Skip to main content Skip to footer

Real Application Security Administrator's and Developer's Guide

What Is Oracle Database Real Application Security?

Oracle Database Real Application Security is a database authorization model that:

  • Supports declarative security policies

  • Enables end-to-end security for multitier applications

  • Provides an integrated solution to secure database and application resources

  • Advances the security architecture of Oracle Database to meet existing and emerging demands of applications developed for the Internet

Traditional security was designed for client/server systems. These systems had a significantly smaller number of users than newer applications designed for the Internet. When application developers found traditional security inadequate, they often moved it from the database layer to the application layer. To accomplish this, developers frequently built their own tables and defined their own application users. Because security was encoded in the application layer, rather than in the database, application users and application roles were typically known only to the application. In other words, database users were not application-level users, hence the user identity was not known during the access control decision in the database. Furthermore, database operations were limited to DDLs and DMLs that do not represent application-level tasks or operations, hence the operation context was also not known during the access control decision in the database. These practices exposed the database to vulnerability.

About the author

Keith M. Curran

Keith Curran is the former CEO of BESI LLC, a global education provider.  He is the former director of development for the WSU Farmers Network and presently Director of Information Technology for the DIFM - CIG Oracle Cloud Tenancy at the University of Connecticut. 

UConn Agriculture

March 07, 2023

Integration with Oracle IDCS Complete!

The DIFM Ag Research Portal and Farmers Portal is now integrated with Oracle IDCS and there is self-registration for farmers and research scientists.   Both applications remain under development but the underlying scaffolding is built and being tested.

Ag Research Portal:  Is an end-user application under development designed for PI's and Stakeholders to access, review, edit migrated data residing in DIFM's Autonomous Data Warehouse in the Oracle Cloud.  

Farm Portal: Is an end-user application allowing farmers to register for OFPE Trials, upload necessary data for implementing those trials.  

Integrating user registration with IDCS and managing application & data access with IDCS satisfies essential requirements of Phase I of the software development plan.