Files
oracle-deep-data-security-lab/scenarios/02-shared-app-account/evidence/expected-results.md
Rodrigo 77ecd70622
Some checks failed
Repo Quality / structure (push) Has been cancelled
Improve shared app account scenario
2026-05-14 11:49:45 -03:00

17 lines
759 B
Markdown
Executable File

# Expected Results
## Before Oracle Deep Data Security
- `DDS_APP` simulates a shared application account or connection pool.
- `DDS_APP` can query all orders from all regions.
- `DDS_APP` can see the sensitive `margin` column.
- The database cannot safely distinguish Alice's access from Bruno's access if the application account is the only security boundary.
## After Oracle Deep Data Security
- `alice` sees only her own orders.
- `alice` can query operational columns such as `order_id`, `customer_name`, `region`, `seller`, and `amount`.
- `alice` cannot access `margin`.
- `bruno` sees LATAM orders with manager visibility, including `margin`.
- The database enforces access based on the business persona, not only on the shared technical account.