Restricting access to the security label column

If you do not want users to see a security label column, you can create views that do not include the column.

To restrict access to the security label column, choose one of the following options:

• Create a view that only includes those columns that are not security columns.
  For example, suppose that the ORDER table has the following columns: ORDERNO, PRODNO, CUSTNO, SECURITY. Suppose that SECURITY is the security label column, and that you do not want users to see the SECURITY column. Use the following statement to create a view that hides the security label column from users:

  CREATE VIEW V1 AS
    SELECT ORDERNO, PRODNO, CUSTNO FROM ORDER;

• Retrieve the value of the SYSIBM.SECLABEL session variable, and create a view that includes only the rows that match the session variable value.
  This will create a view that gives each user access only to the rows that include that user's security label column.
  For example, you would use the following statement to create a view that allows access only to the rows that match the user's security label:

  CREATE VIEW V2 AS SELECT * FROM ORDER 
      WHERE SECURITY=GETVARIABLE('SYSIBM.SECLABEL');