# Scenario Catalog ## 01 - AI Prompt Injection Shows an AI agent attempting to generate overly broad SQL. Oracle Deep Data Security limits the result based on the end-user context. ## 02 - Shared App Account Shows the risk of a technical application account shared by multiple users. The relevant control becomes the end-user context, not only the connection pool account. ## 03 - PII Row/Column/Cell Shows row, column, and cell-level access control. An employee sees their own record, a manager sees the team with SSN hidden, and HR sees sensitive attributes. ## 04 - View Bypass / MAC Shows how a view can become an alternate access path and how `USE DATA GRANTS ONLY` enforces the base table policy. ## 05 - Legacy App AI Extension Shows a legacy application extended with an AI agent without rewriting all authorization logic. The agent accesses the same dataset, but Oracle Deep Data Security limits rows and columns by end-user context. ## 06 - RAG Vector Classified Docs Shows RAG/vector search with classified documents. Retrieval may attempt to fetch all chunks, but the database returns only what the classification and persona allow. ## 07 - Audit Evidence With Data Safe Shows how to generate evidence with Unified Audit and how to position OCI Data Safe for activity auditing, reporting, and sensitive data access validation. ## Suggested Next Scenarios - BI by region, branch, and cost center. - Controlled write operations with `UPDATE`, `INSERT`, and `DELETE`. - Database Vault complement to block DBA access. - AVDF/SIEM integration for on-premises, Exadata, or heterogeneous environments.