17.20 - Row Level Security Compared to View and Column Access Controls - Analytics Database - Teradata Vantage

Teradata Vantage™ - Analytics Database Security Administration - 17.20

Deployment
VantageCloud
VantageCore
Edition
Enterprise
IntelliFlex
VMware
Product
Analytics Database
Teradata Vantage
Release Number
17.20
Published
June 2022
Language
English (United States)
Last Update
2023-03-07
dita:mapPath
hjo1628096075471.ditamap
dita:ditavalPath
qkf1628213546010.ditaval
dita:id
zuy1472246340572
Implementation of row level security can be complicated compared to standard discretionary access controls. Before you commit to using row level security, determine whether or not you can meet access control needs by more conventional means, for example:
  • Grant user access to views that do not include columns with sensitive data, instead of granting user privileges on the entire base table.
  • Grant or revoke access privileges only on selected columns in the base table.
When comparing access control methods, consider that view and column level access controls:
  • Are usually adequate for controlling SELECT statements, but users cannot run INSERT, UPDATE, and DELETE statements on columns they cannot see, and must revert to accessing the base tables for these operations.
  • Are discretionary and the object owner can grant access to any user.