Navigating Access Control Design: Pursuing Clarity and Simplicity

QuestDB is an open-source time-series database designed for high-demand workloads, offering ultra-low latency and high ingestion throughput while supporting SQL and Parquet for data portability. The text explores the complexities of designing an access control system, challenging the assumption that it is a fully resolved issue. It delves into the debate between using roles and groups to organize users, highlighting the potential for complexity and misalignment as applications evolve. The document suggests opting for single-level inheritance to maintain clarity and discusses the creation of service accounts to prevent accidental permission overlaps. Real-time enforcement of access control changes is emphasized, proposing a copy-on-write solution to ensure immediate security updates without performance issues. These innovations and refinements in access control design aim to enhance user satisfaction by minimizing complications in database interactions.