disappointingly vague, but at par with my expectations

A brief scan of one chapter told me all I needed to know about the authors' range and depth of knowledge. The use of views to restrict access to underlying tables was discussed without ever once stating clearly whether or not access to the underlying tables must be granted separately. The technique was also incorrectly and vaguely (but, as the authors state, "commonly") referred to as "row-level security," despite the fact that it can be used to restrict access to either columns (SELECT) or rows (WHERE) with equal facility. (A more professional term for the concept is "data-dependent" or "content-dependent" access control.) Only a few pages later, when discussing synonyms, the authors say, "...then grants access privileges to the synonym ..." A synonym is a passive entity that does not enjoy privileges. Rather, privileges are granted to users and roles BY MEANS OF the synonym. There is absolutely no room for such vague, paraprofessional handwaving or such freewheelingly inaccurate use of terminology in the database security sphere.

Other Reviews

• time for a re-write
• Excellent source for the repsonsibilities of Oracle Security
• disappointingly vague, but at par with my expectations