Data access control for system-period temporal tables

Row and column access control can be defined on both a system-period temporal table and its associated history table.

Row and column access control (RCAC) is a layer of data security that controls access to a table at the row level, column level, or both. RCAC can be applied to system-period temporal tables and history tables. When RCAC is only activated for a system-period temporal table, the database manager automatically activates row access control on the history table and creates a default row permission for the history table.

When the history table is protected by the default row permission, updates and deletes still generate history rows in the history table. When an AS OF query is issued against a system-period temporal table, the RCAC row permissions and column masks for the system-period temporal table are also applied to the rows returned from the history table.

If a history table is accessed directly, then any row and column rules defined on the history table are applied.