This IBM® Redpaper™ publication provides information about the IBM i 7.2 feature of IBM DB2® for i Row and Column Access Control (RCAC). It offers a broad description of the function and advantages of controlling access to data in a comprehensive and transparent way. This publication helps you understand the capabilities of RCAC and provides examples of defining, creating, and implementing the row permissions and column masks in a relational database environment.

This paper is intended for database engineers, data-centric application developers, and security officers who want to design and implement RCAC as a part of their data control and governance policy. A solid background in IBM i object level security, DB2 for i relational database concepts, and SQL is assumed.

Chapter 1. Securing and protecting IBM DB2 data

Chapter 2. Roles and separation of duties

Chapter 3. Row and Column Access Control

Chapter 4. Implementing Row and Column Access Control: Banking example

Chapter 5. RCAC and non-SQL interfaces

Chapter 6. Additional considerations

Chapter 7. Row and Column Access Control management

Chapter 8. Designing and planning for success

Appendix A. Database definitions for the RCAC banking example