MYSQL访问控制
[英]MYSQL Access Control
问题描述
I want to implement column level and row level access control on data stored in my MySQL database. 
我想对存储在我的MySQL数据库中的数据实施列级和行级访问控制。 I am using NodeJS on my server, what's the way to go for this ? 我在服务器上使用NodeJS,要怎么做? I see SAP Hana allows that but want to keep MySQL. 我看到SAP Hana允许这样做,但希望保留MySQL。
1 个解决方案
解决方案1
1 已采纳 2015-06-08 17:11:34
There are three approaches you could take: 您可以采用三种方法:
- Do it within the app 在应用内完成
- Do it between the app and the db, inside a db proxy 在数据库代理内部的应用程序和数据库之间进行操作
- Do it inside the database 在数据库内做
The first option wouldn't really qualify as row-level access control since the application logic is the one responsible for the filtering / masking. 由于应用程序逻辑是负责过滤/屏蔽的应用程序, 因此第一个选项实际上并不能作为行级访问控制。 (Filtering is row-level access control whereas masking is cell-level). (过滤是行级访问控制,而屏蔽是单元级)。
The second option , using a proxy, is an approach that is increasingly being taken. 第二种选择是使用代理,这是一种越来越被采用的方法。 There are dedicated solutions such as: 有专用的解决方案,例如:
- GreenSQL GreenSQL的
- Informatica DDM, and Informatica DDM和
- Axiomatics Data Access Filter. 公理学数据访问过滤器。
These solutions typically intercept the SQL traffic and modify it such that only authorized data is returned. 这些解决方案通常会截获SQL通信并对其进行修改,以便仅返回授权数据。 This is called dynamic data masking . 这称为动态数据屏蔽 。 It is explained a little bit more on Wikipedia . 在Wikipedia上有更多解释。
The third option is to use the database's native capabilities. 第三种选择是使用数据库的本机功能。 For instance Oracle has something called Virtual Private Database (VPD) which lets you configure advanced row filtering capabilities. 例如,Oracle有一个称为虚拟专用数据库(VPD)的东西,它使您可以配置高级行过滤功能。
In your case (MySQL), there is something called fine-grained access control (FGAC). 在您的情况下(MySQL),有一种称为细粒度访问控制 (FGAC)的东西。 There is a great article on the topic here . 有关于这一主题的大文章在这里 。 Google that term for more resources. Google用这个词来表示更多资源。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.