Views as Security Mechanisms
The second major security mechanism in most relational database management systems involves using views in conjunction with GRANT and REVOKE. Permission to access the subset of data in a view must be explicitly granted or revoked, regardless of the set of permissions in force on the view's underlying table or tables.
Through a view, users can query and modify only the data they can see. The rest of the database is neither visible nor accessible. For example, you might not want some users to be able to access the titles table columns that have to do with money and sales. You could create a view of the titles table that omits those columns (call it bookview) and then give all users permission on the view, but give only ...
Get Practical SQL Handbook, The: Using SQL Variants, Fourth Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
