Files
oracle-deep-data-security-lab/scenarios/02-shared-app-account/RUNBOOK.md
Rodrigo Pace 52bf971b8b
Some checks failed
Repo Quality / structure (push) Has been cancelled
Terraform Validate / validate (push) Has been cancelled
Translate lab documentation to English
2026-05-08 14:50:52 -03:00

2.5 KiB

Runbook - 02 Shared App Account

Objective

Show that a shared technical application account should not be the real data authorization boundary.

Security Value

  • Reduces the risk of overprivileged connection pools.
  • Lets the database evaluate the end user, not only the technical account.
  • Helps protect web applications, APIs, BI tools, and agents that use shared accounts.

Prerequisites

  • Oracle AI Database compatible with Oracle Deep Data Security.
  • SQLcl or SQL*Plus.
  • Understanding of which end-user identity the application will propagate.

Before - Vulnerable Environment

  1. Reset the scenario:

    @scenarios/02-shared-app-account/sql/99_reset.sql
    
  2. Create the table, data, and technical account:

    @scenarios/02-shared-app-account/sql/00_schema.sql
    @scenarios/02-shared-app-account/sql/01_seed_data.sql
    @scenarios/02-shared-app-account/sql/02_identities.sql
    
  3. Simulate an application or API using the DDS_APP account to query all orders:

    @scenarios/02-shared-app-account/sql/04_test_queries.sql
    

Expected Result Before

  • The shared account can see orders from every seller and region.
  • Fields such as MARGIN may be exposed if the application generates incorrect SQL.
  • A bug, prompt injection, or abused endpoint may query more data than the user should see.

After - Applying Deep Data Security

  1. Apply data grants by business role:

    @scenarios/02-shared-app-account/sql/03_data_grants.sql
    
  2. Run the same query in the context of alice and bruno:

    @scenarios/02-shared-app-account/sql/04_test_queries.sql
    

Expected Result After

  • alice sees only her orders and does not see margin.
  • bruno sees LATAM orders with full manager visibility.
  • The technical account is no longer the only security boundary.

Demo Evidence

  • Before/after comparison of the same SQL.
  • Explanation of data roles.
  • Simple flow: end user -> app -> database -> data grants.

Official References