Guarding your Data Behind a Hard Shell PL/SQL API – the Detail

I’ve taken my “Why Use PL/SQL?” talk around the conference circuit and published the companion whitepaper. It was a high-level account that appealed to common sense and to abstract principles of computer science. This session takes the opposite approach. It tells you in practical detail how to ensure that the hard shell of the database’s PL/SQL API is impenetrable by addressing code organization and security. It advocates a four-schema model (data, code implementation, API, and connect) using only invokers rights units together with code-based access control to honor the principle of least privilege. The approach is refined b explicit control of “inherit privileges, the “accessible by” whitelist, and secure error handling. And scrupulous care is taken to ensure that the privileges needed for installation and patching are not available at run-time. I will present real code and demonstrations.

Wednesday, 2017-11-22
4:00 pm - 4:45 pm
Foyer Tokio
Development: DB Development
Distinguished Product Manager, Database Division, Oracle HQ

Further lectures of Bryn Llewellyn

Ten Rules for Doing a PL/SQL Performance Experiment
Tuesday , 21.11.2017
4:00 pm - 4:45 pm

These lectures could also interest you