Record Security

[Naith]

Hi,

Does DB2 have record security functionality?

An example of my situation goes like this: I have two rival clients operating within the same industry for seperate companies - Jay, client 1, and Bob, client 2.

Information pertinent to Jay and Bob is kept on the database, but is sensitive - so Bob should not see Jay's data, or vice versa.

I want to stick a front end application onto the DB2 backend, but without using seperate views for individual clients - as there are potentially loads. Jay and Bob will both use the same application armed with their client_ids for security.

Is there a way to ensure record security on a client_id level but keep the datasource generic for everyone, so there's only a need to roll out one application rather than slight variations of the same product?

Naith

 

[blom0344]

The whole concept of views supports exactly what you want. By giving certain users access to views you can shield data between users. I stand to be corrected, but the security at DB level relates to tables and views , not on individual records..

T. Blom
Information analyst
tbl@shimano-eu.com

 

[Naith]

I'm hoping to stay away from views, otherwise I'll be faced with rolling out as many front end objects as there are views; in essence one application object and one view for every client.

Based on the sheer number of clients, this isn't feasible. It needs to be a solution focused on one generic datasource so that it can support one front end application object which is utilised by everyone.

Naith

 

[gregsimpson]

Naith,

you could always store client id on your DB2 rows. This way the front end can pass it in and you can add it as an extra predicate in your SELECT statement.

Greg