Q

DB2/400 field-level security

I'm currently running V4R5 on a model 720. I'm using Crystal Report Writer and want to apply security in DB2/400 at the field level. For instance, I want departments to have access to their own payroll data, but no one else's. Is this possible?

There are two ways to restrict user update and read requests to specific fields of a physical database file:

Create a logical view of the physical file that includes only those fields to which you want your users to have access. See "Using logical files to secure data" for more information.

Or you could use the SQL GRANT statement to grant update authority to specific columns of an SQL table. See About DB2 UDB for iSeries SQL Programming Concepts for more information.

For more information about the GRANT and REVOKE statements themselves, see About DB2 UDB for iSeries SQL reference. One major limitation of this latter method is that field level security only works for SQL type accesses, and only for *CHANGE –- not for *READ.

==================================
MORE INFORMATION ON THIS TOPIC
==================================

The Best Web Links: tips, tutorials and more.

Search400's targeted search engine: Get relevant information on security.

Ask your systems management questions--or help out your peers by answering them--in our live discussion forums.

Check out this Search400.com Featured Topic: Top ten security tips


This was first published in September 2003

Dig deeper on iSeries system and application security

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchEnterpriseLinux

SearchDataCenter

Close