PgConf.Russia 2020

Greenplum is a horizontal scalable database based on PostgreSQL core. It is used for OLAP workloads and a standard task is to quickly load or unload large amounts of data. The external data resources are usually another distributed systems. In this talk I will show how Greenplum can work with external data. What is the architecture and performance of external and foreign tables and how to handle streaming data. What will be changed in the next version. The examples of Kafka and ClickHouse connectors development.

Everyone has heard something about transaction isolation levels, but oddly enough, almost no one can clearly explain what it is any why it is important. At the same time, for many operations, it is critical to have a clear understanding of isolation levels and how they can affect the result. Indeed, if a customer has been paid twice and the developer has to pay back the losses, it won't seem unimportant. We'll discuss how to avoid such unpleasant situations.

Role-based access control (RBAC) is one of the main mechanisms used for access control in many DBMS, including PostgreSQL. This model is a sub-type of traditional discretionary access control with its restrictions. In addition to DAC, many operating systems also use mandatory access control (MAC) based on security labels. This additional security mechanism is obligatory for protecting information that demands higher levels of security. Naturally, we would like to use MAC within DBMS when working in OS with mandatory access control switched on.
In this talk, we'll give an overview of existing MAC implementations in DBMS, as well as share our approach to using security mechanisms provided by SELinux, the sepgsql extension for PostgreSQL, and the standard mechanism of row-level security (RLS), which has been available in PostgreSQL starting from version 9.5.
In our presentation, we will use the "Airlines" demo database provided by the Postgres Professional company to show how to protect sensitive information and personal data, compare different ways of storing security labels, and assess performance of our solution.

Recently, I was working on a project where graphQL was used for sending requests to its .NET Core backend, but this was not a good idea. The point is, a graphQL query is a hierarchical structure with a dynamic set of fields. It’s difficult to perform such requests via a statically-typed programming language and a relational database as suggested by the tools available. So, I came up with the idea of using the plv8 extension and perform graphQL queries right on the database side. It took me about two hours to develop a working prototype that could perform the same queries as the software under development for more than one month! Then various improvements have been made and I want to introduce them all. If you are thinking of using graphQL instead of REST, my speech could be most useful and could help you to save a lot of time.