导读:
先看一下FGAC:
Oracle's Fine Grained Access Control (FGAC) provides a row-level security mechanism that's built-in to the Oracle database engine. FGAC allows you to granularly specify the exact information elements that each user may access. It works by automatically appending a WHERE predicate to the SQL statements executed by the user. For example, if you had an Employees table and wanted to grant each user access to his or her own records, you could assign them the clause "WHERE employeeid = USER").
With such an FGAC scheme, if the user executed the following statement:
SELECT *
FROM Employees
Oracle FGAC would modify the statement to read:
SELECT *
FROM Employees
WHERE employeeid = USER
Automatically limiting the user's access. For more information on FGAC, read the Oracle article: Fine Grained Access Control and Application Contexts.
事实上FGAC和FGA是两个不同的概念,FGAC是Control(控制),而一个是审计,FGA可以对访问进行记录,而不能限制访问,但FGAC可以。
本文转自
http://databases.about.com/b/2008/04/10/oracle-fine-grained-access-control.htm