A table named DEPARTMENT has the following columns:
DEPT_ID
DEPT_NAME
MANAGER
AVG_SALARY
Which of the following is the best way to prevent most users from viewing AVG_SALARY data?
A.
Encrypt the table’s data
B.
Create a view that does not contain the AVG_SALARY column
C.
Revoke SELECT access for the AVG_SALARY column from users who should not see
AVG_SALARY data
D.
Store AVG_SALARY data in a separate table and grant SELECT privilege for that table to the
appropriate users
To set up LBAC security to enable these rules:
1. Define the security policies and labels, and grant the security labels to the users.
2. Modify the EMP table, including the security label column, and attach the security policy to it
0
0
Label-based access control
New to DB2 9 is the concept of label-based access control (LBAC). What LBAC provides the DBA
is the ability to restrict read / write privileges on the row or column level of a table.
Previously, the only way to introduce these restrictions was to create a view, authorize the view’s
use by the user in question, and remove access to the base table.
0
0