Restricting Access to Rows

Just as access to an entire table or view is controlled by the assignment of passkeys, access to rows within a table is controlled by row-level security. Access to rows within a data table is controlled by the association between security names, tables, and users.
idms
Just as access to an entire table or view is controlled by the assignment of passkeys, access to
rows
within a table is controlled by
row-level security
. Access to rows within a data table is controlled by the association between security names, tables, and users.
Security Names Control Row Access
Row-level security involves assigning a
security name
to one or more tables and associating that security name with a user. By matching security names of tables with users, the system can tell which users are allowed to access which tables. You can also associate selection criteria with the security name. The selection criteria tells ASF which rows of the table the associated user is allowed to see.
DBA allows Row-level Security
To implement row-level security
, users must be authorized to use row-level security. Authorization is granted by the database administrator (DBA). The DBA is authorized to access row-level security upon installation of ASF. Generally, the DBA will maintain row-level security on corporate objects while users maintain the security on privately owned objects. For more information on initializing row-level security in the ASF environment and authorizing users to access row-level security, see the section "Administrative functions of ASF".