ABSTRACT
The purpose of this chapter is to help readers better understand an important aspect of Oracle7 and Oracle8 Server security. This will help readers plan a basic security implementation for their organizations, or evaluate one already in place. The approach presented works best for Oracle-based (i.e., two-tier client/server) security. If you choose (or your application software vendor chooses for you) application-based security, what is presented here will cover only part of your needs. Application-based security does not require users to connect directly to the database (instance). Instead, they log in to an application, or application server (as one might expect on the Web), and that application or server uses a master login to Oracle.
