--- In [email protected], Michael Poulin <[EMAIL PROTECTED]> wrote: > > The DAL became a point of indirection where all needed interceptions of data could happen. It was not related to any particular application. Moreover, it was a mandatory environment element for access all strategic DB.
Michael, you bring up another set of benefits of a data abstraction layer: regulating and monitoring access to the data. I certainly hear consistently that this is a big issue with companies I work with. Most continue to use ad-hoc methods to restrict access, such as allowing access to the database only through stored procs (no ad-hac queries). In an SO environment, it seems these requirements could be satisfied at a higher level by run-time governace tools like those from AmberPoint and Forum/XWall. Still, I see those responsible for the data may continue to want control, or at least monitoring of the data layer. -Kirstan
