apurtell
commented
10 years ago The Postgres precedent is SECURITY LABEL.
As with https://github.com/forcedotcom/phoenix/issues/541, to apply labels at a per-cell granularity, we can combine a similar syntax with SELECT. Phoenix would execute the query, retrieve the cells, add the CellVisibility expression provided in the statement, and store the updated cells back at their exact coordinates. Can be done in a coprocessor or filter to avoid any round trips over the network.
In HBase 0.98, cell-level security will be available. See this overview. Once Phoenix works on 0.96, we should add support for visibility labels to our SQL grammar.