Defense in Depth
Information Assurance and Security in the Database
PgDCP requires database-first security, which means PostgreSQL schemas, users, roles, permissions, and row-level security (RLS) should drive all data security requirements. Role-based access control (RBAC) and attribute based access control (ABAC) should be implemented in PostgreSQL stored routines. If necessary, ldap2pg can be used to synchronize roles with LDAP.
Because all our API functionality (except for serving the endpoints) will also be in the database we want to ensure that we secure views, stored procedures, and stored functions as if they were the API endpoints. OWASP API Security Project provides some great advice.
Zero Trust SQL (ztSQL) for Zero Trust Data Access (ZTDA)
Zero Trust is a generally accepted cybersecurity approach that eliminates
implicit trust in favor of continuously validating each stage of digital
interactions. PgDCP encourages the same “never trust, always verify,” with Zero
Trust SQL (ztSQL
). ztSQL
is designed to protect database environments and
enable faster development by allowing anyone to run any SQL but leveages
row-level security, attribute-based- access-control, role-based access control,
and data segmentation within the database. Granular, “least access” policies
should be implemented within the database so that Zero Trust Data Access
(ZTDA
) is possible.
Securing Access to the Database
If all access management is in the database, then securing access to the database is paramount. To that end, see: