DB2 10.5 for Linux, UNIX, and Windows

LBAC security label component type: TREE

TREE is one type of security label component that can be used in a label-based access control (LBAC) security policy.

In the TREE type of component the elements are treated as if they are arranged in a tree structure. When you specify an element that is part of a component of type TREE you must also specify which other element it is under. The one exception is the first element which must be specified as being the ROOT of the tree. This allows you to organize the elements in a tree structure.

Example: If the component mycomp is defined this way: 
CREATE SECURITY LABEL COMPONENT mycomp 
TREE ( 
    'Corporate'      ROOT, 
    'Publishing'     UNDER 'Corporate', 
    'Software'       UNDER 'Corporate', 
    'Development'    UNDER 'Software', 
    'Sales'          UNDER 'Software', 
    'Support'        UNDER 'Software' 
    'Business Sales' UNDER 'Sales'
    'Home Sales'     UNDER 'Sales'
)
Then the elements are treated as if they are organized in a tree structure like this:
Diagram showing the tree component mycomp.
In a component of type TREE, the elements can have these types of relationships to each other:
Parent
Element A is a parent of element B if element B is UNDER element A.
Example: This diagram shows the parent of the Business Sales element:
Diagram showing the tree component mycomp. Sales is highlighted.
Child
Element A is a child of element B if element A is UNDER element B.
Example: This diagram shows the children of the Software element:
Diagram showing the tree component mycomp. Development, Sales, and Support are highlighted.
Sibling
Two elements are siblings of each other if they have the same parent.
Example: This diagram shows the siblings of the Development element:
Diagram showing the tree component mycomp. Sales and Support are highlighted.
Ancestor
Element A is an ancestor of element B if it is the parent of B, or if it is the parent of the parent of B, and so on. The root element is an ancestor of all other elements in the tree.
Example: This diagram shows the ancestors of the Home Sales element:
Diagram showing the tree component mycomp. Corporate, Software, and Sales are highlighted.
Descendent
Element A is a descendent of element B if it is the child of B, or if it is the child of a child of B, and so on.
Example: This diagram shows the descendents of the Software element:
Diagram showing the tree component mycomp. Development, Sales, Support, Business Sales and Home Sales are all highlighted.
Related reference:
CREATE SECURITY LABEL COMPONENT statement