1 Reply Latest reply on Oct 28, 2019 6:41 AM by Paavo

    DataModeler Tutorial for TSDP and RAS ?




      Are there any tutorials for defining TSDP sensitivity types and policies.

      How about RAS  : TSDP and RAS ?


      Reasoning is that it seems to require pretty rigid naming conventions and proper planning. Also the way tsdp sens. types could be the same across databases makes sense.

      The docs state that tsdp can be applied to vpd which today should be perhaps RAS? So the linkage to 'naming conventions' of RAS is pretty natural where DM should excel?


      Rgrds Paavo

        • 1. Re: DataModeler Tutorial for TSDP and RAS ?






          When right mouse click add TSDP Policy shows dialog, but there is only close-button which closes without save.




          after "close" I can try again adding TSDP Policy, which leads to:

          So the generated names '_#' will change but again after closing there generated name will not appear in the TSDP Policies hierarchy.



          The same behaviour can be seen in "Sensitive Types"



          If I go to table properties columns - security tab and click help


          I get this, but somehow I miss the linkage to 'commonalized' sensitivity types.



          So I what I am seeking from Datamodeler is the ability to define sensitivities to any datamodel by using common sensitive types which could be imported to the datamodel.

          Also the linkage to the way the security could be implemented with RAS real application security would be neat.

          This is due the need of well managed naming conventions on all these levels:

          - datamodel

          - sensitivity model

          - security model (or how we name it)


          In perfect case it would be awesome if Datamodeler

          1.) could show the datamodel views based on 'security context' e.g. RAS dynamic roles e.g. something like this:

          - due POLP principle of least privilege - show nothing for unknown

          - show my rows - for me

          - show my group x's rows - for me in my group x

          - show all rows - for some power user

          2.) or be able to interact with RASADM or RAS commandline tools


          rgrds Paavo