hive-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Pengcheng Xiong (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (HIVE-13125) Support masking and filtering of rows/columns
Date Mon, 04 Jul 2016 23:14:10 GMT

     [ https://issues.apache.org/jira/browse/HIVE-13125?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Pengcheng Xiong updated HIVE-13125:
-----------------------------------
    Description: Traditionally, access control at the row and column level is implemented
through views. Using views as an access control method works well only when access rules,
restrictions, and conditions are monolithic and simple. It however becomes ineffective when
view definitions become too complex because of the complexity and granularity of privacy and
security policies. It also becomes costly when a large number of views must be manually updated
and maintained. In addition, the ability to update views proves to be challenging. As privacy
and security policies evolve, required updates to views may negatively affect the security
logic particularly when database applications reference the views directly by name. HIVE row
and column access control helps resolve all these problems.

> Support masking and filtering of rows/columns
> ---------------------------------------------
>
>                 Key: HIVE-13125
>                 URL: https://issues.apache.org/jira/browse/HIVE-13125
>             Project: Hive
>          Issue Type: New Feature
>          Components: Security
>    Affects Versions: 2.0.0
>            Reporter: Pengcheng Xiong
>            Assignee: Pengcheng Xiong
>             Fix For: 2.1.0
>
>         Attachments: HIVE-13125.01.patch, HIVE-13125.02.patch, HIVE-13125.03.patch, HIVE-13125.04.patch,
HIVE-13125.final.patch
>
>
> Traditionally, access control at the row and column level is implemented through views.
Using views as an access control method works well only when access rules, restrictions, and
conditions are monolithic and simple. It however becomes ineffective when view definitions
become too complex because of the complexity and granularity of privacy and security policies.
It also becomes costly when a large number of views must be manually updated and maintained.
In addition, the ability to update views proves to be challenging. As privacy and security
policies evolve, required updates to views may negatively affect the security logic particularly
when database applications reference the views directly by name. HIVE row and column access
control helps resolve all these problems.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message