Home
SecurityYou can secure your HCL OneDB™ database server and the data that is stored in your HCL OneDB™ databases. You can encrypt data, secure connections, control user privileges and access, and audit data security.
Security in HCL OneDB™The HCL OneDB™ Security Guide documents methods for keeping your data secure by preventing unauthorized viewing and altering of data or database objects, including how to use the secure-auditing facility of the database server.
Securing data
Label-Based Access ControlYou can use label-based access control (LBAC), an implementation of multi-level security (MLS), to control who has read access and who has write access to individual rows and columns of data.
Security labelsSecurity labels are objects applied to rows and columns in order to protect these data, and granted to users to give them access to protected data.
Revoking security labelsThe REVOKE SECURITY LABEL statement revokes a security label from a user or from a list of users.

Revoking security labels

The REVOKE SECURITY LABEL statement revokes a security label from a user or from a list of users.

Before you begin

You must hold the DBSECADM role to issue the REVOKE SECURITY LABEL statement.

When you issue the statement, you optionally can also:

Revoke every security label of a security policy from users.
Specify read-access or write-access label, or both labels, if the users have two different labels for a security policy.

Revoke a security label by issuing the REVOKE SECURITY LABEL statement, as described in HCL OneDB™ Guide to SQL: Syntax.

In the following example of this SQL statement, label2 of the company security policy is revoked from user maria.

REVOKE SECURITY LABEL company.label2
   FROM maria;