 | Level: Intermediate Brian M. Williams (bmwilli@us.ibm.com), Certified IT Architect, IBM
13 Jul 2006 DB2® 9 pureXML™ provides native XML storage and retrieval.
In addition, DB2 9 provides a new security protection mechanism called Label Based
Access Control (LBAC). Combining these two features can produce a Native
XML data store that can protect XML documents at the document level by labeling
each document row with an LBAC security label, and assigning users their appropriate
access level.
Objectives - The objective of this tutorial is to provide the basis of a solution for XML document-level security.
The implementation in this tutorial is more focused on a federal government scenario; however, the
solution can be tailored to any industry's needs.
- Lesson 1: Use case and setup - Creates users, the LBAC policy, and the protected table containing XML.
- Lesson 2: Stored procedure load - Creates a stored procedure to demonstrate the first of two methods for
loading XML documents.
- Lesson 3: XML decomposition load - Uses an annotated schema and decomposition to demonstrate the second
method for loading XML documents.
- Lesson 4: Query examples - Provide examples of querying the protected data using SQL/XML and XQuery.
Prerequisites
This tutorial is written for DB2 database developers and DB2 database administrators.
You should have a basic understanding of DB2's new pureXML and LBAC features.
System requirements
DB2 9 for Linux®, UNIX®, and Windows® installed.
Duration
2 hours
Formats html, pdf
About this tutorial
This tutorial will take you step-by-step through the implementation of document-level security using
DB2 9. Document-level security is a data protection solution that is achieved by bringing together two of DB2's newest
features:
- Native XML storage: pureXML
- Label-based Access Control
Combining these two features produces a native XML data store that is capable
of protecting XML documents and controlling access to them on a document-by-document
basis.
| | | |
