Scenario: ExampleBANK using row and column access control - Security policies
ExampleBANK implements a security strategy where data access to databases is made available according to certain security policies.
The security policies conform to privacy and data protection regulations
at ExampleBANK. The first column outlines the policies and the challenges
faced by ExampleBANK, the second column outlines the row and column
access control (RCAC) feature which addresses the challenge.
| Security challenge | Row and column access control feature which addresses the security challenge |
|---|---|
| Limiting row access to only authorized users. Tellers are only permitted to view client data that belong to their own branch, not all clients of ExampleBANK in the company-wide system. | Row permissions can be implemented to control which user can view any particular row. |
| The account number is accessible by customer service representatives only when they are using the account update application. This application is identified through stored procedure ACCOUNTS.ACCTUPDATE. | Column masks can be used to filter or hide sensitive data from customer service representatives if they query the data outside of the ACCOUNTS.ACCTUPDATE application. |