06 - RAG Vector Classified Docs
Objective
Show that an internal RAG agent or copilot retrieves only documents and chunks authorized for the end user before sending context to the LLM.
What This Lab Shows
Before Oracle Deep Data Security, vector search can retrieve confidential HR, legal, and executive chunks. After data grants are applied, vector retrieval respects document classification and the user persona.
Personas
nina: regular employee.heitor: HR user.sofia: legal user.carlos: executive user.
Where To Run The Commands
Run SQL scripts from the repository root. On Linux/macOS/WSL:
cd ~/DEEP-DATA-SECURITY/oracle-deep-data-security-lab
export TNS_ADMIN=~/DEEP-DATA-SECURITY/wallet-ddslab
Connect as the lab administrator:
sql admin@ddslab_tunnel
This scenario uses the VECTOR type, TO_VECTOR, and VECTOR_DISTANCE. Use a database version with Oracle AI Vector Search support.
SQLcl note: when running a script with @file.sql, press Enter once and wait for the output. Do not type / afterward, because / reruns the last command in the SQLcl buffer.
Step By Step - Before, Vulnerable Environment
-
Reset the scenario as
ADMIN:@scenarios/06-rag-vector-classified-docs/sql/99_reset.sql -
Create the chunk table, seed classified documents, and create personas:
@scenarios/06-rag-vector-classified-docs/sql/00_schema.sql @scenarios/06-rag-vector-classified-docs/sql/01_seed_data.sql @scenarios/06-rag-vector-classified-docs/sql/02_identities.sql -
Show all available chunks as
ADMIN:SELECT chunk_id, document_title, department, classification, chunk_text FROM dds_rag_chunks ORDER BY chunk_id; -
Simulate the RAG question:
Summarize critical documents about renewals, people, and legal risks. -
Connect as
nina, a regular employee:sql 'nina/Welcome1_DDS!@ddslab_tunnel' -
Run the vector search before DDS:
@scenarios/06-rag-vector-classified-docs/sql/04_test_queries.sql
Expected result before protection: the retrieval may return HR_CONFIDENTIAL, LEGAL_CONFIDENTIAL, and EXECUTIVE_CONFIDENTIAL chunks to a regular employee because the legacy retrieval role is broad.
Step By Step - After, With Deep Data Security
-
Reconnect as
ADMINand apply data grants by classification:@scenarios/06-rag-vector-classified-docs/sql/03_data_grants.sql -
Connect as
ninaand run the same vector search:sql 'nina/Welcome1_DDS!@ddslab_tunnel'@scenarios/06-rag-vector-classified-docs/sql/04_test_queries.sql -
Repeat the same test as
heitor,sofia, andcarlos.
Expected result after protection:
ninasees onlyPUBLICandINTERNALchunks.heitorsees authorized HR content.sofiasees authorized legal content.carlossees all documents through the executive role.- The LLM receives only authorized context.
Optional Automated Execution
Windows:
powershell -ExecutionPolicy Bypass -File .\scripts\run-scenario.ps1 -Scenario 06-rag-vector-classified-docs -ConnectString "<connect_string>"
Linux/macOS:
./scripts/run-scenario.sh 06-rag-vector-classified-docs "<connect_string>"
Demo Details
See the complete walkthrough, evidence, and official references in RUNBOOK.md.
For a LiveLabs-style guided workshop, use WORKSHOP.md.