- Define a view in the database that owns the data - this view should expose the data that the external application needs
- Grant select permissions so that the external application can select from the view
- Create a synonym in the external applications database for the view so that it appears as a local resource
This has the advantage that the owner of the data defines what is exposed. Handy if the data is sensitive in any way.
This solution also assumes that the external application only wants to read the data. If it wanted to write to the database, then the application that owns the data should probably publish an API (eg web services et al).