In the field of network database management, the use of multi-tenant databases which host data for two or more distinct users or entities is known. The data hosted within the overall database can include various types, levels, and configurations of data, for access and consumption by a potentially diverse set of applications. Within the field of applications such as centralized asset, supplies, and incident management applications, it is not uncommon for client applications to request data from a central database that applies or imposes different implementation techniques, to ensure that users of a given client application only see data that they are entitled to. A common implementation technique involves the client applications creating and managing a duplicate set of access control rules that reproduce the ones that exist in the central application database. While this approach has potential benefits, such as flexibility, it incurs a high cost of maintenance, and is not scalable to multiple client applications.
Another approach in known database technology is for client applications to access and consume a set of application programming interfaces (APIs) that control and manage the data security for the client applications. This minimizes the duplication of effort, but reduces the flexibility available from the model, placing the burden of change on the central application database since that database must adapt the suite of APIs to new application needs.
It may be desirable to provide methods and systems for the enforcement of security profiles in multi-tenant database, in which security policies for a diverse range of applications can be installed and managed via a central multi-tenant database, while making the specification and application of the security policies transparent to applications and users while remaining scalable and relatively flexible or configurable.