Virtual Private Database (VPD)
• Scalability Problem with SQL ‘View’: If the Employee table had 1000
employee records and suppose we want employees to access their
own records only, we will need to create 1000 views.
• The idea behind Virtual Private Database (VPD) is a server-side
solution that invokes a policy function that returns a predicate (based
on session attributes or application context) and dynamically rewrite
the submitted query of the user by appending the returned predicate
to the WHERE clause. The modified SQL query is then executed.
• The idea of Virtual Private Database has been implemented in
Oracle.
• A simple policy function could be the one that returns a String
depending on the username for the login session.
– If the username corresponds to the DBA, then an empty String
(predicate) is returned and the SQL query is executed without appending
the predicate to the WHERE clause.
– If the username is not the DBA, then a String corresponding to the
username is returned as the predicate and the SQL query is executed by
appending the predicate to the WHERE clause.