16.10 - About Security Labels - Teradata Database

Teradata Database Security Administration

Product
Teradata Database
Release Number
16.10
Release Date
June 2017
Content Type
Administration
Security
Publication ID
B035-1100-161K
Language
English (United States)

You must set up a system of labels for each security classification category you want to use in defining user access levels and row access requirements.

A security classification system consists of:

  • The name of the classification
  • The valid labels for use in classification, where each label is a name:value pair

The labels within a classification system may represent a value hierarchy, or they may be a series of compartments with no hierarchical relationship, for example:

  • Security clearance (hierarchical): Top Secret, Secret, Classified, Unclassified
  • User function (non-hierarchical): Administrator, Programmer, Batch User, End User
  • Division/location (non-hierarchical): Canada, China, France, Germany, United States

Each classification system is the basis for:

  • A security CONSTRAINT object, which defines a set of applicable access restrictions
  • A security constraint column, which apply the restrictions defined in the corresponding CONSTRAINT object to each table in which the column appears