Defining Security Labels for Users/Rows | Teradata Vantage - Defining Security Labels for Users and Rows - Analytics Database - Teradata Vantage

Security Administration

Deployment
VantageCloud
VantageCore
Edition
Enterprise
IntelliFlex
VMware
Product
Analytics Database
Teradata Vantage
Release Number
17.20
Published
June 2022
Language
English (United States)
Last Update
2023-11-02
dita:mapPath
hjo1628096075471.ditamap
dita:ditavalPath
qkf1628213546010.ditaval
dita:id
zuy1472246340572
lifecycle
latest
Product Category
Teradata Vantage™
Before implementing row level security, you should define the security classification systems and associated labels required to support your site security policy.
  1. Define each classification system and identify the labels in the system.

    Each system is the basis for a security CONSTRAINT object, which defines a set of access controls. Each user can be assigned up to 6 hierarchical and 2 non-hierarchical constraints.

  2. For each table requiring row level security protection, determine which of the classification system (security constraints) should apply to the range of users who access the table.

    A table can contain up to 5 constraint columns.

  3. Identify how security labels for each system should apply to table rows, and define the user access level required to perform each SQL operation (INSERT, SELECT, UPDATE, and DELETE).

    You can use this analysis to help:

    • Determine the level of protection required for each row
    • Define the SQL access rules used in creating security constraint UDFs
    • Determine which UDFs should be used in a security CONSTRAINT object