[
https://issues.apache.org/jira/browse/PHOENIX-672?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15182381#comment-15182381
]
Andrew Purtell commented on PHOENIX-672:
----------------------------------------
GRANT and REVOKE DDL statements for applying table, column family, namespace,
or global level permissions would find support in the SQL92 syntax definition.
But what about cell level ACLs (and related on PHOENIX-684 visibility labels)?
In an earlier comment I suggested combining GRANT/REVOKE with SELECT but that
would be off spec and anyway an out of band application of security metadata.
For setting security metadata per cell - if we are going to tackle that - with
immediate effect we need some way in DML (UPSERT, INSERT, etc) to associate
metadata with value in the value list, or applied to all results of a
subselect.
> Add SQL-ish security features using HBase AccessController
> ----------------------------------------------------------
>
> Key: PHOENIX-672
> URL: https://issues.apache.org/jira/browse/PHOENIX-672
> Project: Phoenix
> Issue Type: Task
> Reporter: James Taylor
> Assignee: Andrew Purtell
> Labels: gsoc2016, security
>
> In HBase 0.98, cell-level security will be available. Take a look at
> [this](https://communities.intel.com/community/datastack/blog/2013/10/29/hbase-cell-security)
> excellent blog post by @apurtell. Once Phoenix works on 0.96, we should add
> support for security to our SQL grammar.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
