LBAC Scenario
To protect sensitive data of 'credit_card' table like credit card number, CCV number, card holder name, J.K.Avro superstore decides to implement
column level LBAC.
Operation
SECADM Pat of J.K. Avro superstore sets up the column level LBAC policies as below.
- Creates security label component to restrict access to columns of 'credit_card' table.
- Creates security policy which defines who can access which columns of 'credit_card' table.
- Creates security labels and grants them to different users with different access rules.
- Security label 'TOP_SECRET' is granted to Joe, manager of customer service department.
- Security label 'SECRET' is granted to Bob, an employee of customer service department.
- Enables column level LBAC on 'credit_card' table.
Solution
Pat sets up LBAC policies on 'credit_card' table so that only business need-to-know people would access the table data.