F Oracle Label Security Tables and Views
Oracle Label Security provides data dictionary tables, data dictionary views, and an user-created auditing view.
- Oracle Database Data Dictionary Tables
Oracle Label Security does not label the Oracle data dictionary tables; accss is controlled by standard Oracle Database system and object privileges. - Oracle Label Security Data Dictionary Views
Oracle Label Security maintains an independent set of data dictionary views, which are exempt from any policy enforcement. - Oracle Label Security User-Created Auditing View
TheSA_AUDIT_ADMIN.CREATE_VIEW
procedure can be used to create an audit trail view for a specific policy.
Parent topic: Appendixes
Oracle Database Data Dictionary Tables
Oracle Label Security does not label the Oracle data dictionary tables; accss is controlled by standard Oracle Database system and object privileges.
See Also:
Oracle Database Reference for detailed information about all data dictionary tables and viewsParent topic: Oracle Label Security Tables and Views
Oracle Label Security Data Dictionary Views
Oracle Label Security maintains an independent set of data dictionary views, which are exempt from any policy enforcement.
Access to the data dictionary views is granted by default to the SELECT_CATALOG_ROLE
, a standard Oracle Database role that lets you examine the Oracle Database data dictionary.
- ALL_SA_AUDIT_OPTIONS View
TheALL_SA_AUDIT_OPTIONS
data dictionary view shows for the current user Oracle Label Security auditing options, based on theSA_AUDIT_ADMIN.AUDIT
procedure settings. - ALL_SA_COMPARTMENTS
TheALL_SA_COMPARTMENTS
data dictionary view shows information for the current user about Oracle Label Security policy compartments, based on theSA_COMPONENTS.CREATE_COMPARTMENT
procedure settings. - ALL_SA_DATA_LABELS
TheALL_SA_DATA_LABELS
data dictionary view shows for the current user Oracle Label Security policy labels and tags, based on theSA_LABEL_ADMIN.CREATE_LABEL
procedure settings. - ALL_SA_GROUPS
TheALL_SA_GROUPS
data dictionary shows information about the current user’s Oracle Label Security policy groups, based on theSA_COMPONENTS.CREATE_GROUP
andSA_COMPONENTS.ALTER_GROUP_PARENT
procedures. - ALL_SA_LABELS
TheALL_SA_LABELS
data dictionary view shows for the current user information about the tags and types of labels, based onSA_LABEL_ADMIN.CREATE_LABEL
andSA_LABEL_ADMIN.ALTER_LABEL
. - ALL_SA_LEVELS
TheALL_SA_LEVELS
data dictionary view shows for the current user information about levels, based on theSA_COMPONENTS.CREATE_LEVEL
procedure. - ALL_SA_POLICIES
TheALL_SA_POLICIES
data dictionary view shows for the current user information about Oracle Label Security policies, based on theSA_SYSDBA.CREATE_POLICY
procedure. - ALL_SA_PROG_PRIVS
TheALL_SA_PROG_PRIVS
data dictionary view shows for the current user information about the policy-specific privileges for program units, based onSA_USER_ADMIN.SET_PROG_PRIVS
. - ALL_SA_SCHEMA_POLICIES
TheALL_SA_SCHEMA_POLICIES
data dictionary view shows for the current user information about policies applied to all tables in the schema, based onSA_POLICY_ADMIN.APPLY_SCHEMA_POLICY
. - ALL_SA_TABLE_POLICIES
TheALL_SA_TABLE_POLICIES
data dictionary view shows for the current user information about a policy added to a database table, basedSA_POLICY_ADMIN.APPLY_TABLE_POLICY
settings. - ALL_SA_USERS
TheALL_SA_USERS
data dictionary view shows for the current user information about Oracle Label Security user privileges, based onSA_USER_ADMIN.SET_USER_LABELS
andSA_USER_ADMIN.SET_USER_PRIVS
. - ALL_SA_USER_LABELS
TheALL_SA_USER_LABELS
data dictionary view shows for the current user label-specific information about users, based on theSA_USER_ADMIN.SET_USER_LABELS
procedure settings. - ALL_SA_USER_LEVELS
TheALL_SA_USER_LEVELS
data dictionary view shows for the current user the minimum and maximum levels assigned to users, based on theSA_USER_ADMIN.SET_LEVELS
procdure. - ALL_SA_USER_PRIVS
TheALL_SA_USER_PRIVS
data dictionary view shows for the current user policy-specific privileges granted to users, based on theSA_USER_ADMIN.SET_USER_PRIVS
procedure. - CDB_OLS_STATUS
TheCDB_OLS_STATUS
data dictionary view shows the configuration status of Oracle Label Security in the database in a multitenant environment. - DBA_SA_AUDIT_OPTIONS
TheDBA_SA_AUDIT_OPTIONS
data dictionary view data dictionary view shows for the entire database the Oracle Label Security audit options. - DBA_SA_COMPARTMENTS
TheALL_SA_COMPARTMENTS
data dictionary view shows for the entire database information about Oracle Label Security policy compartments. - DBA_SA_DATA_LABELS
TheALL_SA_DATA_LABELS
data dictionary view shows for the entire database the labels and label tags for the specified Oracle Label Security policy. - DBA_SA_GROUPS
TheALL_SA_GROUPS
data dictionary view shows for the entire database information about Oracle Label Security policy groups. - DBA_SA_GROUP_HIERARCHY
TheDBA_SA_GROUP_HIERARCHY
data dictionary view shows the hierarchy of groups (that is, parent-child relationships) in a policy. - DBA_SA_LABELS
TheDBA_SA_LABELS
data dictionary view shows for the entire database information about the tags and types of labels for a policy. - DBA_SA_LEVELS
TheDBA_SA_LEVELS
data dictionary view shows for the entire database information about levels associated with a policy. - DBA_SA_POLICIES
TheDBA_SA_POLICIES
data dictionary view shows for the entire database information about Oracle Label Security policies, based on theSA_SYSDBA.CREATE_POLICY
procedure. - DBA_SA_PROG_PRIVS
TheDBA_SA_PROG_PRIVS
data dictionary view shows for the entire database information about the policy-specific privileges for program units. - DBA_SA_SCHEMA_POLICIES
TheDBA_SA_SCHEMA_POLICIES
data dictionary view shows for the entire database information about policies that have been applied to all tables in the schema. - DBA_SA_TABLE_POLICIES
TheDBA_SA_TABLE_POLICIES
data dictionary view shows for the entire database information about a policy that has been added to a database table. - DBA_SA_USERS
TheDBA_SA_USERS
data dictionary view shows for the entire database information about the privileges that Oracle Label Security users have. - DBA_SA_USER_COMPARTMENTS
TheDBA_SA_USER_COMPARTMENTS
data dictionary view shows for the entire database the user authorizations, based on theSA_USER_ADMIN.ADD_COMPARTMENTS
procedure. - DBA_SA_USER_GROUPS
TheDBA_SA_USER_GROUPS
data dictionary view shows for the entire database the groups associated with users, based on theSA_USER_ADMIN.ADD_GROUPS
procedure. - DBA_SA_USER_LABELS
TheDBA_SA_USER_LABELS
data dictionary view shows for the entire database label-specific information about users. - DBA_SA_USER_LEVELS
TheDBA_SA_USER_LEVELS
data dictionary view shows for the entire database the minimum and maximum levels that have been assigned to users. - DBA_SA_USER_PRIVS
TheDBA_SA_USER_PRIVS
data dictionary view shows for the current user the policy-specific privileges that have been granted to users. - DBA_OLS_STATUS
TheDBA_OLS_STATUS
data dictionary view shows the configuration status of Oracle Label Security in the database. - USER_SA_SESSION
TheUSER_SA_SESSION
data dictionary view shows the security attribute values for the current database session.
Parent topic: Oracle Label Security Tables and Views
ALL_SA_AUDIT_OPTIONS View
The ALL_SA_AUDIT_OPTIONS
data dictionary view shows for the current user Oracle Label Security auditing options, based on the SA_AUDIT_ADMIN.AUDIT
procedure settings.
See SA_AUDIT_ADMIN.AUDIT.
This view displays whether auditing is configured to generate audit records per session (BY SESSION
) or per access (BY ACCESS
) and for successful or unsuccessful operations. Possible values are as follows:
-
A dash (
-
) indicates that the audit option is not set. -
The
S
character indicates that the audit option is setBY SESSION
. -
The
A
character indicates that the audit option is setBY ACCESS
. -
Each audit option has two possible settings,
WHENEVER SUCCESSFUL
andWHENEVER NOT SUCCESSFUL
, separated by a slash (/
).
For example, in the following output, user jjones
is audited with the BY ACCESS
audit type for successful actions involving policy-specific privileges. User rlayton
is audited with the BY SESSION
audit type: audit records are written for failed attempts to remove policies and for successful attempts at setting user authorizations.
SELECT * FROM DBA_SA_AUDIT_OPTIONS; POLICY_NAME USER_NAME APY REM SET_ PRV ----------- ------------ --- ---- ---- --- HR_OLS_POL JJONES -/- -/- -/- A/- HR_OLS_POL RLAYTON -/- -/S S/- -/-
Column | Datatype | Null | Description |
---|---|---|---|
|
|
|
Name of the Oracle Label Security policy |
|
|
|
Name of the user associated with the policy |
|
|
|
Audit option; refers to the application of specified Oracle Label Security policies to tables and schemas |
|
|
|
Audit option; refers to the removal of specified Oracle Label Security policies from tables and schemas |
|
|
|
Audit option; refers to the setting of user authorizations, and user and program privileges |
|
|
|
Audit option; refers to the use of all policy-specific privileges |
Parent topic: Oracle Label Security Data Dictionary Views
ALL_SA_COMPARTMENTS
The ALL_SA_COMPARTMENTS
data dictionary view shows information for the current user about Oracle Label Security policy compartments, based on the SA_COMPONENTS.CREATE_COMPARTMENT
procedure settings.
Column | Datatype | Null | Description |
---|---|---|---|
|
|
|
Name of the Oracle Label Security policy |
|
|
|
Compartment number in the range of (0-9999) |
|
|
|
Short name for the compartment |
|
|
|
Long name for the compartment |
Related Topics
Parent topic: Oracle Label Security Data Dictionary Views
ALL_SA_DATA_LABELS
The ALL_SA_DATA_LABELS
data dictionary view shows for the current user Oracle Label Security policy labels and tags, based on the SA_LABEL_ADMIN.CREATE_LABEL
procedure settings.
Column | Datatype | Null | Description |
---|---|---|---|
|
|
|
Name of the Oracle Label Security policy |
|
|
|
Short name of the level, compartment, or group that was specified as the label value |
|
|
|
Integer that represents the sort order of the label, relative to other policy labels (0-99999999) |
Related Topics
Parent topic: Oracle Label Security Data Dictionary Views
ALL_SA_GROUPS
The ALL_SA_GROUPS
data dictionary shows information about the current user’s Oracle Label Security policy groups, based on the SA_COMPONENTS.CREATE_GROUP
and SA_COMPONENTS.ALTER_GROUP_PARENT
procedures.
Column | Datatype | Null | Description |
---|---|---|---|
|
|
|
Name of the Oracle Label Security policy |
|
|
|
Group number (0-9999) |
|
|
|
Short name of the group |
|
|
|
Long name of the group |
|
|
|
Numerical ID for the associated parent group |
|
|
|
Name of the group assigned as the parent for the group |
Related Topics
Parent topic: Oracle Label Security Data Dictionary Views
ALL_SA_LABELS
The ALL_SA_LABELS
data dictionary view shows for the current user information about the tags and types of labels, based on SA_LABEL_ADMIN.CREATE_LABEL
and SA_LABEL_ADMIN.ALTER_LABEL
.
Access to ALL_SA_LABELS
is PUBLIC
. However, only the labels authorized for read access by the session are visible.
Column | Datatype | Null | Description |
---|---|---|---|
|
|
|
Name of the Oracle Label Security policy |
|
|
|
Short name of the level associated with this label |
|
|
|
Integer tag assigned to the label |
|
|
|
Type of label |
Related Topics
Parent topic: Oracle Label Security Data Dictionary Views
ALL_SA_LEVELS
The ALL_SA_LEVELS
data dictionary view shows for the current user information about levels, based on the SA_COMPONENTS.CREATE_LEVEL
procedure.
Column | Datatype | Null | Description |
---|---|---|---|
|
|
|
Name of the Oracle Label Security policy |
|
|
|
Level number (0-9999) |
|
|
|
Short name for the level |
|
|
|
Long name for the level |
Related Topics
Parent topic: Oracle Label Security Data Dictionary Views
ALL_SA_POLICIES
The ALL_SA_POLICIES
data dictionary view shows for the current user information about Oracle Label Security policies, based on the SA_SYSDBA.CREATE_POLICY
procedure.
Column | Datatype | Null | Description |
---|---|---|---|
|
|
|
Name of the Oracle Label Security policy |
|
|
|
Name of the column that was added to tables protected by the policy |
|
|
|
Whether the policy has been enabled or disabled |
|
|
|
Options that were set for this policy See Categories of Policy Enforcement Options for a listing of the possible enforcement options. |
Related Topics
Parent topic: Oracle Label Security Data Dictionary Views
ALL_SA_PROG_PRIVS
The ALL_SA_PROG_PRIVS
data dictionary view shows for the current user information about the policy-specific privileges for program units, based on SA_USER_ADMIN.SET_PROG_PRIVS
.
Column | Datatype | Null | Description |
---|---|---|---|
|
|
|
Name of the schema that contains the program unit |
|
|
|
Program unit that was granted privileges |
|
|
|
Name of the Oracle Label Security policy |
|
|
|
Policy-specific privileges. See About Granting Privileges to Users and Trusted Program Units for the Policy for list of possible privileges. |
Related Topics
Parent topic: Oracle Label Security Data Dictionary Views
ALL_SA_SCHEMA_POLICIES
The ALL_SA_SCHEMA_POLICIES
data dictionary view shows for the current user information about policies applied to all tables in the schema, based on SA_POLICY_ADMIN.APPLY_SCHEMA_POLICY
.
Column | Datatype | Null | Description |
---|---|---|---|
|
|
|
Name of the Oracle Label Security policy |
|
|
|
Name of the schema associated with this policy |
|
|
|
Whether the policy has been enabled or disabled for the schema (by the |
|
|
|
Options that have been applied. |
Parent topic: Oracle Label Security Data Dictionary Views
ALL_SA_TABLE_POLICIES
The ALL_SA_TABLE_POLICIES
data dictionary view shows for the current user information about a policy added to a database table, based SA_POLICY_ADMIN.APPLY_TABLE_POLICY
settings.
Column | Datatype | Null | Description |
---|---|---|---|
|
|
|
Name of the Oracle Label Security policy |
|
|
|
Schema that contains the table that the policy protects |
|
|
|
Table to be protected by the policy |
|
|
|
Whether the policy has been enabled or disabled for the table (by the |
|
|
|
Policy enforcement options to be used for the table |
|
|
|
Name of the function to return a label value to use as the default |
|
|
|
Predicate to combine (using |
Parent topic: Oracle Label Security Data Dictionary Views
ALL_SA_USERS
The ALL_SA_USERS
data dictionary view shows for the current user information about Oracle Label Security user privileges, based on SA_USER_ADMIN.SET_USER_LABELS
and SA_USER_ADMIN.SET_USER_PRIVS
.
Column | Type | Null | Description |
---|---|---|---|
|
|
|
Name of the user |
|
|
|
Name of the Oracle Label Security policy |
|
|
|
Policy-specific privileges granted to the user. |
|
|
|
Label string to initialize the user's maximum authorized read label |
|
|
|
Label string to initialize the user's maximum authorized write label |
|
|
|
Label string to initialize the user's minimum authorized write label |
|
|
|
Label string to initialize the user's session label, including level, compartments, and groups, for read access |
|
|
|
Label string to initialize the user's session label, including level, compartments, and groups, for write access |
|
|
|
Label string to initialize the program's row label; includes level, components, and groups |
|
|
|
Retained solely for backward compatibility and will be removed in the next release. The |
ALL_SA_USER_LABELS
The ALL_SA_USER_LABELS
data dictionary view shows for the current user label-specific information about users, based on the SA_USER_ADMIN.SET_USER_LABELS
procedure settings.
Column | Datatype | Null | Description |
---|---|---|---|
|
|
|
Name of the user |
|
|
|
Name of the Oracle Label Security policy |
|
|
|
Retained solely for backward compatibility and will be removed in the next release. The |
|
|
|
Label string to initialize the user's maximum authorized read label |
|
|
|
Label string to initialize the user's maximum authorized write label |
|
|
|
Label string to initialize the user's minimum authorized write label |
|
|
|
Label string to initialize the user's session label, including level, compartments, and groups, for read access |
|
|
|
Label string to initialize the user's session label, including level, compartments, and groups, for write access |
|
|
|
Label string to initialize the program's row label; includes level, components, and groups |
Related Topics
Parent topic: Oracle Label Security Data Dictionary Views
ALL_SA_USER_LEVELS
The ALL_SA_USER_LEVELS
data dictionary view shows for the current user the minimum and maximum levels assigned to users, based on the SA_USER_ADMIN.SET_LEVELS
procdure.
It also lists the user's session label and row label default values.
Column | Datatype | Null | Description |
---|---|---|---|
|
|
|
Name of the Oracle Label Security policy |
|
|
|
Name of the user |
|
|
|
Short name of the highest level for read and write access |
|
|
|
Short name of the lowest level for read and write access |
|
|
|
Short name of the default level |
|
|
|
Short name of the row level |
Related Topics
Parent topic: Oracle Label Security Data Dictionary Views
ALL_SA_USER_PRIVS
The ALL_SA_USER_PRIVS
data dictionary view shows for the current user policy-specific privileges granted to users, based on the SA_USER_ADMIN.SET_USER_PRIVS
procedure.
Column | Datatype | Null | Description |
---|---|---|---|
|
|
|
Name of the user |
|
|
|
Name of the Oracle Label Security policy |
|
|
|
Policy-specific privileges granted to the user |
CDB_OLS_STATUS
The CDB_OLS_STATUS
data dictionary view shows the configuration status of Oracle Label Security in the database in a multitenant environment.
Column | Datatype | Null | Description |
---|---|---|---|
|
|
|
Name of the status. Values are:
|
|
|
|
Indicates the status of the feature mentioned in the corresponding name column. For example, a |
|
|
|
Description of the status:
|
|
|
|
The container database ID number |
Parent topic: Oracle Label Security Data Dictionary Views
DBA_SA_AUDIT_OPTIONS
The DBA_SA_AUDIT_OPTIONS
data dictionary view data dictionary view shows for the entire database the Oracle Label Security audit options.
Its columns are the same as ALL_SA_AUDIT_OPTIONS
.
Related Topics
Parent topic: Oracle Label Security Data Dictionary Views
DBA_SA_COMPARTMENTS
The ALL_SA_COMPARTMENTS
data dictionary view shows for the entire database information about Oracle Label Security policy compartments.
Its columns are the same as ALL_SA_COMPARTMENTS
.
Related Topics
Parent topic: Oracle Label Security Data Dictionary Views
DBA_SA_DATA_LABELS
The ALL_SA_DATA_LABELS
data dictionary view shows for the entire database the labels and label tags for the specified Oracle Label Security policy.
Its columns are the same as ALL_SA_DATA_LABELS
.
Related Topics
Parent topic: Oracle Label Security Data Dictionary Views
DBA_SA_GROUPS
The ALL_SA_GROUPS
data dictionary view shows for the entire database information about Oracle Label Security policy groups.
Its columns are the same as ALL_SA_GROUPS
.
Related Topics
Parent topic: Oracle Label Security Data Dictionary Views
DBA_SA_GROUP_HIERARCHY
The DBA_SA_GROUP_HIERARCHY
data dictionary view shows the hierarchy of groups (that is, parent-child relationships) in a policy.
Column | Type | Null | Description |
---|---|---|---|
|
|
|
Name of the Oracle Label Security policy |
|
|
|
Indicates the level of a particular group in a group hierarchy. A group with no parent group will have For example, consider these groups in the following order:
Here, The parent-child relationships are:
|
|
|
|
Short name of the group intended to indicate the hierarchy level |
Parent topic: Oracle Label Security Data Dictionary Views
DBA_SA_LABELS
The DBA_SA_LABELS
data dictionary view shows for the entire database information about the tags and types of labels for a policy.
Its columns are the same as ALL_SA_LABELS
.
Related Topics
Parent topic: Oracle Label Security Data Dictionary Views
DBA_SA_LEVELS
The DBA_SA_LEVELS
data dictionary view shows for the entire database information about levels associated with a policy.
Its columns are the same as ALL_SA_LEVELS
.
Related Topics
Parent topic: Oracle Label Security Data Dictionary Views
DBA_SA_POLICIES
The DBA_SA_POLICIES
data dictionary view shows for the entire database information about Oracle Label Security policies, based on the SA_SYSDBA.CREATE_POLICY
procedure.
This view also shows whether the policy has been enabled or disabled and its subscription status.
Column | Datatype | Null | Description |
---|---|---|---|
|
|
|
Name of the Oracle Label Security policy |
|
|
|
Name of the column that was added to tables protected by the policy |
|
|
|
Whether the policy has been enabled or disabled |
|
|
|
Options that were set for this policy. See Categories of Policy Enforcement Options for a listing of the possible enforcement options. |
|
|
|
Indicates the policy's subscription status, based on the |
Parent topic: Oracle Label Security Data Dictionary Views
DBA_SA_PROG_PRIVS
The DBA_SA_PROG_PRIVS
data dictionary view shows for the entire database information about the policy-specific privileges for program units.
Its columns are the same as ALL_SA_PROG_PRIVS
.
Related Topics
Parent topic: Oracle Label Security Data Dictionary Views
DBA_SA_SCHEMA_POLICIES
The DBA_SA_SCHEMA_POLICIES
data dictionary view shows for the entire database information about policies that have been applied to all tables in the schema.
Its columns are the same as ALL_SA_SCHEMA_POLICIES
.
Related Topics
Parent topic: Oracle Label Security Data Dictionary Views
DBA_SA_TABLE_POLICIES
The DBA_SA_TABLE_POLICIES
data dictionary view shows for the entire database information about a policy that has been added to a database table.
Its columns are the same as ALL_SA_TABLE_POLICIES
.
Related Topics
Parent topic: Oracle Label Security Data Dictionary Views
DBA_SA_USERS
The DBA_SA_USERS
data dictionary view shows for the entire database information about the privileges that Oracle Label Security users have.
Its columns are the same as ALL_SA_USERS
.
Related Topics
Parent topic: Oracle Label Security Data Dictionary Views
DBA_SA_USER_COMPARTMENTS
The DBA_SA_USER_COMPARTMENTS
data dictionary view shows for the entire database the user authorizations, based on the SA_USER_ADMIN.ADD_COMPARTMENTS
procedure.
This view also indicates whether the compartments are authorized for write and read privileges
Column | Datatype | Null | Description |
---|---|---|---|
|
|
|
Name of the Oracle Label Security policy |
|
|
|
Name of the user |
|
|
|
Short name of compartments that were added |
|
|
|
Access mode. Possible values are:
|
|
|
|
Whether the compartments are in the default compartments |
|
|
|
whether the compartments are in the row label |
Related Topics
Parent topic: Oracle Label Security Data Dictionary Views
DBA_SA_USER_GROUPS
The DBA_SA_USER_GROUPS
data dictionary view shows for the entire database the groups associated with users, based on the SA_USER_ADMIN.ADD_GROUPS
procedure.
Column | Datatype | Null | Description |
---|---|---|---|
|
|
|
Name of the Oracle Label Security policy |
|
|
|
Name of the user |
|
|
|
Short name of groups that were added |
|
|
|
Access mode. Possible values are:
|
|
|
|
Whether the group is in a default group |
|
|
|
Whether the group is in a label |
Related Topics
Parent topic: Oracle Label Security Data Dictionary Views
DBA_SA_USER_LABELS
The DBA_SA_USER_LABELS
data dictionary view shows for the entire database label-specific information about users.
Its columns are the same as ALL_SA_USER_LABELS
.
Related Topics
Parent topic: Oracle Label Security Data Dictionary Views
DBA_SA_USER_LEVELS
The DBA_SA_USER_LEVELS
data dictionary view shows for the entire database the minimum and maximum levels that have been assigned to users.
This view also shows the default values for the user's session label and row label.
Its columns are the same as ALL_SA_USER_LEVELS
.
Related Topics
Parent topic: Oracle Label Security Data Dictionary Views
DBA_SA_USER_PRIVS
The DBA_SA_USER_PRIVS
data dictionary view shows for the current user the policy-specific privileges that have been granted to users.
Its columns are the same as ALL_SA_USER_PRIVS
.
Related Topics
Parent topic: Oracle Label Security Data Dictionary Views
DBA_OLS_STATUS
The DBA_OLS_STATUS
data dictionary view shows the configuration status of Oracle Label Security in the database.
Column | Datatype | Null | Description |
---|---|---|---|
|
|
|
Name of the status. Values are:
|
|
|
|
Indicates the status of the feature mentioned in the corresponding name column. For example, a |
|
|
|
Description of the status:
|
Parent topic: Oracle Label Security Data Dictionary Views
USER_SA_SESSION
The USER_SA_SESSION
data dictionary view shows the security attribute values for the current database session.
Access to this view is PUBLIC
.
Column | Datatype | Null | Description |
---|---|---|---|
|
|
|
Name of the Oracle Label Security policy |
|
|
|
Name of the current session user |
|
|
|
Current session privileges |
|
|
|
Label string that initialized the user's maximum authorized read label |
|
|
|
Label string that initialized the user's maximum authorized write label |
|
|
|
Minimum Oracle Label Security level authorized for the session |
|
|
|
Label for the current database session |
|
|
|
Compartments to which the user is authorized to write |
|
|
|
Groups to which the user is authorized to write |
|
|
|
Row label that is associated with the policy for the current session |
Parent topic: Oracle Label Security Data Dictionary Views
Oracle Label Security User-Created Auditing View
The SA_AUDIT_ADMIN.CREATE_VIEW
procedure can be used to create an audit trail view for a specific policy.
By default, this view is named DBA_
policyname_
AUDIT_TRAIL
.
Column | Datatype | Null | Description |
---|---|---|---|
|
|
|
Name of the user whose actions were audited |
|
|
|
Client host machine name |
|
|
|
Identifier of the user's terminal |
|
|
|
Date and time of the creation of the audit trail entry (date and time of user login for entries created by |
|
|
|
Creator of the object affected by the action |
|
|
|
Name of the object affected by the action |
|
|
|
Numeric action type code. The corresponding name of the action type is in the |
|
|
|
Name of the action type corresponding to the numeric code in the |
|
|
|
Text comment on the audit trail entry, providing more information about the statement audited Also indicates how the user was authenticated. The method can be one of the following:
|
|
|
|
Numeric ID for each Oracle session |
|
|
|
Numeric ID for each audit trail entry in the session |
|
|
|
Numeric ID for each statement run |
|
|
|
Oracle error code generated by the action. Some useful values:
|
|
|
|
Timestamp of the creation of the audit trail entry (timestamp of user login for entries created by |
|
|
|
Name of the column that was added to the tables that Oracle Label Security protects |
Related Topics
Parent topic: Oracle Label Security Tables and Views