There are two ways to restrict user update and read requests to specific fields of a physical database file:
Create a logical view of the physical file that includes only those fields to which you want your users to have access. See "Using logical files to secure data" for more information.
Or you could use the SQL GRANT statement to grant update authority to specific columns of an SQL table. See About DB2 UDB for iSeries SQL Programming Concepts for more information.
For more information about the GRANT and REVOKE statements themselves, see About DB2 UDB for iSeries SQL reference. One major limitation of this latter method is that field level security only works for SQL type accesses, and only for *CHANGE –- not for *READ.
================================== MORE INFORMATION ON THIS TOPIC ==================================
The Best Web Links: tips, tutorials and more.
Search400's targeted search engine: Get relevant information on security.
Ask your systems management questions--or help out your peers by answering them--in our live discussion forums.
Check out this Search400.com Featured Topic: Top ten security tips
This was first published in September 2003