The name "labels" comes from the main component used to secure data, namely the data label. Oracle Label Security (OLS) is a security framework that protects data through the use of a hierarchical access model. A properly designed OLS installation can allow sensitive data to be located within the same table as less sensitive information, by allowing for more fine-grained data access restrictions than can be applied with traditional SELECT privileges, without the complexity involved with writing additional code such as VPD policy functions. Since the controls are implemented by the Oracle kernel at the data row access level, OLS provides a secure protection capability and is often used in environments that need to protect classified information. It is a separate security feature and must be licensed.

Most of the threats, which can be confronted by using OLS, may originate from users with too many rights. Here we can include system, sys, DBA users, and an attacker, who after a successful penetration may obtain different DML rights on the tables of an application, to view or alter data.