Home
SQL programmingYou can use the HCL OneDB™ implementation of the SQL language to develop applications for HCL OneDB™ database servers.
Guide to SQL: SyntaxThe HCL OneDB™ Guide to SQL: Syntax describes the syntax of the statements, data types, expressions, operators, and built-in functions of the HCL OneDB™ dialect of the SQL language.
SQL statementsThis chapter describes the syntax and semantics of SQL statements that are recognized by HCL OneDB™.
GRANT statementUse the GRANT statement to assign access privileges and roles to users and to other roles. Users who hold the DBSECADM role can use this statement to assign user security labels and exemptions from label-based access control (LBAC) security rules.
Security Administration Options
SECURITY LABEL Clause
Rules for User Security Labels

Rules for User Security Labels

The following rules affect security labels that are granted to users by the GRANT SECURITY LABEL statement:

The user cannot be the DBSECADM who issues this GRANT SECURITY LABEL statement.
A user without a security label has a NULL or zero label. A user with no security label cannot access data in a protected table, unless the user holds the necessary exemptions on the policy.
By default, the IDSSECURITYLABEL column of a protected table cannot have NULL values. A user with no security label cannot insert data into a table with row protection, even if the user has been granted the necessary exemptions on the security policy, unless the row label is explicitly specified in the INSERT statement. For details of how to specify a security label explicitly in the INSERT statement, see Security Label Support Functions.
User security labels have no effect on the following types of database tables, because these tables cannot be protected by a security policy:
- Virtual Table Interface tables,
- tables with Virtual Index Interface indexes,
- tables in a typed-table hierarchy,
- temporary tables.

Have feedback?
Google Analytics is used to store comments and ratings. To provide a comment or rating for a topic, click Accept All Cookies or Allow All in Cookie Preferences in the footer of this page.