0

We have a database that will eventually become the system of record for the whole (extremely large) organization.

There is customer data, sales data, product data, etc. that certain web applications need access to, and certain departments need access to. Some users need access to the entire table but usually they only need access to a subset

The current solution is to create a schema for each specific web application and creating a view in that schema that accesses the information they need. Which is insecure because they also have select privileges to the underlying tables right now.

My question: Should we create a schema that contains all of the views that each department/web app would need access to, then give select access to those specific views to the specific schemas?

Is there a better option out there?

Stan
  • 7
  • 4
  • Only giving access to the _views_ is the way to go. Another option would be to use the feature "virtual private database" (which requires an Enterprise Edition license) –  Jan 08 '16 at 19:24
  • Wow, I have never heard of the "virtual private database" before. Good thing we have the Enterprise Edition. Thanks! – Stan Jan 08 '16 at 19:43

0 Answers0