Manualshelf

SQL/MP Installation and Management Guide

ManualsBrandsHP ManualsServerHP NonStop G-Series
71727374757677787980
Understanding and Planning Database Tables
HP NonStop SQL/MP Installation and Management Guide523353-004
3-15
Using Views
Limitations on access to the data
The SECURE clause can assign a security string to a protection view to limit
access to those users who have authority to read, write to, and purge the view.
Protection against inserting or updating rows outside the definition of the view
A protection view defined with the WITH CHECK option specifies that only rows
that satisfy the view’s definition can be inserted by users. Omitting this option
allows rows to be inserted without satisfying the view’s definition.
Uses for protection views include:
°
Providing validity checks on the underlying table for inserts and updates
°
Providing security restrictions so that only certain information can be presented
to a user by masking rows and columns of the underlying table from displays or
updating
°
Masking logically deleted and added columns of the underlying table
Shorthand Views
A shorthand view is derived from one or more tables or other views and defined
without the FOR PROTECTION option of the CREATE TABLE statement. A shorthand
view can be read but not updated; it can be secured only for purge authority. Any user
who has authority to read all tables underlying the view has authority to read the view.
One use for shorthand views is to provide security restrictions so that only certain
information can be presented to the user, for display only, by specifying a set of
columns and restricting rows to a given set of criteria.
When considering shorthand views for securing underlying tables from access by
users of shorthand views, consider these:
Shorthand views do not limit a user’s access for reading an underlying table if the
user can find the table. The security of a shorthand view depends on the
underlying table. If the user is authorized to read the view, the user is authorized to
read the underlying table.
Shorthand views are difficult to secure because only the purge attribute of the
security string has meaning. The other security attributes of a shorthand view are
the same as for the underlying table or tables.
A shorthand view limits a users access to data if the user knows only about the
view and not about the underlying table or tables. You can try to prevent users from
reading a table by not making the name of the table available; however, a
knowledgeable user could query the catalog to determine the name of the
underlying table if the user has the authority to read the catalog.