Most applications (or software) need to access information that is predominantly stored in a relational database. Since these databases, in many cases, store sensitive or personal data, not only does this information need to be safeguarded, but also the access of this information needs to be monitored.
Therefore, the first step is to extract information about how users of a given application access personal or sensitive data.
In this section, we describe our endpoint to submit queries (information on how data is being accessed), we show some examples on how to use it and we also explain how it can be integrated by the applications.
tables
exist
If you are able to get the tables and columns being accessed by the users of your application, you can send us only that information.
Therefore, you will only need to specify for each table: the table name and the names of the columns or attributes of the table being accessed.
Key | Type | Description |
| string | Table name |
| array of strings | Column names |
Two users use our custom application to access Personal Information:
User 1 with ID 4353479, belonging to Medical staff
User 2 with ID 1293234, belonging to Administrative staff
User 1 performs 2 queries to access personal information of 3 patients (3 results were returned by each query) in a Hospital:
On table Patient
the user accessed the columns/attributes: first_name
, last_name
, phone_number
and email
.
On table Medical_Record
the user accessed the columns/attributes: blood_type
and notes
.
User 2 performs 1 query to access personal information of 1 patient in a Hospital:
On table Patient_Receipts
the user accessed the columns/attributes: address
, vat_number
, social_security_number
and email
.
You can see the body request that your application should send depending if it's possible to specify the tables/columns or a Raw SQL:
[{"tables": [{"table": "Patient","columns": ["first_name","last_name","phone_number","email"]}],"action": "Read","timestamp": 1567493198,"user": "4353479","group": "Medics","returnedRows": 3},{"tables": [{"table": "Medical_Record","columns": ["blood_type","notes"]}],"action": "Read","timestamp": 1567493198,"user": "4353479","group": "Medics","returnedRows": 3},{"tables": [{"table": "Patient_Receipts","columns": ["address","vat_number","social_security_number","email"]}],"action": "Read","timestamp": 1293234,"user": "4353479","group": "Administrative","returnedRows": 1}]
With our SDKs you can more easily integrate with our services.