Difference between revisions of "Row-security"

From PostgreSQL wiki
Jump to: navigation, search
Line 6: Line 6:
 
* [http://it.toolbox.com/blogs/database-soup/thinking-about-row-level-security-part-1-30732 Josh Berkus on RLS in PG, Part 1]
 
* [http://it.toolbox.com/blogs/database-soup/thinking-about-row-level-security-part-1-30732 Josh Berkus on RLS in PG, Part 1]
 
* [http://it.toolbox.com/blogs/database-soup/thinking-about-row-level-security-part-2-30757 Josh Berkus on RLS in PG, Part 2]
 
* [http://it.toolbox.com/blogs/database-soup/thinking-about-row-level-security-part-2-30757 Josh Berkus on RLS in PG, Part 2]
* [SEPostgreSQL_Specifications Specifications for SEPostgreSQL, includes RLS]
+
* [[SEPostgreSQL_Specifications Specifications for SEPostgreSQL, includes RLS]]
  
 
== Articles/Documentation of existing RLS implementations ==
 
== Articles/Documentation of existing RLS implementations ==

Revision as of 20:29, 12 December 2009

Row-Level Security

This page is for discussion of implementing RLS in PostgreSQL.

Previous discussion of RLS in PG

Articles/Documentation of existing RLS implementations

Use Cases

  • PCI Compliant implementations
  • Classified Environments
  • Other?

Components of an implementation

  • Grammar
  • Catalog
  • Storage
  • Planner (necessary?)
  • Executor
  • Other?

Considerations

  • Performance
    • With RLS
    • Without RLS
  • Integration with external security manager (eg: SELinux, SMACK)