Row Level Security is used to control access to data that needs to be protected by filtering individual data records. Let's take a customer management system as an example. We want to restrict access to different customer groups so that two sales employees can only see their customer groups. Normally, you would have to change the application or database logic, which is often expensive or even impossible (e.g. with ready-made solutions from third-party providers). With Row Level Security, it is now possible to carry out automatic filtering in all other applications in a completely transparent manner.
This filtering can be either a simple logic query on a column of the source table or a more complicated logic query that accesses control tables. As soon as you have defined this filter logic, data records are checked again every time the database is accessed and data is filtered out if necessary. One of the advantages of this is to embed a data security function in the database that operates bosnia and herzegovina telegram screening on all application accesses; regardless of whether the access comes from an "allowed" application or from an Excel table from the controlling department that nobody knows about. As long as the filters are set up correctly, system users will only be able to access the data they are actually allowed to see.
In Fig. 1 we see a classic application with database access (shown very simplified). The application sends requests to the database server and receives the data in response. Since the application is used by a third-party provider who can no longer offer extensions for the product, it would be impossible to achieve the desired filtering of the data.
With SQL Server 2016 and Row Level Security, you can now influence these application requests, as shown in Figure 2, without having to change the queries or the application code.