Virtual private database
A virtual private database or VPD masks data in a larger database so that only a subset of the data appear to exist, without actually segregating data into different tables, schemas, databases. A typical application is constraining sites, departments, individuals, etc. to operate only on their own records and at the same time allowing more privileged users and operations (e.g. reports, data warehousing, etc.) to access on the whole table.
The term is typical of the Oracle DBMS, where the implementation is very general: tables can be associated to SQL functions, which return a predicate as a SQL expression. Whenever a query is executed, the relevant predicates for the involved tables are transparently collected and used to filter rows. SELECT, INSERT, UPDATE and DELETE can have different rules.
External links
- Using Virtual Private Database to Implement Application Security Policies
- http://www.devshed.com/c/a/Oracle/RowLevel-Security-with-Virtual-Private-Database/
- http://archive.is/20130102110452/http://articles.techrepublic.com.com/5100-10878_11-5034559.html
- http://www.oracle-base.com/articles/8i/VirtualPrivateDatabases.php