Multi-Level Security and row-secure tables

Multi-Level Security is an abstract security model, which IBM® Netezza® uses to define rules to control user access to row-secure tables (RSTs). A row-secure table is a database table with security labels on rows to filter out users without the appropriate privileges. The results that are returned on queries differ based upon the privileges of the user who makes the query. This section describes ways of using Multi-Level Security.

The set of user access privileges is called a security profile. Every user (also called a principal) created on the system gets at least the default security profile, at the lowest possible level. When a user attempts to access a table row, the system checks the user’s profile against the row security label; if the profile allows, the user can access the row.

The following sections explain the components of the access rules and how they interact with each other.

For more information about SQL, see the IBM Netezza Database User’s Guide.