User Level Restriction For Security Fields/columns In CCB Database
(Doc ID 2017944.1)
Last updated on SEPTEMBER 13, 2022
Applies to:Oracle Utilities Customer Care and Billing - Version 2.0.5 to 2.3.1 [Release 2.0 to 2.3]
Information in this document applies to any platform.
We need to hide some security fields like SSN no, Bank Account no. for particular Oracle Utilities Customer Care and Billing (CCB) Application User. We need if we connect CCB Application to CISREAD Database which will have CIS_READ role. But still the CCB Application user can see that field from CCB Application front end.
We know that we have key store file for storing the fields in encryption mode which is available from CCB V2.40. But, for V2.3.1, is there any option available for us to hide the security objects/fields(Particular table/particular fields/particular column) in CCB database. Any sort of grant access through which can hide the fields/columns?
Or, any sort of CCB Application user restrictions through which we can hide those values from front end itself via that Application user
Attempting to restate:
There is a group of low level users that require read-only access to the application and should not be able to see sensitive information in certain columns (e.g. bank account no). The implementation is willing to have an application server dedicated to this group of users and that application user can belong to a read-only role like CIS_READ.
Assuming above, a non-standard use of synonyms may be the ticket. Usually, the oragensec utility provides grants for three different users:
the schema owner, the read-write application user, and a read-only user (defaults are cisadm, cisuser, and cisread).
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!