The SEM_OLS package contains subprograms (functions and procedures) related to triple-level security to RDF data, using Oracle Label Security (OLS). To use the subprograms in this chapter, you should understand the conceptual and usage information in Chapter 1, "RDF Semantic Graph Overview" and Chapter 5, "Fine-Grained Access Control for RDF Data".
This chapter provides reference information about the subprograms, listed in alphabetical order.
SEM_OLS.APPLY_POLICY_TO_APP_TAB(
policy_name IN VARCHAR2,
schema_name IN VARCHAR2,
table_name IN VARCHAR2,
predicate IN VARCHAR2 DEFAULT NULL);
Name of an existing OLS policy.
Name of the schema containing the application table.
Name of the application table.
An additional predicate to combine with the label-based predicate.
When you use triple-level security, OLS is applied to each semantic model in the network. That is, label security is applied to the relevant internal tables and to all the application tables; there is no need to manually apply policies to the application tables of existing semantic models. However, if you need to create additional models after applying the OLS policy, you must use the SEM_OLS.APPLY_POLICY_TO_APP_TAB procedure to apply OLS to the application table before creating the model.
You must have the following to execute this procedure: EXECUTE
privilege for the SA_POLICY_ADMIN package, and the policy_DBA
role.
Before executing this procedure, you must have executed the SEM_RDFSA.APPLY_OLS_POLICY procedure specifying SEM_RDFSA.TRIPLE_LEVEL_ONLY
for the rdfsa_options
parameter.
To remove the OLS policy from the application table, use the SEM_OLS.REMOVE_POLICY_FROM_APP_TAB procedure.
For information about support for OLS, see Chapter 5, "Fine-Grained Access Control for RDF Data".
SEM_OLS.REMOVE_POLICY_FROM_APP_TAB(
policy_name IN VARCHAR2,
schema_name IN VARCHAR2,
table_name IN VARCHAR2);
Name of the existing OLS policy.
Name of the schema containing the application table.
Name of the application table.
If you have dropped a semantic model and you no longer need to protect the application table, you can use this procedure.
You must have the following to execute this procedure: EXECUTE
privilege for the SA_POLICY_ADMIN package, and the policy_DBA
role.
Before executing this procedure, you must have executed the SEM_RDFSA.APPLY_OLS_POLICY procedure specifying SEM_RDFSA.TRIPLE_LEVEL_ONLY
for the rdfsa_options
parameter.
An exception is generated if the associated model exists. In this case, if you want to execute this procedure, you must first drop the model.
For information about support for OLS, see Chapter 5, "Fine-Grained Access Control for RDF Data".