Alternatives: DB level security

• Database security

  • OK, if schema is shared among organizations
  • Otherwise, no way to share rules consistently
  • Security rules at table level
  • Hard to enforce in cross-table events (e.g., JOINS)
  • Optimized for storage & retrieval
  • But difficult to map to application semantics