In this section will understand about the global level security policies with some examples.
A global security policy represents a definition of privileges over views from a general vision. With this type of element, you are allowed to create restrictions on views working with abstract concepts, instead of with individual views or fields. It allows to specify the following:
Global security policy can be enabled from the Design Studio. Click on
Administration > Semantic and Governance > Global Security Policies
To create a new security policy choose the New option from the Global Security Policies menu. Once you have clicked on New, a window popup to enter the required details for the policy creation.
Now, let's understand the different parameters available when creating a policy. These parameters can be defined based on the business requirements depending on the users, type of restrictions, etc
Before creating a new policy, let's create a new user in Design Studio. Navigate to
Administration > User Management > New and create a new user named denodo_user
The next step is to understand on applying the security policies over the tags which we created in the previous sections To begin with, let's create a new security policy and assign the tag by entering the following details. This policy is to mask_data for the denodo_user over the confidential tags
Great! Now, we have our first security policy with associated tag assigned. Now, let us see how this works in real time
04-reportsfolder. Click on
Execution Panel > Executeto execute the view.
Let us examine the execution, here you can notice that the columns country, year, & totalsales are completed hidden for the monthly_sales_country view. In runtime, Denodo will first check the conditions defined in the security policy and then apply the restrictions over the associated tags
Here, we could see the data has been completely masked for the columns based on the user. You have successfully learned about security policies in Denodo along with the Tags.
Do you need an example?
It's your lucky day! The following section will show you some examples using Security policies and tags.