Chapter 5. Row and column access control 85
5.4 Summary
The examples in this chapter show how RCAC can be used to both restrict
access to data rows and to mask sensitive column data for a single column or
multiple columns within the tables of a DB2 database. RCAC is a powerful new
security mechanism that is straightforward to implement in a DB2 10
environment, and provides the granular row and column access capabilities that
are required to meet the application data security requirements of today.
DB2 10 has the following new functions for RCAC:
VERIFY_ROLE_FOR_USER
VERIFY_GROUP_FOR_USER
VERIFY_TRUSTED_CONTEXT_FOR_USER
With the flexibility of using the new functions combined with system global
variables, RCAC provides the data access granularity ...