Beginning SQL
Beginning SQL Beginning SQL
You could then give SELECT privileges to vEmployeeSensitive to the usrPayroll user ID. Figure 12-6 illustrates that the user usrPayroll can now view only the person’s name, SSN, and salary fields while hiding address and phone numbers. Horizontal views, on the other hand, allow the user to view all the fields in the table but only for selected sets of records. For example, suppose you had a business rule that states that a department manager should be able to view all personnel information for only the employees in their department. Name Addr City State Zip Phone SSN Salary Age Figure 12-6 Name SSN Select Update Payroll Salary SQL Security Can view & update sensitive info 339
- Page 666: In spite of all of these performanc
- Page 670: Shared A shared lock essentially me
- Page 674: of record locks, the DBMS may decid
- Page 678: No updates, additions, or deletions
- Page 682: International Board Manufacturer ha
- Page 686: contention. You could wrap your new
- Page 690: Summary Transactions ensure that us
- Page 696: Chapter 12 328 SQL security is cent
- Page 700: Chapter 12 Creating User IDs Figure
- Page 704: Chapter 12 3. In the SQL window, ty
- Page 708: Chapter 12 ❑ You can assign a dif
- Page 712: Chapter 12 Privileges Privileges ar
- Page 716: Chapter 12 338 You could then give
- Page 722: Limitations on Views Views are by t
- Page 726: GRANT SELECT (NAME, SSN, SALARY) ON
- Page 730: Betsey also grants privileges to Ji
- Page 734: The CASCADE option tells the DBMS t
- Page 738: 13 Database Tuning SQL is a languag
- Page 742: Perhaps this doesn’t sound remote
- Page 746: When an application asks for data f
- Page 750: The point of all the discussion of
- Page 754: How Do You Do It? And herein lies t
- Page 758: The slots are often implemented as
- Page 762: On the other hand, an index on a tr
- Page 766: Tuning Tips The following list cont
You could then give SELECT privileges to vEmployeeSensitive to the usrPayroll user ID. Figure 12-6<br />
illustrates that the user usrPayroll can now view only the person’s name, SSN, and salary fields while<br />
hiding address and phone numbers.<br />
Horizontal views, on the other hand, allow the user to view all the fields in the table but only for selected<br />
sets of records.<br />
For example, suppose you had a business rule that states that a department manager should be able to<br />
view all personnel information for only the employees in their department.<br />
Name Addr City State Zip Phone SSN Salary Age<br />
Figure 12-6<br />
Name SSN<br />
Select<br />
Update<br />
Payroll<br />
Salary<br />
<strong>SQL</strong> Security<br />
Can view &<br />
update sensitive<br />
info<br />
339