For some specific tables, it is required that different people can only access different rows of data records (eg.: For detailed data of chain enterprises, it is not possible to view data for all regions, only for the regions for which they are responsible.), to achieve this, the database view is a traditional way. Now through row-level control, DMS can realize unified row-level privilege control of all non-NoSQL database types that have been connected to DMS.
First of all, by upgrading the field to a sensitive or confidential level, the field can be desensitized, which can be understood as the vertical data security protection of the data table.
Let’s consider another scenario, a two-dimensional data table, where all the rows of data are very sensitive, regardless of which field of these rows, needs to be protected so that users without privileges cannot use their data to retrieve, update and delete. This can be understood as the horizontal data security protection of the data table.
Row-level control module can realize horizontal data security protection for the data table.
The row-level control is aimed at horizontal data security protection of the data table, where all rows are distinguished by one (or several) defined values (which can be enumerated).
These values are called “control values”, to access the rows on the DMS, user needs to have the corresponding row-level authorities (the privileges with that value) , otherwise access to these rows will be denied.
A value may correspond to multiple rows, then if a user has row-level privileges for that control value, that user may accordingly have access to multiple rows of data for that table.
As a resource for accessing rows, the control values of the row-level control table can be used to apply for resource privileges. The row-level control privileges is defined as “row-level privileges” and converged to the privilege system. After that, the privilege system in the Security Collaboration mode can support different dimensions of privilege control, such as databases, tables, columns (fields), rows.
“Single value” is different from “All value”. If a user selects a single value when applying for the row-level privileges of a row-level control table, each control value can be applied individually.
Note that a value may correspond to multiple rows, then if a user has row-level privileges for that control value, that user may accordingly have access to multiple rows of data for that table.
“All value” is a privileged type, if a user selects “All value” when applying for the row-level privileges of a row-level control table, then privilege of all the rows would be authorized. Later the user also has access rights to these rows where control values are added or modified (you can considered it as there are more and more controlled rows). And the user with all rows privileges can access the whole row-level control table without any restrictions.
The table that requires row-level control is called “row-level control table” and the control values realizing row-level control are converged to a field called “control field”.
Row-level control tables with the same control values can be converged through a configuration group, such as for tables A and B who both need to use the same control values to achieve row-level control, it can be managed through a configuration group by configuring control values only once, which can be shared and used simultaneously between table A and B.
- Only relational databases are supported, such as MySQL, PolarDB, ADB, etc. Non-relational databases like MongoDB, Redis, etc. are not supported.
- Only for physical databases, while logical databases are not availale right now.
- The restrictions of SQL query, modification and deletion filtering conditions for row-level control tables are as follows.
- Users must do data filtering with controlled fields.
- All rows in row-level control table will be in control. For users who do not have “all rows” privileges, only “=” and “in” are supported for the filter operator of the control field (where control field [filter operator] control value). That is to say that the filter value must be clear and it must be in the control value list.
- For users who do not have “all rows” privileges, the filtering conditions are subject to some usage restrictions, for example, operations like OR, XOR,logical NOT and etc. are not available unless the user has “all rows” privileges for the current row-level control table.
After the “management perspective” configuration, the user can perceive that the use of the control table is blocked. For example, you will encounter the following error when executing SELECT SQL statement for control row from the control table in a SQL window.
Go to “Permission Application” -> “Row-level Privileges” page to apply for access permissions of controlled rows if needed.
Start the query again in the SQL window after the permission application is successful, it will be executed without any errors.
Permissions can be found in “My Permissions” and can be managed by yourself.
Control rows of a row-level control table can be found in SQL window by finding specific control table in table detail, which is shown below.
Users with any one of the three roles of administrator, DBA and security administrator can define and view the row-level control tables and control values by going to “System Management”->”Security Management”->”Sensitive Data Management”->”Row-level Control”.
Add a “configuration group” first, select the tables to be defined as row-level controls (database first, then table) in the configuration group settings, and then, select the specific fields to be control fields.
After the row-level control tables are added and configured, the control values to be protected should be configured for the control tables. Click “Control Value Details” to import control values in the panel.
Go to “Permission Application” -> “Row-level Privileges” page and apply for default approval template, recommending the templates suit for your enterprise, to control the default row-level privilege application approval. If the default templates still can not meet the demand, self-designed approval process can be set through DSL in “Row-level Privilege Application”.
Click SQL Console -> “SQL Permission Specification”. Please make sure the “Controlled rows privileges verification” rule is enabled.
- Click Export Data -> “Precheck Verification”. Please make sure the “Controlled rows privileges verification” rule is enabled.
Viewable in user and database dimensions.
Permissions can be found and managed by finding the specific user in “System Management” -> “User Management”.
Permissions can be found and managed by finding the database details of specific instance in “System Management” -> “Instance Management”.