Oracle Advanced Security, a new tool that replaces the older Oracle Security Server, authenticates users when they log in to the network and
transmits that data to an application or to the database. Password complexity checking (requiring a password that is statistically more difficult to guess) is one of the features available.
Oracle Advanced Security is compatible with Secure Socket Layer (SSL) protocol and therefore can be used with your Web applications.
Oracle accepts application context as a security level. Whenever the application works with the database, it is restricted to a pre-define set of privileges.
A new concept, called the virtual private database, sets row-level security with a context-sensitive WHERE clause stored in each table or view. The WHERE clause is attached to every query (or other command) run against the table or view. For example, suppose a table has a WHERE clause that limits queries to the rows inserted by the user. Because of this, selecting all rows from the table returns different results for User A and User B.
Another new idea, called integrated directory and security service, provides a tool called the Oracle Wallet Manager. If you define user access to directories in the database, the directory receives a special wallet file (this is standard SSL technology) that attaches to the directory and restricts user access even if users reach the file from outside the database.