This content has been marked as final. Show 2 replies
I guess it depends on your definition of SaaS. If you intend to have clients buy a subscription for your software and you are going to host it in the Oracle Cloud then this should work fine. You'll want to be careful about disk space usage since the Oracle Cloud uses this (primarily) to determine your monthly billing rate.
As for security and data separation, I would suggest reading about Oracle's VPD solution (Virtual Private Database). Although this is not currently supported in the Oracle Cloud, they are using Enterprise Edition and I'm told it will be supported in the near future. This allows you to create a policy (pl/sql code) and associate it with a table such that Oracle will append where clause predicates to your SQL to enforce security. For example, Select * from orders would then have a predicate added based on say, the userid or the company that user belongs to etc. This would invisibly change the sql to something like SELECT * FROM ORDERS WHERE COMPANY = 'ACME'. Thus, every user thinks they have access to the entire db. (Hence the name Virtual Private Database). You only want to have a few vpd conditions and be sure to create the index to include the VPD column(s). In the meantime, you can create a poor man's version of VPD by joining to a security table you define.
You definitely do not want to have a separate database for each client. This is too expensive and too much maintenance.
As for Apex security, you can either you the Cloud Identity model, Application Express Users or create your own custom auth. Any good Apex book or Google search should give you more info about each of these.
Hope this helps.
Hi all -
I would disagree slightly with Steve, in that you don't need to use VPD to achieve data isolation - that is one of the primary goals of the Database Cloud Service, so you could have an individual Database Cloud Service for each customer.
And feel free to contact me at email@example.com if you would like to discuss your ideas further - there is a pretty good fit for what you are trying to do, but I can explain further.
- Rick Greenwald
Edited by: RickG on Jan 8, 2013 9:25 AM