Row and column access control (RCAC) overview

Row and column access control (RCAC) is an extra layer of data security for your database. Row and column access control is sometimes referred to as fine-grained access control or FGAC. RCAC controls access to a table at the row level, column level, or both. RCAC can be used to complement the table privileges model.

To comply with various government regulations, you might implement procedures and methods to ensure that information is adequately protected. Individuals in your organization are granted access to only the subset of data that is required to complete their job tasks. For example, government regulations in your area might state that a doctor is authorized to view the medical records of their own patients, but not of other patients. The same regulations might also state that, unless a patient gives their consent, a healthcare provider is not granted access to patient personal information, such as the patients home phone number.

You can use row and column access control to ensure that your users have access to only the data that is required for their work. For example, a hospital system that is running a Db2® data warehouse and RCAC can filter patient information and data to include only the data that a particular doctor requires. Other patients do not exist as far as the doctor is concerned. Similarly, when a patient service representative queries the patient table at the same hospital, they are able to view the patient name and telephone number columns, but the medical history column is masked for them. If data is masked, a NULL, or an alternative value is displayed, instead of the actual medical history.

RCAC has the following advantages:
  • No database user is inherently exempted from the row and column access control rules.

    Even higher-level authorities such as users with DATAACCESS authority are not exempt from these rules. Only users with security administrator (SECADM) authority can manage row and column access controls within a database. Therefore, you can use RCAC to prevent users with DATAACCESS authority from freely accessing all data in a database.

  • Table data is protected regardless of how a table is accessed through SQL.

    Applications, improvised query tools, and report generation tools are all subject to RCAC rules. The enforcement is data-centric.

  • No application changes are required to take advantage of this additional layer of data security.

    That is, row and column level access controls are established and defined in a way that is not apparent to existing applications. However, RCAC represents an important shift in paradigm in the sense that it is no longer what is being asked but rather who is asking what. Result sets, for the same query, change based on the context in which the query was asked and a warning or error was not returned. This behavior is the exact intent of the solution. It means that application designers and DBAs must be conscious that queries do not see the whole picture in terms of the data in the table, unless granted specific permissions to do so.