Data Virtualization Demoette… Column-Based Security

Slides:



Advertisements
Similar presentations
Accessing and Using the e-Book Collection from EBSCOhost ® When an arrow appears, click to proceed to the next slide at your own pace. To go back, click.
Advertisements

Oracle9i Database Administrator: Implementation and Administration 1 Chapter 12 System and Object Privileges.
Hands-On Microsoft Windows Server 2003 Administration Chapter 5 Administering File Resources.
1 Securing Network Resources Understanding NTFS Permissions Assigning NTFS Permissions Assigning Special Permissions Copying and Moving Files and Folders.
1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.
BSC Food Distribution 8181 NW 36 Street, Suite 14-D Doral, FL Phone: Fax:
Thank you for participating in Online Giving! This tutorial will walk you through the steps of setting up an account. You will need an address and.
Benefits Self Service This presentation walks you through enrolling into benefits using Benefits Self Service.
Chapter 7: WORKING WITH GROUPS
With Windows XP, you can share files and documents with other users on your computer and with other users on a network. There is a new user interface.
Copyright 2000 eMation SECURITY - Controlling Data Access with
Week 6 Lecture 2 System and Object Privileges. Learning Objectives  Identify and manage system and object privileges  Grant and revoke privileges to.
TCM/HS Library Online Catalog. To access the Library Online Catalog, visit and Click on Media Centers
2. SQL Security Objectives –Learn SQL Server 2000 components Contents –Understanding the Authentication Process –Understanding the Authorization Process.
1 Chapter Overview Managing Object and Container Permissions Locating and Moving Active Directory Objects Delegating Control Troubleshooting Active Directory.
1 BCS 4 th Semester. Step 1: Download SQL Server 2005 Express Edition Version Feature SQL Server 2005 Express Edition SP1 SQL Server 2005 Express Edition.
ELISTING How to use eListing to conveniently and quickly file your personal property listing online. DEPARTMENT OF ASSESSMENTS King County To navigate.
HR Development Division PA Office of Administration Room 511 Finance Building Harrisburg PA Enterprise Portal Community Management Overview Click.
DAMIR for Releasers Tuesday 10/30/2007 Breakout Session 5A Wednesday 10/31/2007 Breakout Session 3A.
Unit & District Tools Phase 1
Data Virtualization Demoette… ODBC Clients
Data Virtualization Tutorial… SSL with CIS Web Data Sources
Data Virtualization Tutorial: Custom Functions
Data Virtualization Demoette… Logging in CIS
Data Virtualization Demoette… Packaged Query Single Select Option
Data Virtualization Demoette… Business Directory Custom Properties
Data Virtualization Demoette… Caching – Database – Multi Table
Creating Oracle Business Intelligence Interactive Dashboards
Welcome! To the ETS – Create Client Account & Maintenance
Business Directory REST API
Data Virtualization Tutorial: Introduction to SQL Script
Data Virtualization Demoette… Custom Java Procedures
Data Virtualization Demoette… Flat-File Data Sources
TOPSpro Special Topics
Data Virtualization Demoette… JMeter Load Testing CIS JDBC
Data Virtualization Demoette… ADO.NET Client
Data Virtualization Community Edition
Data Virtualization Demoette… JMeter Load Testing CIS SOAP
Configuring Applications
Data Virtualization Tutorial… LDAP Domains in CIS
Physical Changes That Don’t Change the Logical Design
Data Virtualization Community Edition
Data Virtualization Demoette… CIS Rights
Data Virtualization Tutorial… CORS and CIS
Data Virtualization Demoette… Data Lineage Reporting
Conferences Presenter Guide
Data Virtualization Tutorial… OAuth Example using Google Sheets
Data Virtualization Tutorial: XSLT and Streaming Transformations
Data Virtualization Demoette… JDBC Clients
Assess Survey Invitations
Data Virtualization Tutorial… Semijoin Optimization
Basic User Site Access Training & Producing Reports
Data Virtualization Demoette… Parameterized Queries
Data Virtualization Demoette… Salesforce.com Data Source
Data Virtualization Demoette… DDL Feature
Data Virtualization Tutorial: JSON_TABLE Queries
Parent Portion of the Student Profile
Data Virtualization Community Edition
How do I utilize EngradePro?
Setting Up and Supporting Clients Using Employee Development in ADP Workforce Now [Developer: Use this slide if you are not using audio. You can add.
Active Orders Supplier Administrator Training Getting Started Activities This training presentation describes the Getting Started activities that will.
How to Register on Active Orders Trading Grid Company Registration
Making Procedural Methods
Study Island Student Demo:
Parent Portion of the Student Profile
self-paced eLearning series
Welcome USAS – R March 20th, 2019 Valley View 4/7/2019.
Inside a PMI Online Course
DMIS Tools Course Lesson 2 - DMIS Messenger
Maryland Online IEP System Instructional Series - PD Activity #5
Presentation transcript:

Data Virtualization Demoette… Column-Based Security Hello, and welcome to the Tutorial series for Cisco Information Server, or CIS. Tutorials are brief instructional videos that demonstrate specific features of CIS. In this Tutorial, we discuss CIS’s Column-Based Security feature.

Agenda What is it and why does it matter? A basic demo Summary Here is our agenda. We begin by defining column-based security and outlining its importance for our customers. Next we walk through a very basic demo of column-based security. Finally, we summarize the contents of this demoette.

Agenda What is it and why does it matter? A basic demo Summary Let’s begin by discussing what column-based security is, and why it’s important for our customers.

What is it? Column-based Security Column-level data access restrictions for: Users Groups Applies to: Tables Views Column-based security is a CIS capability that enables developers to specify data access restrictions at the column level for CIS users and groups. Column-based restrictions may be applied to Tables and Views. If the restricted column is part of a table, an access attempt to the table will generate an access error. If the restricted column is part of a View, no access error is generated, but the restricted column and/or metadata will not be included in the data returned to the user.

Why does it matter? Column-based Security During development: Enables flexible, granular restrictions to be applied to sensitive information Enhances reusability of CIS tables and views During ongoing operation: Enables System Administrators to control data access without additional developer intervention Column-based security is important for CIS developers, system administrators, and IT managers. At development time, it lets developers or administrators specify flexible and highly granular restrictions for sensitive data that may need to be restricted for certain users or groups. This enhances re-use of CIS views, because it permits a single view to be leveraged across many CIS users who may have different permission levels. During ongoing operations, column-based security lets system administrators control user and group access to sensitive data without any need for developer intervention. This, in turn, gives IT managers assurance that CIS provides appropriate levels of security, along with the flexibility needed for the data needs of a large, complex enterprise.

Agenda What is it and why does it matter? A basic demo Summary Next, let’s walk through a very basic demo of column-based security.

Demo: Here is the business problem… Administrators Group Eagle Users Group Complete View Restricted View (no phones) Here is the business problem that we illustrate in this demo. We have created a CIS Customer View based on a customer table from a physical data source. Users in the Administrators Group may access all the columns in the view. However, we also have a group called Eagle Users. We want members of this group to be able to see all columns in the View EXCEPT for two: the customer’s phone number and fax number. We don’t want our developers to have to create separate views for each user group, and we want to simplify administrative tasks as users come and go from these groups. Therefore, we want to add column restrictions based on group membership.

Demo: before you begin… Be sure these privileges are removed for eagle users. In this demo, we’ll create a view that returns all columns for administrator users, but restricts the phone number columns for members of the Eagle Users group. You can create an Eagle Users group, and give it No rights. If you have run this demo before, make sure that the Customers table from the ds_orders datasource in the Examples folder has no permissions set for the Eagle Users group.

Demo: define a folder Begin by creating a new folder for the demo. Be sure to create this folder in the Shared portion of the CIS namespace. Remember, the My Home area of the namespace is only accessible to the owner and to users with administrative privileges, so if you try to create the demo in My Home, you will have trouble when you try to specify permissions for other groups. <CLICK> Specify Read and Select privileges for Eagle Users on the folder. Note that Privileges can be assigned to any CIS artifact.

Demo: create the view Create a new View in the folder… <CLICK> …and drag in the Customers table from Shared/Examples/ds_orders. <CLICK> Use the Grid Panel to create a projection using all columns. Note that PhoneNumber and FaxNumber are the columns we are going to restrict for this demo.

Demo: set permissions at the View level Open Privileges for the View in the Namespace, and choose Read and Select privileges for Eagle Users on the View. Also select “Apply recursively to dependencies,” which will cause the eagle user permissions to be added to the underlying Customers table.

Demo: restrict the phone number columns Select the PhoneNumber column from the Customers View, and open its Privileges. Turn Read and Select OFF for the Eagle Users group. Repeat this process for the FaxNumber column.

Demo: publish the View Publish the View. Note that the Eagle Users group will not have privileges yet for the published view, even though we set them on the design-time view. <CLICK> To grant access to eagle users, open Privileges for the top-level container, called Demoettes in this example. Add Read and Select privileges for eagle users, and check the box to apply these privileges to child resources and folders. This will propagate the privileges to the catalog and schema containers, as well as to the published View.

Demo: access the View Now we are ready to access the published views from an external client, in order to see how the result sets will vary depending on our login type. In this example, we use Squirrel to access CIS. <CLICK> When we log in as an Administrator and access the published view, we are able to see the phone number fields. <CLICK> However, when we log in as an Eagle user, the phone number fields do not appear. Our demo is complete.

Agenda What is it and why does it matter? A basic demo Summary Let’s summarize what we have seen in this presentation.

Summary Column-level data access restrictions for: Users and Groups Applies to: Tables and Views Benefits Development: Granular data restriction enhances reusability of CIS tables and views Operation: Administrators control data access Column-based security enables data to be restricted at the column level for CIS users and groups. Column-based security may be applied to Tables and Views. At development time, column-based security enhances resource re-use by enabling developers to use a single Table or View to serve the needs of different users and groups. In addition, column-based security makes it much easier for system administrators to provide fine-grained control over data access for user communities where membership may change frequently. Thank you.

TOMORROW starts here.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.