Published on 14 November 2014
ISBN-10: 0738453943
ISBN-13: 9780738453941
IBM Form #: REDP-5110-00
Authors: Mike Cain, Jim Bainbridge, Hernando Bedoya, Rob Bestgen, Dan Cruikshank, Jim Denton, Doug Mack, Tom McKinley and Kent Milligan
This IBM® Redpaper™ publication provides information about the IBM i 7.2 feature of IBM DB2® for i Row and Column Access Control (RCAC). It offers a broad description of the function and advantages of controlling access to data in a comprehensive and transparent way. This publication helps you understand the capabilities of RCAC and provides examples of defining, creating, and implementing the row permissions and column masks in a relational database environment.
This paper is intended for database engineers, data-centric application developers, and security officers who want to design and implement RCAC as a part of their data control and governance policy. A solid background in IBM i object level security, DB2 for i relational database concepts, and SQL is assumed.
Chapter 1. Securing and protecting IBM DB2 data
Chapter 2. Roles and separation of duties
Chapter 3. Row and Column Access Control
Chapter 4. Implementing Row and Column Access Control: Banking example
Chapter 5. RCAC and non-SQL interfaces
Chapter 6. Additional considerations
Chapter 7. Row and Column Access Control management
Chapter 8. Designing and planning for success
Appendix A. Database definitions for the RCAC banking example