Row-level access control enables the Database Owner or table owner to create a secure data access environment automatically, by providing:
More granular data security: you can set permissions for individual rows, not just tables and columns
Automatic data filtering according to group, role, and application
Data-level security encoded in the server
Row-level access control restricts access to data in a table’s individual rows, through three features:
Access rules that the database owner defines and binds to the table
Application Context Facility, which provides built-in functions that define, store, and retrieve user-defined contexts
Login triggers that the Database Owner, sa_role, or the user can create
Adaptive Server enforces row-level access control for all data manipulation languages (DMLs), preventing users from bypassing the access control to get to the data.
The syntax for configuring your system for row-level access control is:
sp_configure "enable row level access", 1
This option slightly increases the amount of memory Adaptive Server uses, and you need an ASE_ASM license option. Row-level access control is a dynamic option, so you need not restart Adaptive Server.
| Copyright © 2005. Sybase Inc. All rights reserved. |
|
|
