I am working on a concept product which tries to solve the domain problems of 'dynamic data masking'. This is an area where you don't get a开发者_开发问答 lot of inputs when you do your standard google search. The idea is to ecrypt/substitute/shuffle/mask data in any enterprise context, regardless of technology. So, for instance, if were a call center operator for a major bank, I should not be able to see any of the customer details other than the name.. and the requirements like such.
I came across:
http://www.oreillynet.com/pub/a/databases/2007/07/12/getting-started-with-mysql-proxy.html
and
www.active-base.com
as the two approaches which are pretty much doing what I want. I like the concept of an SQL proxy and my main goal here is to create a generic SQL proxy - the motive being SQL rewriting.
Are there any open-source generic SQL proxies out there? How easy/ tough is it to create one from scratch in java to support all major databases? (mysql/db2/oracle/etc)?
Here's a list of JDBC proxy drivers.
It will be quite hard to support (parse and create) every SQL dialect on earth.
This is generally solved using permissions.
You give no rights to the underlying tables, and then create permissions based views upon those tables.
By creating a 'SQL Proxy', all you are doing is moving your point of attack/failure somewhere else.
A SQL Proxy might not be just about user access capabilities with the DB. It might implement RegExp filtering, IPS/IDS mechanisms, etc. I could use a SQL proxy that would add an extra layer of protection, other than in-code protection artifacts
精彩评论