PGCon2013 - Final Release
PGCon 2013
The PostgreSQL Conference
Speakers | |
---|---|
KaiGai Kohei |
Schedule | |
---|---|
Day | Talks - Day 1 - 2013-05-23 |
Room | MRT 221 |
Start time | 15:00 |
Duration | 01:00 |
Info | |
ID | 571 |
Event type | Workshop |
Track | 9.3 Features |
Language used for presentation | English |
Row Level Security
Row-level security has a feature with longstanding development. It can enforce users to reference or modify part of rows according to the configured security policy. So, we can utilize this feature as if virtual private database on other commercial database, however, we designed this feature much carefully to keep both of reliable security and minimum performance trade-off. In addition, we enhanced usability to allow row-level security policy using usual expressions, also plan to integration with label based mandatory access control.
This session introduces which was the problematic scenario being called "leaky-view", solutions for them as basis of this feature, row-level security feature being newly supported, and the future plan towards integration with label based mandatory access control.
We don't assume audience has deep knowledge on planner. Typical use cases will be helpful for web-application developers who like to ensure reliable separation between users.