This content has been marked as final. Show 4 replies
This is actually the forum for Audit Vault not Database Vault. But to answer your question, If you want to restrict User A from accessing any tables in Schema B other than the EMP table, then you can just use normal object level privileges. i.e.
GRANT SELECT ON B.EMP TO A;
If User A has some ANY privileges that would allow them to access other tables in Schema B, such as SELECT ANY TABLE, then you should put Schema B in a Realm to protect it from the ANY privileged users. Any other users that should still be able to make use of the ANY privileges can then be added as Realm Participants.
Hope that helps,
Ategrity Solutions Ltd.
Database Vault can help you here but it's probably overkill.
Database Vaults main function is to prevent privileged users (SYS, SYSTEM, DBAs) from accessing application data inside the database.
I think what you might be trying to achieve is allowing one user to access data in another schema. This can be done with regular grants eg :
grant select on scott.tiger to paul;