The EDB Blog
December 11, 2018

Marc Linster has posted a blog, Creating a Data Redaction Capability to Meet GDPR Requirements Using EDB Postgres, to demonstrate data redaction on EDB Postgres Advanced Server 10, which has taken the approach to leverage the PostgreSQL search_path feature to direct privileged users to the raw unredacted data when they run a query, and to direct non-privileged users to a view that implements redaction logic.

EDB Postgres Advanced Server 11 comes with native data redaction capabilities that are much more concrete and safer than the redaction using search_path and views workaround.

For syntax and more detail, refer to the EDB Postgres Advanced Server 11 documentation.  Here are some highlights of this data redaction policy:

  1. Redaction policies allow a user to choose redaction behavior via redaction function.
  2. Users can be made exempt from all column redaction policies, which the table owner and superuser is by default.
  3. More than one redaction policy can be created on the same table, but a column can only be associated with one policy.
  4. Flexibility to choose when actual redaction should apply and exemptions on columns in the query via the scope and exception options.

Continue reading this blog post on PostgresRocks, and I will demonstrate data redaction using native data redaction policy features in EDB Postgres Advanced Server 11.  

 

Every #TechTuesday, EnterpriseDB shares a how-to post authored by a Postgres contributor and expert for Postgres Gems, the PostgresRocks community forum. PostgresRocks is a community to discuss all things Postgres. Join us at PostgresRocks and be part of the conversation.

 

Amul Sul is an experienced Senior Software Engineer with EnterpriseDB, skilled in PostgreSQL, SQL, C, Databases, and Linux. He has a Master of Computer Applications (MCA) focused in Computer Engineering from VJTI.