All Products
Search
Document Center

Adjust field security levels

Last Updated: May 09, 2020

Data Management Service (DMS) allows you to adjust field security levels.

Background

You can define security labels for fields to represent their security levels, so that sensitive fields in a table are visible only to specified users. For other uses who want to view these fields, they need to apply for the corresponding permissions. After you define security labels for fields in a table:

  • Sensitive fields are displayed in the ****** format if included in the return result of a query performed by a user who is unauthorized to view these fields.
  • Sensitive fields are displayed normally if included in the return result of a query performed by a user who has applied for and obtained the corresponding permissions.

Important notes

  • You can adjust the security levels for all fields in a table as required. When you grant a user the permissions to access a database or table, you do not grant the user the permissions to access sensitive fields and confidential fields in the database or table.
  • Users who are authorized to access a table in a database must apply for corresponding permissions to access sensitive fields and confidential fields in the table.
  • All users can submit a ticket for changing the security level of a field. All operations are recorded in operations logs.
  • DMS immediately approves tickets for raising the security level of a field. Such tickets include:
    • Tickets for raising the security level from internal to sensitive
    • Tickets for raising the security level from internal to confidential
    • Tickets for raising the security level from sensitive to confidential
  • Tickets for lowering the security level of a field must be approved based on the process specified by the DMS administrator or database administrator (DBA) in instance security rules. Such tickets include:
    • Tickets for lowering the security level from confidential to sensitive
    • Tickets for lowering the security level from confidential to internal
    • Tickets for lowering the security level from sensitive to internal

Procedure

  1. Log on to the DMS console.

  2. In the search box in the upper-right corner, search for the target database or table by name.

    You can use the percent sign (%) as placeholders to search for the database or table in fuzzy match mode.

  3. Move the pointer over the target database and select Details to go to the details page of the database.

    If you search for the target table, go to step 4.

  4. Click + to the left of the target table name to show the field list.

  5. On the Column tab, click Adjust next to Security Level. The Adjust Security Level dialog box appears.

  6. Adjust the security levels of relevant fields and click Submit for Security Department Approval.

    You can go to the Workbench homepage and click Pending Tickets in the My Tickets section to view the submitted ticket.

  7. After you adjust the security levels of fields in a table, sensitive fields and confidential fields in the table are displayed in the ****** format, if being queried by users who have permissions to query the database and table but do not have permissions to query these fields.