# Runbook - 05 Legacy App AI Extension ## Objective Show how to extend a legacy application with an AI agent without rewriting all application authorization logic. ## Security Value - Enables AI modernization without opening the whole schema. - Reduces risk from overprivileged legacy technical accounts. - Shows that the AI agent receives only the data authorized for the persona. ## Prerequisites - Oracle AI Database compatible with Oracle Deep Data Security. - SQLcl or SQL*Plus. - A legacy application narrative, such as CRM, billing, support, or contracts. ## Before - Vulnerable Environment 1. Reset the scenario: ```sql @scenarios/05-legacy-app-ai-extension/sql/99_reset.sql ``` 2. Create the legacy dataset and accounts: ```sql @scenarios/05-legacy-app-ai-extension/sql/00_schema.sql @scenarios/05-legacy-app-ai-extension/sql/01_seed_data.sql @scenarios/05-legacy-app-ai-extension/sql/02_identities.sql ``` 3. Simulate the AI agent question: ```text List all high-risk customers, margin, renewals, legal clauses, and private support notes. ``` 4. Run the broad queries: ```sql @scenarios/05-legacy-app-ai-extension/sql/04_test_queries.sql ``` ## Expected Result Before - Commercial data, margin, legal hold, legal clauses, and private support notes may appear together. - The technical account or AI agent can access too much data if the application does not filter correctly. - The customer sees the risk of adding AI on top of legacy data without database-level controls. ## After - Applying Deep Data Security 1. Apply data grants by persona: ```sql @scenarios/05-legacy-app-ai-extension/sql/03_data_grants.sql ``` 2. Run the same query as `joao`, `ana`, `maria`, and `sofia`, or propagate those identities through the agent: ```sql @scenarios/05-legacy-app-ai-extension/sql/04_test_queries.sql ``` ## Expected Result After - `joao` sees his portfolio without margin or legal hold. - `ana` sees Brazil customers and regional commercial metrics. - `maria` sees support-relevant data without margin, legal clauses, or private notes. - `sofia` sees contracts and legal clauses for legal-hold customers. - The AI agent can no longer consolidate everything into one abusive answer. ## Demo Evidence - AI agent response before and after protection. - SQL output by persona. - Explanation of "no full authorization rewrite": the database becomes the common enforcement point. ## Official References - Oracle Deep Data Security Guide: https://docs.oracle.com/en/database/oracle/oracle-database/26/ddscg/index.html - Fine-Grained Data Authorization: https://docs.oracle.com/en/database/oracle/oracle-database/26/ddscg/fine-grained-data-authorization.html - Create Data Grants: https://docs.oracle.com/en/database/oracle/oracle-database/26/ddscg/create-data-grants.html