Apologies for the broken link to the proposal : here you go [OSS] Secure Views for dynamic policy enforcement. <https://docs.google.com/document/d/1AJicez7xPhzwKXenGZ19h0hngxrwAg3rSajDV1v0x-s/edit?usp=sharing>
Best, Prashant Singh On Wed, Jun 25, 2025 at 11:06 AM Prashant Singh <prashant010...@gmail.com> wrote: > Hi everyone, > > We’d like to share a proposal to extend Iceberg's view capabilities to > support Secure Views for Dynamic Policy Enforcement. > > This builds upon earlier discussion and proposal around Iceberg Spec > Extensions for Data Access Decision Exchange > <https://docs.google.com/document/d/14nmuxxfzQsYo59o0Fbpb-pxOlzS6bVtduL8P8pwKZ6U/edit?tab=t.0#heading=h.irh2zymohx17>, > with the goal of enabling fine-grained access control (FGAC) through view > redirection, rather than requiring engines to directly integrate with > policy stores or evaluators. > > The core idea is simple: instead of returning a table in response to > loadTable, the catalog can return a secure view—dynamically constructed > based on the caller's access policies and context. This allows engines like > Trino or Spark to enforce row/column-level governance without policy > evaluation logic baked into the engine itself. Several organizations > already use similar techniques in production, such as LinkedIn (ViewShift > <https://trino.io/assets/blog/trino-summit-2024/trino-summit-2024-linkedin-policy.pdf>), > Amazon. > > We’ve documented the E2E design details here [OSS] Secure Views for > dynamic policy enforcement > <https://docs.google.com/document/d/13roTQxVkaLSZq9iKL7v9ur9wR47K8QWQzjiArrP7vx4/edit?tab=t.0#heading=h.857wopjfxe7n>. > This outlines how the approach works without any IRC spec changes and > with close to zero engine changes, Importantly, this now means cross > engine FGAC by a centrally managed IRC catalog, can work seamlessly even > with an engine version released years ago as long as they support IRC. > > > We have also outlined a phased support plan, including how this approach > can evolve alongside upcoming Iceberg features like UDFs. > > Thanks to Kevin Liu and Roy Hasson from Microsoft, and Laurent and JB > from Dremio, for being co-conspirators in shaping this proposal and for > their invaluable feedback and support in making it a reality. > > Please let us know your thoughts, questions, or concerns. Looking forward > to the discussion! > > > *cc Iceberg community, as this approach leverages iceberg views and > expects further enhancements via Iceberg Expressions expansion and Iceberg > UDF's.* > Best, > Prashant Singh & Russell Spitzer >
