{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 The star\" 的问题《MYSQL Access Control》','https://www.manongdao.com/q-755431.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I want to implement column level and row level access control on data stored in my MySQL database. I am using NodeJS on my server, what's the way to go for this ? I see SAP Hana allows that but want to keep MySQL.
相关问题
- npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fs
- “Zero out” sensitive String data in Swift
- sqlyog export query result as csv
- NOT DISTINCT query in mySQL
- MySQL: conduct a basic search
There are three approaches you could take:
The first option wouldn't really qualify as row-level access control since the application logic is the one responsible for the filtering / masking. (Filtering is row-level access control whereas masking is cell-level).
The second option, using a proxy, is an approach that is increasingly being taken. There are dedicated solutions such as:
These solutions typically intercept the SQL traffic and modify it such that only authorized data is returned. This is called dynamic data masking. It is explained a little bit more on Wikipedia.
The third option is to use the database's native capabilities. For instance Oracle has something called Virtual Private Database (VPD) which lets you configure advanced row filtering capabilities.
In your case (MySQL), there is something called fine-grained access control (FGAC). There is a great article on the topic here. Google that term for more resources.