This session covers an innovative new way to enforce application data access security directly in the database, eliminating data security risks. Current three-tier models implement authorization logic in the application code, so it’s impossible to control access from other applications accessing the same tables or tools/users connecting directly to the database. With the current fragmented approach, it’s also very difficult to update and maintain the data access policies for meeting new security requirements. Oracle Real Application Security specifies and enforces the application-level data access policies directly in the data tier. By implementing the rules declaratively in the database, Java/Oracle Application Express-based application development becomes simple, verifiable, and secure.
https://www.youtube.com/watch?v=QdkZ20_9FAU
Video producer: https://www.oracle.com/javaone/