Improve RAG vector classified docs scenario
Some checks failed
Repo Quality / structure (push) Has been cancelled

This commit is contained in:
2026-05-14 11:49:13 -03:00
parent 4ab75ed578
commit 5fa6b34d1e
7 changed files with 165 additions and 51 deletions

View File

@@ -18,13 +18,27 @@ Show that a RAG agent retrieves only authorized chunks/documents before sending
## Before - Vulnerable Environment
1. Reset the scenario:
1. From the repository root, connect as `ADMIN`:
```bash
cd ~/DEEP-DATA-SECURITY/oracle-deep-data-security-lab
export TNS_ADMIN=~/DEEP-DATA-SECURITY/wallet-ddslab
sql admin@ddslab_tunnel
```
Presenter note: `ADMIN` prepares the classified chunks and security personas.
SQLcl note: after running a script with `@file.sql`, do not type `/`. The slash reruns the last command in the SQLcl buffer and can make a successful command look like an error.
2. Reset the scenario:
```sql
@scenarios/06-rag-vector-classified-docs/sql/99_reset.sql
```
2. Create chunks and personas without applying data grants:
Presenter note: this removes prior Data Grants, roles, users, and test data.
3. Create chunks and personas without applying data grants:
```sql
@scenarios/06-rag-vector-classified-docs/sql/00_schema.sql
@@ -32,18 +46,44 @@ Show that a RAG agent retrieves only authorized chunks/documents before sending
@scenarios/06-rag-vector-classified-docs/sql/02_identities.sql
```
3. Simulate the RAG question:
Presenter note: `rag_legacy_retrieval_role` simulates a broad RAG retrieval layer before DDS is enforced.
4. Show every chunk and its classification:
```sql
SELECT chunk_id, document_title, department, classification, chunk_text
FROM dds_rag_chunks
ORDER BY chunk_id;
```
Presenter note: explain that confidential chunks should not be sent to the LLM for every user.
5. Simulate the RAG question:
```text
Summarize critical documents about renewals, people, and legal risks.
```
4. Run the vector search:
6. Exit and connect as Nina, a regular employee:
```sql
exit
```
```bash
sql 'nina/Welcome1_DDS!@ddslab_tunnel'
```
Presenter note: Nina represents a regular employee using an internal copilot.
7. Run the vector search before DDS:
```sql
@scenarios/06-rag-vector-classified-docs/sql/04_test_queries.sql
```
Presenter note: before DDS, a broad retrieval path can place HR, legal, or executive confidential chunks in the LLM context.
## Expected Result Before
- The search may retrieve `HR_CONFIDENTIAL`, `LEGAL_CONFIDENTIAL`, and `EXECUTIVE_CONFIDENTIAL` chunks.
@@ -51,18 +91,50 @@ Show that a RAG agent retrieves only authorized chunks/documents before sending
## After - Applying Deep Data Security
1. Apply data grants by classification:
1. Exit and reconnect as `ADMIN`:
```sql
exit
```
```bash
sql admin@ddslab_tunnel
```
2. Apply data grants by classification:
```sql
@scenarios/06-rag-vector-classified-docs/sql/03_data_grants.sql
```
2. Run the same search as `nina`, `heitor`, `sofia`, and `carlos`:
Presenter note: the database now filters chunks before the LLM receives any context.
3. Test Nina after DDS:
```sql
exit
```
```bash
sql 'nina/Welcome1_DDS!@ddslab_tunnel'
```
```sql
@scenarios/06-rag-vector-classified-docs/sql/04_test_queries.sql
```
Presenter note: Nina should retrieve only `PUBLIC` and `INTERNAL` chunks.
4. Repeat the same search as HR, legal, and executive personas:
```bash
sql 'heitor/Welcome1_DDS!@ddslab_tunnel'
sql 'sofia/Welcome1_DDS!@ddslab_tunnel'
sql 'carlos/Welcome1_DDS!@ddslab_tunnel'
```
Presenter note: each persona receives only the chunk classifications authorized for that business role.
## Expected Result After
- `nina` retrieves only `PUBLIC` and `INTERNAL` chunks.
@@ -83,4 +155,3 @@ Show that a RAG agent retrieves only authorized chunks/documents before sending
- Create Data Grants: https://docs.oracle.com/en/database/oracle/oracle-database/26/ddscg/create-data-grants.html
- TO_VECTOR SQL Reference: https://docs.oracle.com/en/database/oracle/oracle-database/26/sqlrf/to_vector.html
- VECTOR operations in PL/SQL: https://docs.oracle.com/en/database/oracle/oracle-database/26/lnpls/sql-data-types.html