Resource may be a table a database a funcbon etc user

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: ss Control in the SQL Model •  Don't have to have a single owner of all data –  Can create new table –  Use “Grant” to give others privileges on table •  Can create views to have finer granularity with access control •  Can delegate privilege granBng authority to others Access Control Slides from Lars Olson (Griffiths and Wade) 10 SQL grant Syntax •  grant privilege_list on resource to user_list; •  Privileges include select, insert, etc. •  Resource may be a table, a database, a funcBon, etc. •  User list may be individual users, or may be a user group 11 Griffiths Wade 76 Example ApplicaBon •  Alice owns a database table of company employees: name varchar(50), ssn int, salary int, email varchar(50) •  Some informaBon (ssn, salary) should be confidenBal, others can be viewed by any employee. 12 Simple Access Control Rules •  Suppose Bob needs access to the whole table (but doesn’t need to make changes): grant select on employee to bob; •  Suppose Carol is another employee, who should only access public informaBon: grant select(name,email) on employee to carol; –  not implemented in PostgreSQL (see next two slides for how to wo...
View Full Document

Ask a homework question - tutors are online