Scenario: ExampleHMO using row and column access control - Security policies
ExampleHMO implements a security strategy where data access to databases are made available according to certain security policies.
The security policies conform to government privacy and data protection
regulations. The first column outlines the policies and the challenges
faced by the organization, the second column outlines the row and
column access control feature which addresses the challenge.
Security challenge | Row and column access control feature which addresses the security challenge |
---|---|
Limiting column access to only privileged users. For example, Jane, who is a drug researcher at a partner company, is not permitted to view sensitive patient medical information or personal data like their insurance number. |
Column masks can be used to filter or hide sensitive data from Jane. |
Limiting row access to only privileged users. Dr. Lee is only permitted to view patient information for his own patients, not all patients in the ExampleHMO system. | Row permissions can be implemented to control which user can view any particular row. |
Restricting data on a need-to-know basis. | Row permissions can help with this challenge as well by restricting table level data at the user level. |
Restricting other database objects like UDFs, triggers, views on RCAC secured data. | Row and column access control protects data at the data level. It is this data-centric nature of the row and column access control solution that enforces security policies on even database objects like UDFs, triggers, and views. |