If appropriate access privileges are not set for administrators and users, security incidents may occur, such as information leakage resulting from access to information by an unauthorized person. To minimize such incidents, it is necessary to implement the security measures below for the access privileges and perform rule-based access control.
Point
Notes when setting access privileges
The creation of a special account that allows granting of privileges to all users is prohibited
The creation of a general account that allows access to general information such as operations data is prohibited
To set the appropriate access privileges for each usage purpose for the database, follow the procedure below to identify the access requirements:
Classify the usage purpose of the account, such as "For database management", "For object management", and "For data access".
Classify the required privileges for each usage purpose, such as "By feature" and "By object".
Categorize the accounts based on each privilege.
Identify the minimum necessary range of data and minimum necessary access content (view, update, create, delete) to be accessed for each categorized account, and decide on the database access requirements.
Assign the minimum necessary privileges based on the database access requirements for each categorized account. Additionally, restrict accounts when assigning administrator privileges.
To reflect changes in access requirements in the system, periodically review the access privileges and check if there are any access privileges that are no longer needed. If any unnecessary access privileges have been set, promptly modify the access privileges.
Point
Access privileges are set using the GRANT statement or REVOKE statement. Refer to "GRANT" and "REVOKE" in the PostgreSQL Documentation for details.
