Global Security Policies and Tags

Denodo Security Policies

Security, data privacy, and data protection play a key role in every organization that must comply with policies and regulations that can vary across regions, data assets, etc. Real environments have multiple consuming applications that have varying forms of data holding sensitive information. So it's very important to define security policies in the data virtualization layer that allows for implementing semantic security rules across the data, independent of the technologies being used.

Denodo Global Security Policies allows defining security restrictions in the following ways:

  • Applying restrictions that can be applied to all/some users that verify the defined conditions.
  • Applying restrictions that can be applied to all/certain views that verify the defined conditions.
  • Define the global security policy that applies based on what the user is executing, the roles, or session attributes.
  • Define to what elements does the policy applies to using tags.

Global policies can be created together with "Tags", which are labels that users can assign to views and corresponding columns. Global level policies are easier to manage than view restrictions (Row Restrictions and Column Privileges) because you have the advantage of assigning the policy to multiple views/columns at the same time.

What are you going to see in this tutorial?

We will learn how to use the Denodo Platform to create tags and assign security policies along with several examples:

Please note that the feature included on this tutorial need an Enterprise Plus edition of the Denodo Platform.

NOTE