Security & Compliance Overview

Security in Struktural is not an afterthought; it is built into the lowest levels of the data access layer. The platform employs a multi-layered defense strategy to ensure data privacy, isolation, and compliance with modern enterprise standards (such as GDPR, HIPAA, and SOC2).

1. Role-Based Access Control (RBAC)

RBAC governs what actions a user can perform at the macro level.

UI Approach: Navigate to the Users & Roles module in the Studio.

Users and Roles Module

2. Row-Level Security (RLS) and Data Isolation

RLS governs which specific records a user is allowed to see or interact with, even if they have read access to the table. Struktural enforces this at the Entity Framework Query level, meaning it cannot be bypassed by clever API requests.

Hierarchical RLS UI

3. Field-Level Security (FLS) and Encryption

FLS ensures that highly sensitive data columns (e.g., Social Security Numbers, API Keys, Medical Diagnoses) are completely hidden from unauthorized users.

4. Audit Trails (WORM Compliance)

To comply with strict regulatory frameworks, entities can be marked as Audited.