Veil
- Version:
- 0.9.11 (Beta)
BSD
Veil is a data security add-on for Postgres. It provides an API allowing you to control access to data at the row, or even column, level. Different users will be able to run the same query and see different results. Other database vendors describe this as a Virtual Private Database.
If you have a database-backed application that stores sensitive data, you will be taking at least some steps to protect that data. Veil provides a way of protecting your data with a security mechanism within the database itself. No matter how you access the database, whether you are a legitimate user or not, you cannot by-pass Veil without superuser privileges.
By placing security mechanisms within the database itself we get a number of advantages:
- Ubiquity. Security is always present, no matter what application or tool is used to connect to the database. If your application is compromised, your data is still protected by Veil. If an intruder gets past your outer defences and gains access to psql, your data is still protected.
- Single Security Policy and Implementation. If you have N applications to secure, you have to implement your security policy N times. With Veil, all applications may be protected by a single implementation.
- Strength in Depth. For the truly security conscious, Veil provides yet another level of security. If you want strength in depth, with layers and layers of security like an onion, Veil gives you that extra layer.
- Performance. Veil is designed to be both flexible and efficient. With a good implementation it is possible to build access controls with a very low overhead, typically much lower than building the equivalent security in each application.
- Cooperation. The Veil security model is designed to cooperate with your applications. Although Veil is primarily concerned with data access controls, it can also be used to provide function-level privileges. If your application has a sensitive function X, it can query the database, through Veil functions, to ask the question, "Does the current user have execute_X privilege?". Also, that privilege can be managed in exactly the same way as any other privilege.
- Flexibility. Veil is a set of tools rather than a product. How you use it is up to you.
Next: Overview: a quick introduction to Veil
