Skip to Main Content
Merative Ideas Portal

Shape the future of Merative!

We invite you to shape the future of Merative, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Post your ideas

Start by posting ideas and requests to enhance a product or service. Take a look at ideas others have posted and upvote them if they matter to you,

  1. Post an idea

  2. Upvote ideas that matter most to you

  3. Get feedback from the Merative team to refine your idea

Help Merative prioritize your ideas and requests

The Merative team may need your help to refine the ideas so they may ask for more information or feedback. The offering manager team will then decide if they can begin working on your idea. If they can start during the next development cycle, they will put the idea on the priority list. Each team at Merative works on a different schedule, where some ideas can be implemented right away, others may be placed on a different schedule.

Receive notification on the decision

Some ideas can be implemented at Merative, while others may not fit within the development plans for the product. In either case, the team will let you know as soon as possible. In some cases, we may be able to find alternatives for ideas which cannot be implemented in a reasonable time.


Merative External Privacy Statement: https://www.merative.com/privacy

Status Not under consideration
Created by Guest
Created on Jun 11, 2019

Hook point for Oracle Label Security (OLS) - db connection

NC FAST is evaluating Oracle Label Security (OLS) to add an additional layer of security. The idea is to prevent defective application code / unauthorized support personnel (who have direct DB Access to prod copies) from accessing sensitive Child Welfare data.

As the application connects to the DB using a single user account, the DB needs some way to identify that a particular user transaction is being executed by a Child Welfare worker VS say a Medicaid Worker. For this, once a DB connection is acquired and before any application logic is executed the application code would need to set a Session context variable (on the DB) that signifies the user type. The user type would be used by OLS policies to restrict data returned from the DB as appropriate.

We would need a hookpoint that allows for intercepting every call to a Facade (and possibly even batch and deferred processes) and calls a PL/SQL procedure to inject the DB Session context. The only existing hookpoints that seem relevant are those related to method tracing and auditing. As they are for purposes different from this requirement, using them involves long term maintenance effort and potential upgrade impact.

Customer Name North Carolina - Dept of Health and Human Services
  • Attach files
  • Guest
    Reply
    |
    Feb 11, 2020

    Hi Clay,

    We have evaluated your request and have determined that it cannot be implemented at this time as we have performance concerns with the proposed implementation.

    Your request may be resubmitted for consideration after 12 months from the date of decline.

    Thank you for your interest in the Cúram SPM product.
    Shane McFadden, Cúram SPM Product Management team

  • Guest
    Reply
    |
    Jun 12, 2019

    Hi Clay,

    Thank you for your enhancement request.
    We require some further analysis to determine whether or not this enhancement can be considered in a future release.
    I will provide another response when our investigation is complete.

    Thank you,
    Shane McFadden, Cúram SPM Product Management team