|
Fine-tunes control of user database access The Advanced Access Control Feature increases the control you have over who can access your data using label based security. Label Based Access Control (LBAC) lets you decide exactly who has write access and who has read access to individual rows and individual columns. LBAC controls access to table objects by attaching security labels to them. Users attempting to access an object must have its security label granted to them. When there's a match, access is permitted; without a match, access is denied.
Users can apply LBAC to protect their data from illegal access, and yet have the flexibility of allowing user to access data restrictively. Row level and column level protection are orthogonal and can be used either separately or combined. When an object protected by a security policy is accessed, DB2 applies the appropriate access rules to determine whether access should be granted or not.
Allows flexibility in Security Policy Definition
- Administrators can define the security policy that suits them best
- Security labels are not hard-wired as with other vendors' security solutions
- Allows users to use labels in a flexible character representation
Offers fine granularity in user access rights
- Users can be granted a security label for both read and write access, read only, or write only
- Administrators can protect different tables with different security policies within the same database
Seamlessly compatible with other DB2 9 features
- Table Partitioning - Data can be spread according to a security-based partitioning scheme
- Multi-Dimensional Clustering - Physical separation of data from different security levels
- Data Partitioning Facility - Highly sensitive data can be stored on the most trusted node
Available for
* DB2 Enterprise 9 Licencing metrics
* Per Processor
* Authorized user
| 
