Conventional applications in a data storage and retrieval environment typically operate with a data repository, such as a database, via a set of connections, or logical access streams, from the applications running in a user space into the database. A user application employs a stream from among the available connections to perform data storage and retrieval operations. The connections, therefore, provide a mechanism for multiple users to access the conventional database via a suite of user applications or clients which the database supports.
In a conventional data storage and retrieval environment, a conventional user application accesses the data repository for various data storage and retrieval operations. Such conventional data manipulation operations typically occur via a database management application accessible to the user application via an Application Programming Interface (API) or other conventional access method. Often, in such a conventional data storage and retrieval environment, many users share access to the data objects, typically relational database tables, in the conventional data repository. Usually, it is neither necessary nor desirable for every conventional user to have unlimited access to every data object, or table, in the data repository. Accordingly, conventional database driven storage and retrieval environments attempt limit or restrict access to certain data objects to a particular user or users.
Conventional database security techniques operate by associating database users with accessible data items. Accesses to the database cause the database server application to invoke a check of the associations with the purported access, to determine if the user is allowed to access the requested data items. The database manager or other security mechanism implementing the security techniques either allow or deny access accordingly.