Overview of SQL security
SQL security in Classic federation is similar to security in DB2® databases.
Implementing security and enforcing security restrictions are the responsibility of the DBMS software. SQL defines an overall framework for database security, and SQL statements specify security access and restrictions.
SQL security involves the following
key concepts:
- Users are the actors in the database. When the DBMS retrieves, inserts, deletes, or updates data, it does so on behalf of a user or group of users. The DBMS permits or denies user actions depending on which user makes the request. You can define users and user groups based on categories of administrative authorities.
- Database objects, such as tables, views, and stored procedures are the objects to which SQL security can be applied.
- Privileges are the actions that a user is permitted to perform against a particular database object. For example, a user might have permission to select and insert rows in one table, but lack permission to delete or update rows in that table. These privileges are allowed or prohibited by using the GRANT and REVOKE SQL statements.
- SQL security and the SAF exit work together to ensure that the user ID and its password are checked before allowing access to particular database objects.
- SQL security is required.