The Security Model
In Chapter 3, The Data Catalog, we saw how the data catalog is the portal to the data layer of the Lakehouse. It exposes the various catalogs, databases, and tables to the end user for their consumption. This raises an important question of how to secure these data assets.
The data catalog represents all the data of your organization and it should be protected with the relevant and necessary controls. Securing and governing data assets in a data lake is a significant undertaking. Furthermore, uniform access control must be applied to all the data assets for reasons such as auditability and scalability. Typically, the database administrators (DBAs) are responsible for implementing the controls for the security and governance of the data assets.
However, as we discussed in Chapter 3, The Data Catalog, unlike traditional databases and data warehouses, the DBAs will have to consider that the tables in a data lake are abstractions over files in cloud object storage...