17 lines
759 B
Markdown
Executable File
17 lines
759 B
Markdown
Executable File
# Expected Results
|
|
|
|
## Before Oracle Deep Data Security
|
|
|
|
- `DDS_APP` simulates a shared application account or connection pool.
|
|
- `DDS_APP` can query all orders from all regions.
|
|
- `DDS_APP` can see the sensitive `margin` column.
|
|
- The database cannot safely distinguish Alice's access from Bruno's access if the application account is the only security boundary.
|
|
|
|
## After Oracle Deep Data Security
|
|
|
|
- `alice` sees only her own orders.
|
|
- `alice` can query operational columns such as `order_id`, `customer_name`, `region`, `seller`, and `amount`.
|
|
- `alice` cannot access `margin`.
|
|
- `bruno` sees LATAM orders with manager visibility, including `margin`.
|
|
- The database enforces access based on the business persona, not only on the shared technical account.
|