Skip Headers
Oracle® Label Security Administrator's Guide
10g Release 2 (10.2)

Part Number B14267-02
Go to Documentation Home
Home
Go to Book List
Book List
Go to Table of Contents
Contents
Go to Master Index
Master Index
Go to Feedback page
Contact Us

Go to previous page
Previous
View PDF

Index

A  B  C  D  E  F  G  H  I  L  M  N  O  P  R  S  T  U  V  W 

A

access control
discretionary, 1.1.3.1, 1.1.3.3, 3.5.4
label-based, 1.3.3, 1.3.4.5
policies, 1.1.2
understanding, 3
access mediation
and views, 3.5.5
enforcement options, 3.5.7
introduction, 3.1
label evaluation, 3.4
program units, 3.5.6
ADD_COMPARTMENTS function, 7.2.5, 7.2.5, 7.2.5, 7.2.5
ADD_GROUPS procedure, 7.2.8
inverse groups, 14.8.3
ALL_CONTROL option, 8.1.1, 8.1.1, 8.1.1, 8.1.5
ALL_SA_AUDIT_OPTIONS view, C.1.2.1
ALL_SA_COMPARTMENTS view, C.1.2.2
ALL_SA_DATA_LABELS view, C.1.2.3
ALL_SA_GROUPS view, C.1.2.4
ALL_SA_LABELS view, C.1.2.5
ALL_SA_LEVELS view, C.1.2.6
ALL_SA_POLICIES view, C.1.2.7
ALL_SA_PROG_PRIVS view, C.1.2.8
ALL_SA_SCHEMA_POLICIES view, C.1.2.9
ALL_SA_TABLE_POLICIES view, C.1.2.10
ALL_SA_USER_LABELS view, C.1.2.12
ALL_SA_USER_LEVELS view, C.1.2.13
ALL_SA_USER_PRIVS view, C.1.2.14
ALL_SA_USERS view, C.1.2.11
ALTER_COMPARTMENT procedure, 6.5.6
ALTER_COMPARTMENTS procedure, 7.2.4
ALTER_GROUP procedure, 6.5.9
ALTER_GROUP_PARENT
inverse groups, 14.8.10
ALTER_GROUP_PARENT procedure, 6.5.10
ALTER_GROUPS function, 7.2.9
ALTER_GROUPS procedure
inverse groups, 14.8.4
ALTER_LABEL function, 6.6.2
ALTER_LEVEL procedure, 6.5.1, 6.5.3
ALTER_POLICY procedure, 6.4.5
inverse groups, 14.8.2
ALTER_SCHEMA_POLICY procedure, 9.3, 9.5.2
ANALYZE command, 13.4.1
APPLY_SCHEMA_POLICY procedure, 9.3, 9.5.1
with inverse groups, 14.3.1
APPLY_TABLE_POLICY procedure, 9.3, 9.4.1
with inverse groups, 14.3.1
architecture, Oracle Label Security, 1.1.3.3
AS SYSDBA clause, 13.5
AUDIT procedure, 11.3.2
AUDIT_LABEL procedure, 11.4.1, 11.4.3
AUDIT_LABEL_ENABLED function, 11.4.3
AUDIT_TRAIL parameter, 11.2
auditing
audit trails, 1.1.3.3, 11.1, 11.2, 11.5.1
options for Oracle Label Security, 11.3.1
Oracle Label Security, 11, 11.1
security and, 11.3.2
strategy, 11.6.1
systemwide, 11.2
types of, 6.1.7
views, 11.5.1

B

B-tree indexes, 13.4.2

C

CHAR_TO_LABEL function, 4.3.1, 4.5.1, 4.5.5
characters, valid, 2.2.1, 2.2.1, 6.4.3
CHECK_CONTROL option
and label update, 8.4.2, 8.4.3
and labeling functions, 8.3.1
definition, 8.1.1, 8.1.1
with other options, 8.1.6
child rows
deleting, 8.5
inserting, 8.3.3
updating, 8.4.4
Common Criteria, 1.1.1
COMP_READ function, 4.6.6.2
COMP_WRITE function, 4.6.6.2
COMPACCESS privilege, 3.5.1, 3.5.2.3
inverse groups, 14.3.5, 14.6
compartments
definition, 2.2.3
example, 2.2.3
setting authorizations, 3.3.1.2
COMPATIBLE parameter, 13.5
components. See label components
CON, B.2
connection parameters, B.2
CREATE FUNCTION statement, 10.3.1
CREATE PACKAGE BODY statement, 10.3.1
CREATE PACKAGE statement, 10.3.1
Create Policy icon, 6.1.1, 6.4
CREATE PROCEDURE statement, 10.3.1
CREATE TABLE AS SELECT statement, C.2.1
CREATE_COMPARTMENT procedure, 6.5.5
CREATE_GROUP procedure, 6.5.8
inverse groups, 14.8.9
CREATE_LABEL procedure, 6.6.1
CREATE_LEVEL procedure, 6.5.2
CREATE_POLICY procedure, 6.1.1, 6.4.4
inverse groups, 14.8.1
CREATE_VIEW procedure, 11.5.1, C.1.3
creating databases, 13.5

D

DAC. See discretionary access control (DAC)
data
access rules, 1.3.1
label-based access, 2.1, 2.1
sensitivity, 1.3.4.1, 6.6.2
data dictionary tables, 7.1, 7.7.1, 13.4.1, 13.5, C.1.1
DATA_LABEL function, 10.4.1.3
database links, 12.2
Database Management System Protection Profile (DBMS PP), 1.1.1
databases, creating additional, 13.5
DBA_policyname_AUDIT_TRAIL view, C.1.3
DBA_SA_AUDIT_OPTIONS view, 11.3.4, C.1.2.15, C.1.3
DBA_SA_COMPARTMENTS view, 13.2.2, C.1.2.16
DBA_SA_DATA_LABELS view, C.1.2.17
DBA_SA_GROUP_HIERARCHY view, C.1.2.19
DBA_SA_GROUPS view, 13.2.2, C.1.2.18
DBA_SA_LABELS view, 13.2.2, C.1.2.20
DBA_SA_LEVELS view, 13.2.2, C.1.2.21
DBA_SA_POLICIES view, C.1.2.22
DBA_SA_PROG_PRIVS view, C.1.2.23
DBA_SA_SCHEMA_POLICIES view, 8.1.8, C.1.2.24
DBA_SA_TABLE_POLICIES view, 8.1.8, C.1.2.25
DBA_SA_USER_COMPARTMENTS view, 7.7.2, C.1.2.27
DBA_SA_USER_GROUPS view, 7.7.2, C.1.2.28
DBA_SA_USER_LABELS view, C.1.2.29
DBA_SA_USER_LEVELS view, 7.7.2, C.1.2.30
DBA_SA_USER_PRIVS view, C.1.2.31
DBA_SA_USERS view, 7.7, C.1.2.26
default port, B.2
default row label, 4.6.3
DELETE_CONTROL option, 8.1.1, 8.1.1, 8.5
DELETE_RESTRICT option, 8.5
deleting labeled data, 8.5
demobld.sql file, 6.3.1.1
DISABLE_POLICY procedure, 6.4.6
DISABLE_SCHEMA_POLICY procedure, 9.3, 9.5.4
DISABLE_TABLE_POLICY procedure, 9.3, 9.4.3
discretionary access control (DAC), 1.1.3.1, 3.5.4
distributed databases
connecting to, 12.2
multiple policies, 3.6.2
Oracle Label Security configuration, 12.1
remote session label, 12.3
dominance
definition, 3.4.2, 3.4.2
functions, A.1.3
greatest lower bound, 4.4.4.2
inverse groups, 14.9
least upper bound, 4.4.4.1
overview, A.1.1
DOMINATED_BY function, A.1.3, A.1.3.3, A.1.3.7
DOMINATES function, A.1.1, A.1.3, A.1.3.1, A.1.3.5
DROP USER CASCADE restriction, C.2.4
DROP_ALL_COMPARTMENTS procedure, 7.2.7
DROP_ALL_GROUPS procedure, 7.2.11
DROP_COMPARTMENT procedure, 6.5.7
DROP_COMPARTMENTS function, 7.2.6
DROP_GROUP procedure, 6.5.11
DROP_GROUPS procedure, 7.2.10
DROP_LABEL function, 6.6.3
DROP_LEVEL procedure, 6.5.4
DROP_POLICY procedure, 6.4.8
DROP_USER_ACCESS procedure, 7.3.4
DROP_VIEW procedure, 11.5.2
duties, of security administrators, 6.2

E

ENABLE_POLICY procedure, 6.4.7
ENABLE_SCHEMA_POLICY procedure, 9.3, 9.5.5
ENABLE_TABLE_POLICY procedure, 9.3, 9.4.4
enforcement options
and UPDATE, 8.4.2
combinations of, 8.1.6
exemptions, 8.1.7
guidelines, 8.1.6
INVERSE_GROUP, 14.3.1
list of, 8.1.1
overview, 8.1.1
viewing, 8.1.8
Evaluation Assurance Level (EAL) 4, 1.1.1
EXEMPT ACCESS POLICY privilege, 8.1.7, 8.1.7
Export utility
LBACSYS restriction, C.2.3
policy enforcement, 8.1.7
row labels, 3.5.2.1, 13.1, 13.2.2

F

FULL privilege, 3.5.1, 3.5.2.2, 3.5.2.4
function call, D.1, D.2

G

GLBD function, 4.4.4.2
granularity, data access, 3.4.3
GREATEST_LBOUND function, 4.4.4.2, 10.4.3.1
inverse groups, 14.8.14
GROUP_READ function, 4.6.6.2
GROUP_WRITE function, 4.6.6.2
groups
definition, 2.2.4
example, 2.2.4
hierarchical, 2.2.4, 2.2.4, 2.4, 2.4, C.1.2.19
inverse, 14.2
parent, 2.2.4, 2.2.4, 2.2.4, 3.4.1.2, 3.4.1.2, 6.5.8, 6.5.10, 14.3.4
read/write access, 3.4.1.2
setting authorizations, 3.3.1.3

H

HIDE, 4.1.1.1, 6.4.4, 6.4.5
HIDE option
default, 6.4.4
discussion of, 8.1.2
example, 4.1.1.3
importing hidden column, 13.2.5
inserting data, 4.5.4
not exported, 13.1
per-table basis, 4.3.2.2
PL/SQL restriction, C.2.6
schema level, 8.1.1

I

Import utility
importing labeled data, 13.2.1.2, 13.2.2
importing policies, 13.1
importing unlabeled data, 13.2.4
with Oracle Label Security, 13.2
indexes, 13.4.2, 13.4.2
INITIAL_LABEL variable, A.2
INITIAL_ROW_LABEL variable, A.2
initialization parameters
AUDIT_TRAIL, 11.2
COMPATIBLE, 13.5
INSERT_CONTROL option, 8.1.1, 8.1.1, 8.3.1
inserting labeled data, 4.5, 8.3
INTO TABLE clause, 13.3.2
inverse groups
and label components, 14.3.2
COMPACCESS privilege, 14.3.5, 14.6
computed labels, 14.3.3
dominance, 14.9
implementation of, 14.3
introduction, 14.2
Max Read Groups, 14.3.3.2
Max Write Groups, 14.3.3.2
parent-child unsupported, 14.3.4
read algorithm, 14.4
session labels, 14.7
SET_DEFAULT_LABEL, 14.7.1
SET_LABEL, 14.7.2
SET_ROW_LABEL, 14.7.1, 14.7.2
user privileges, 14.3.5
write algorithm, 14.5
INVERSE_GROUP enforcement option
behavior of procedures, 14.8
implementation, 14.3.1

L

label components
defining, 6.1.2, 6.5
in distributed environment, 12.4
industry examples, 2.2.5
interrelation, 2.4
valid characters, 2.2.1, 2.2.1, 6.4.3
label evaluation process
COMPACCESS read, 3.5.2.3
COMPACCESS write, 3.5.2.3
inverse groups, COMPACCESS, 14.6
LABEL_UPDATE, 8.4.2
read access, 3.4.2
read access, inverse groups, 14.4
write access, 3.4.3
write access, inverse groups, 14.5
LABEL function, 4.6.6.2
label tags
converting from string, 4.3.1
converting to string, 4.3.2
distributed environment, 12.4.1
example, 4.1.2.1
inserting data, 4.5.2
introduction, 2.3
manually defined, 4.1.2.1, 4.1.2.2
strategy, 13.4.3
using in WHERE clauses, 4.4.1
LABEL_DEFAULT option
and labeling functions, 8.1.3.1, 8.2.1, 8.2.2
authorizing compartments, 3.3.1.2
authorizing groups, 3.3.1.3
definition, 8.1.1
importing unlabeled data, 13.2.4
inserting labeled data, 4.5.3
with enforcement options, 8.1.6, 8.1.6
with SET_ROW_LABEL, 4.6.3
LABEL_TO_CHAR function, 4.3.2, 4.3.2.1.3, 4.4.3
LABEL_UPDATE option
and labeling functions, 8.1.3.2, 8.2.2
and privileges, 8.1.3.2
and WRITE_CONTROL, 8.1.4.2
and WRITEDOWN, 3.5.3
and WRITEUP, 3.5.1, 3.5.1, 3.5.1, 3.5.3
definition, 8.1.1, 8.1.1
evaluation process, 8.4.2
with enforcement options, 8.1.6
label-based security, 2.1
labeling functions
ALL_CONTROL and NO_CONTROL, 8.1.5
and CHECK_CONTROL, 8.3.1
and LABEL_DEFAULT, 8.1.3.1, 8.1.3.2, 8.2.1
and LABEL_UPDATE, 8.1.3, 8.1.3.3
and LBACSYS, 8.2.2
creating, 8.2.3
example, 8.2.1
how they work, 8.2.2
importing unlabeled data, 13.2.4
in force, 8.1.3
inserting data, 4.5.3
introduction, 3.5.7
override manual insert, 8.3.2
specifying, 8.2.4
testing, 8.2.2
UPDATE, 8.4.3
using, 8.2.1
with enforcement options, 8.1.6, 8.1.6
labels
administering, 2.5
and performance, 3.5.2.1
data and user, 2.4
merging, 4.4.5
non-comparable, A.1.2
relationships between, A.1
syntax, 2.3
valid, 2.3, 4.1.2
with inverse groups, 14.3.3
Labels property sheet, 6.1.2, 6.1.3
LBAC_DBA role, 6.4.1
LBAC_LABEL datatype, 8.2.2
LBACSYS schema
and labeling functions, 8.2.2
creating additional databases, 13.5
data dictionary tables, 13.4.1
export restriction, 13.1, C.2.3
LEAST_UBOUND function, 4.4.4.1, 4.4.5, 10.4.3.2
inverse groups, 14.8.13
levels
definition, 2.2.2
example, 2.2.2
setting authorizations, 3.3.1.1
LUBD function, 4.4.4.1

M

materialized views, 12.6.1.1, 12.6.3.2
Max Read Groups, 14.3.3.2
Max Write Group, 14.3.3.2, 14.3.3.2
MAX_LEVEL function, 4.6.6.2
MERGE_LABEL function, 4.4.5, 4.4.5
MIN_LEVEL function, 4.6.6.2

N

NO_CONTROL option, 8.1.1, 8.1.1, 8.1.5
NOAUDIT procedure, 11.3.1, 11.3.3, 11.3.3, 11.4.2
NUMBER datatype, 4.1.1
NUMERIC_LABEL function, 10.4.1.1
NUMERIC_ROW_LABEL function, 10.4.1.2

O

object privileges
and Oracle Label Security privileges, 3.5.4
and trusted stored program units, 3.5.6, 10.1.1
discretionary access control, 1.1.3.3
OCI example, A.2.5
OCI interface, A.2
OCI_ATTR_APPCTX_LIST, A.2.2
OCI_ATTR_APPCTX_SIZE, A.2.1
OCIAttrGet, A.2.2
OCIAttrSet, A.2, A.2.1, A.2.4
OCIParamGet, A.2.3
OptionsA, B.2.1
Oracle Internet Directory Administrator's Guide, 5.10
Oracle Policy Manager
administering labels, 2.5
applying policies, 6.1.4, 9.3
authorizing trusted program units, 6.1.6
authorizing users, 6.1.5, 7.1
configuring auditing, 6.1.7
creating policies, 6.1.1, 6.4
defining label components, 6.1.2
identifying valid labels, 6.1.3
introduction, 6.3.2
ORDER BY clause, 4.4.1, 4.4.2

P

packages
Oracle Label Security, 6.3.1
trusted stored program units, 10.1
partitioning, 4.1.2.2, 13.4.4
performance, Oracle Label Security
ANALYZE command, 13.4
indexes, 13.4.2
label tag strategy, 13.4.3
partitioning, 13.4.4
READ privilege, 3.5.2.1
PL/SQL
creating VPD policies, 1.3.2
overloaded procedures, 6.5.1
recreating labels for import, 13.2.2
SA_UTL package, 10.4
trusted stored program units, 10.1
policies
applying to schemas, 9.3, 9.5
applying to tables, 9.3, 9.4
creating, 6.1.1
enforcement guidelines, 8.1.6
enforcement options, 1.3.4.4, 3.5.7, 4, 8.1.1, 8.1.1, 8.1.6
managing, 6.4
multiple, 4.1.2, 7.1, C.2.2
privileges, 1.1.3.3, 1.3.4.3, 3.5.4, 7.4
terminology, 9.1
policy label column
indexing, 13.4.2
inserting data when hidden, 4.5.4
introduction, 4.1.1, 4.1.1
retrieving, 4.3.2.1.1
retrieving hidden, 4.3.2.2
storing label tag, 2.3
policy_DBA role, 6.2, 6.4.2, 6.6, 7.1, 7.4, 9.4, 9.5
predicates
access mediation, 3.5.7
errors, 8.6.1
label tag performance strategy, 13.4.3
multiple, 8.6.2
used with policy, 8.6.1
privileges
COMPACCESS, 3.5.1, 3.5.2.3
FULL, 3.5.1, 3.5.2.2, 3.5.2.4
Oracle Label Security, 3.5.1
PROFILE_ACCESS, 3.5.1, 3.5.2.4
program units, 3.5.6
READ, 3.5.1, 3.5.2.1
row label, 3.5.3
trusted stored program units, 10.3.5
WRITEACROSS, 3.5.1, 3.5.3, 3.5.3.3
WRITEDOWN, 3.5.1, 3.5.3, 3.5.3.2, 3.5.6
WRITEUP, 3.5.1, 3.5.3, 3.5.3.1
PRIVS function, 4.6.6.2
procedures, overloaded, 6.5.1
PROFILE_ACCESS privilege, 3.5.1, 3.5.2.4
propagated, D.1

R

RAC, D.1
read access
algorithm, 3.4.2, 3.5.2.2
introduction, 3.4.1.1
read label, 3.3.2
READ privilege, 3.5.1, 3.5.2.1
READ_CONTROL option
algorithm, 3.4.2
and CHECK_CONTROL, 8.1.3.3
and child rows, 8.3.3
definition, 8.1.1, 8.1.1
referential integrity, 8.4.4
with other options, 8.1.6
with predicates, 8.6.1
READ_ONLY function, 7.2.4, 7.2.5, 7.2.8, 7.2.9
READ_WRITE function, 7.2.4, 7.2.5, 7.2.8, 7.2.9
reading down, 3.4.2
referential integrity, 8.3.3, 8.4.4, 8.5
releasability, 14.2
remote users, 12.2
REMOVE_SCHEMA_POLICY procedure, 9.3, 9.5.3
REMOVE_TABLE_POLICY procedure, 9.3, 9.4.2
REPADMIN account, 12.6.1.1, 12.6.3.1, 12.6.3.2
replication
materialized views (snapshots), 12.6.1.1, 12.6.3.2, 12.6.4
with Oracle Label Security, 12.6, 12.6.1.2
RESTORE_DEFAULT_LABELS procedure, 4.6.1, 4.6.4
restrictions, Oracle Label Security, C.2
row label
default, 4.6.3
row labels
changing compartments, 7.2.4
default, 3.3.1.2, 3.3.1.3, 3.3.2, 4.6.1, 10.4.2.2, D.2
example, 3.2.3
in distributed environment, 12.3
inserting, 4.5.1
LABEL_DEFAULT option, 4.5, 8.1.3.1
privileges, 3.5.3
restoring, 4.6.4
saving defaults, 4.6.5
setting, 4.6.3, 10.4.2.2
setting compartments, 7.2.2
setting groups, 7.2.3
setting levels, 7.2.1
understanding, 3.2.2
updating, 3.5.3
viewing, 10.4.1.2
ROW_LABEL function, 4.6.6.2

S

SA_COMPONENTS package, 6.5
SA_POLICY_ADMIN, 9
SA_POLICY_ADMIN package, 9
SA_SESSION functions
defined, 4.6.1
viewing security attributes, 4.6.6.2
SA_SYSDBA package, 6.4
SA_USER_ADMIN package
administering stored program units, 10.2
overview, 7.1
SA_USER_NAME function, 4.6.6.2, 7.6
SA_UTL package
dominance functions, A.1.3.5
overview, 10.4
SAVE_DEFAULT_LABELS procedure, 4.6.1, 4.6.5
schemas
applying policies to, 6.1.4, 6.4.5, 8.1.6
default policy options, 6.4.4
restrictions on shared, C.2.5
security
introduction, 1.1
standards, 1.1.1
security evaluations
EAL4, 1.1.1
security policies
introduction, 1.1.2
VPD, 1.3.3
session labels
changing, 4.6.2
computed, 3.3.2
distributed database, 12.3
example, 3.2.3
OCI interface, A.2
restoring, 4.6.4
SA_UTL.SET_LABEL, 10.4.2.1
saving defaults, 4.6.5
setting compartments, 7.2.2
setting groups, 7.2.3
setting levels, 7.2.1
understanding, 3.2.1
viewing, 10.4.1.1
SET_ACCESS_PROFILE function, C.2.5
SET_ACCESS_PROFILE procedure, 7.5, 7.6
SET_COMPARTMENTS procedure, 7.2.2
SET_DEFAULT_LABEL function, 7.3.2
inverse groups, 14.7.1
SET_DEFAULT_LABEL procedure
inverse groups, 14.8.7
SET_GROUPS procedure, 7.2.3
inverse groups, 14.8.5
SET_LABEL function
and RESTORE_DEFAULT_LABELS, 4.6.4
definition, 4.6.1, 4.6.6.2, 4.6.6.2
inverse groups, 14.7.2
on remote database, 12.3
SA_UTL.SET_LABEL, 10.4.2.1
using, 4.6.2
SET_LABEL procedure
inverse groups, 14.8.11
SET_LEVELS procedure, 7.2.1
SET_PROG_PRIVS function, 10.2, 10.2, 10.2
SET_ROW_LABEL function
inverse groups, 14.7.1, 14.7.2
SET_ROW_LABEL procedure, 4.6.1, 4.6.3, 7.3.3, 10.4.2.2, 14.7.2.1, 14.7.2.2
inverse groups, 14.8.8, 14.8.12
SET_USER_LABELS procedure, 7.3.1
inverse groups, 14.8.6
SET_USER_PRIVS function, 7.4
shared schema restrictions, C.2.5
SQL*Loader, 13.3
STRICTLY_DOMINATED_BY function, A.1.3, A.1.3.4, A.1.3.8
STRICTLY_DOMINATES function, A.1.3, A.1.3.2, A.1.3.6
SYS account
policy enforcement, 8.1.7
SYS_CONTEXT
and labeling functions, 8.2.2
variables, A.2
SYSDBA privilege, 11.2
system privileges, 1.1.3.3, 3.5.4, 3.5.5, 3.5.6

T

tasks, overview, 6.1
TO_DATA_LABEL function, 4.5.5, 6.1.3, 6.6.1
TO_LBAC_DATA_LABEL function, 8.2.2
triggers, 8.2.2
trusted stored program units
creating, 10.3.1
error handling, 10.3.5
example, 10.1.2
executing, 10.3.5
introduction, 10.1
privileges, 3.5.6, 10.3.5
re-compiling, 10.3.3
replacing, 10.3.4

U

UPDATE_CONTROL option, 8.1.1, 8.1.1, 8.4.2
updating labeled data, 8.4
user authorizations
compartments, 3.3.1.2
groups, 3.3.1.3
levels, 3.3.1.1
understanding, 3.3
USER_SA_SESSION view, 4.6.6.1

V

views
access mediation, 3.5.5
ALL_SA_AUDIT_OPTIONS, C.1.2.1
ALL_SA_COMPARTMENTS, C.1.2.2
ALL_SA_GROUPS, C.1.2.4
ALL_SA_LABELS, C.1.2.3, C.1.2.5
ALL_SA_LEVELS, C.1.2.6
ALL_SA_POLICIES, C.1.2.7
ALL_SA_PROG_PRIVS, C.1.2.8
ALL_SA_SCHEMA_POLICIES, C.1.2.9
ALL_SA_TABLE_POLICIES, C.1.2.10
ALL_SA_USER_LABELS, C.1.2.12
ALL_SA_USER_LEVELS, C.1.2.13
ALL_SA_USER_PRIVS, C.1.2.14
ALL_SA_USERS, C.1.2.11
auditing, C.1.3
DBA_policyname_AUDIT_TRAIL, C.1.3
DBA_SA_AUDIT_OPTIONS, 11.3.4, C.1.2.15, C.1.3
DBA_SA_COMPARTMENTS, C.1.2.16
DBA_SA_DATA_LABELS, C.1.2.17
DBA_SA_GROUP_HIERARCHY, C.1.2.19
DBA_SA_GROUPS, C.1.2.18
DBA_SA_LABELS, C.1.2.20
DBA_SA_LEVELS, C.1.2.21
DBA_SA_POLICIES, C.1.2.22
DBA_SA_PROG_PRIVS, C.1.2.23
DBA_SA_SCHEMA_POLICIES, 8.1.8, C.1.2.24
DBA_SA_TABLE_POLICIES, 8.1.8, C.1.2.25
DBA_SA_USER_COMPARTMENTS, C.1.2.27
DBA_SA_USER_GROUPS, C.1.2.28
DBA_SA_USER_LABELS, C.1.2.29
DBA_SA_USER_LEVELS, C.1.2.30
DBA_SA_USER_PRIVS, C.1.2.31
DBA_SA_USERS, C.1.2.26
USER_SA_SESSION, 4.6.6.1
virtual private database (VPD)
policies, 1.3.2

W

write access
algorithm, 3.4.3, 3.5.2.2
introduction, 3.4.1
write label, 3.3.2
WRITE_CONTROL option
algorithm, 3.4.3
definition, 8.1.1, 8.1.1
introduction, 8.1.4.2
LABEL_UPDATE, 8.1.4.2
with INSERT, UPDATE, DELETE, 8.1.4.2
with other options, 8.1.6
WRITEACROSS privilege, 3.5.1, 3.5.3, 3.5.3.3, 8.1.1, 8.1.3.2, 8.4.2
WRITEDOWN privilege, 3.5.1, 3.5.3, 3.5.3.2, 3.5.6, 8.1.1, 8.1.3.2, 8.4.2
WRITEUP privilege, 3.5.1, 3.5.3, 3.5.3.1