LBAC Scenario
J.K.Avro superstore has branches in four regions - North, South, East, West. Table 'dailysales' contains sales data of all regions.
The company would like to protect data of one region from another.
Not all employees of the organization need to have access to all table data. Staff should be granted to access data as required.
To protect access to daily sales data of different regions from employees in other regions, J.K.Avro superstore decides to implement Row Level LBAC.
Operation
SECADM of J.K.Avro superstore, Pat, sets up the row level LBAC policies as below.

1. Creates security label component to restrict access to specific regional data by corresponding regional managers.
2. Creates security policy which defines who can access which rows of 'dailysales' table.
3. Creates security labels and grants them to different users with different access rules.
- Security label 'NORTH' is granted to Betcy, employee of customer service department.
- Security label 'SOUTH' is granted to Bob, employee of customer service department.
- Security label 'EAST' is granted to Sam, employee of customer service department.
- Security label 'WEST' is granted to Nick, employee of customer service department.
- Security label 'CENTRAL' is granted to Joe, general manager for NORTH and SOUTH regions.
- Security label 'COASTAL' is granted to Sue, general manager for EAST and WEST regions.
- Security label 'SALES_ORGANIZATION' is granted to the Mark, Vice President of J.K.Avro superstore.
4. Alter table 'dailysales' to add security labels to all the rows of the table.
Solution
Pat sets up LBAC policies on 'dailysales' table so that staff will only access data they only need to know.