Minimize user privileges while maximizing user capability with PL/SQL and code-based access control

Oracle Database Security Office Hours kicks off 2025 with an exciting presentation tailored for both developers and DBAs, focusing on optimizing user privileges and capabilities through PL/SQL and code-based access control.

Key Topics include:

PL/SQL Security Fundamentals
- Understanding when to use invoker versus definer rights
- Controlling access to specific procedures within packages
- Granting procedure execution without extensive privileges

ACCESSIBLE BY Clause
- Restricting access to PL/SQL units and subprograms
- Implementing fine-grained control over code accessibility

Code Based Access Control (CBAC)
- Attaching database roles to PL/SQL functions, procedures, or packages
- Minimizing explicit user privileges

Presenters
- Chris Saxon: Oracle Developer Advocate
- Richard C. Evans (evil rich): Database Security Product Manager

Benefits
- Learn to maximize user capabilities while minimizing privileges
- Understand how to implement granular access control in PL/SQL
- Discover techniques to enhance database security without compromising functionality

This presentation promises to provide valuable insights into advanced PL/SQL security features, helping attendees create more secure and efficient database applications. Don't miss this opportunity to learn from Oracle experts and enhance your database security skills.

Join the Database Security product management team on the second Wednesday of the month at 10:00 am US Central time for Database Security Office hours. We hold these sessions each month to keep you updated on what's new with Oracle Database security. We cover announcements about new features, products, and capabilities followed by a discussion of some technical topic. Each session ends with an opportunity for open Q&A about database security.

00:05 New blue shirt for 2025!
02:05 Announcements
07:55 Presentation
10:07 Invoker vs definer rights - QUIZ!
14:35 Demo
19:40 Recap of definer's vs invoker's
20:30 Code based access control (CBAC) - QUIZ!
23:46 Demo
33:56 Recap of CBAC
37:13 Static SQL vs Dynamic SQL
40:00 Accessible BY clause - QUIZ!
43:56 Demo
52:00 Recap of Packages vs Procedures
53:36 Recap of Standard access vs Accessor list
54:52 POP QUIZ!
56:50 Summary of controlling PL/SQL access
58:26 Want to learn more?