktop PCs. FIGURE 14-5 The Utilities dashboard when BIPRODUCT1 is logged into Oracle BI Chapter 14 Securing Oracle BI Content and Data 545 FIGURE 14-6 The Utilities dashboard when BIPRODUCT2 is logged into Oracle BI Now that the session variable is set up and working we can define the business model filter. Applying the Business Model Filter Business model filters are set up in the Permissions dialog box for a given group. As you can see in Figures 14-7 and 14-8 several interesting security features are included in the Permissions dialog box. The General tab lists all subject area and column-level security restrictions column-level security is discussed in the next section . Figure 14-7 shows the Query Limits tab where you set limits on when databases can be queried the maximum number of rows and the maximum amount of time that can be spent on a query. The Populate Privilege .