Joined: Mar 12, 2005 Posts: 255 Location: Melbourne, Australia
Posted: Fri Mar 24, 2006 9:39 am Post subject:
This is just a reference to standard information security models provided by most relational databases.
It simply means that you can establish two mechanisms for controlling access to information.
1) Row level access - a user has access only to certain records in a DB table. This is usually set by a condition on one or more fields (attributes) in the record. Say 'Where department is "Finance"' Which would mean if the Dpeartment field in a record has the value "Finance" the user will see the record - but not see records for any other department.
1)Attribute level access is setting permissions for users for particular fields in a record and covers every record regardless of whether they have row level access or not. So you could specify that one user can see the social security number in an employee record, another user could see it and update it, and another user could be denied access - in which case they won't ever see that field in a representation of the employee records. (And if the databases interface - form - doesn't actually hide the field, it will would be blank - even though there is actually information in the underlying record.)
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum