3.1.7.28 Securing a Record

When the local application creates, modifies, or deletes a record (see sections 3.1.4.3,3.1.4.4, and 3.1.4.5), the record MUST first be passed to the graph security provider, if one is configured on the local node. If the graph security provider returns a block of data, the data MUST be placed in the record's Security Data field, and the Security Data Size field updated with the length of the field.

The graph security provider MAY return an error while securing a record. This MUST cause the record operation (creation, update, or deletion) to be aborted, and the record MUST NOT be processed further.