Synopsis
Modern relational databases have comprehensive security mechanisms to enforce fine-grained access control for tables and views. But when it comes to stored procedures, access control is rudimentary: either you can execute a stored procedure, or you can’t.
In this article, we show a more flexible approach, using a programmable proxy, that allows precise control of stored procedure invocations based on all available information, such as parameter values, returned values, and more. This approach may be of interest to anyone who needs more granularity and flexibility in managing access to their enterprise databases.
Fine-grained access control
Most enterprise databases provide elaborate