2.8 KiB
2.8 KiB
Runbook - 05 Legacy App AI Extension
Objective
Show how to extend a legacy application with an AI agent without rewriting all application authorization logic.
Security Value
- Enables AI modernization without opening the whole schema.
- Reduces risk from overprivileged legacy technical accounts.
- Shows that the AI agent receives only the data authorized for the persona.
Prerequisites
- Oracle AI Database compatible with Oracle Deep Data Security.
- SQLcl or SQL*Plus.
- A legacy application narrative, such as CRM, billing, support, or contracts.
Before - Vulnerable Environment
-
Reset the scenario:
@scenarios/05-legacy-app-ai-extension/sql/99_reset.sql -
Create the legacy dataset and accounts:
@scenarios/05-legacy-app-ai-extension/sql/00_schema.sql @scenarios/05-legacy-app-ai-extension/sql/01_seed_data.sql @scenarios/05-legacy-app-ai-extension/sql/02_identities.sql -
Simulate the AI agent question:
List all high-risk customers, margin, renewals, legal clauses, and private support notes. -
Run the broad queries:
@scenarios/05-legacy-app-ai-extension/sql/04_test_queries.sql
Expected Result Before
- Commercial data, margin, legal hold, legal clauses, and private support notes may appear together.
- The technical account or AI agent can access too much data if the application does not filter correctly.
- The customer sees the risk of adding AI on top of legacy data without database-level controls.
After - Applying Deep Data Security
-
Apply data grants by persona:
@scenarios/05-legacy-app-ai-extension/sql/03_data_grants.sql -
Run the same query as
joao,ana,maria, andsofia, or propagate those identities through the agent:@scenarios/05-legacy-app-ai-extension/sql/04_test_queries.sql
Expected Result After
joaosees his portfolio without margin or legal hold.anasees Brazil customers and regional commercial metrics.mariasees support-relevant data without margin, legal clauses, or private notes.sofiasees contracts and legal clauses for legal-hold customers.- The AI agent can no longer consolidate everything into one abusive answer.
Demo Evidence
- AI agent response before and after protection.
- SQL output by persona.
- Explanation of "no full authorization rewrite": the database becomes the common enforcement point.
Official References
- Oracle Deep Data Security Guide: https://docs.oracle.com/en/database/oracle/oracle-database/26/ddscg/index.html
- Fine-Grained Data Authorization: https://docs.oracle.com/en/database/oracle/oracle-database/26/ddscg/fine-grained-data-authorization.html
- Create Data Grants: https://docs.oracle.com/en/database/oracle/oracle-database/26/ddscg/create-data-grants.html