Using Passwords with Views

The levels of protection for SAS views and stored programs are similar to the levels of protection for other types of SAS files. However, with SAS views, passwords affect not only the underlying data, but also the view’s definition (or source statements).

You can specify three levels of protection for SAS views: Read, Write, and Alter. The following section describes how these data set options affect the underlying data as well as the view’s descriptor information. Unless otherwise noted, the term “view” refers to any type of SAS view and the term “underlying data” refers to the data that is accessed by the SAS view:

Like passwords for other SAS files, the Read, Write, and Alter passwords for views are hierarchical, with the Alter password being the most restrictive and the Read password being the least restrictive. To DESCRIBE a password-protected view, you must specify its password. If the view was created with more than one password, you must use its most restrictive password to DESCRIBE the view.

For example, to DESCRIBE a view that has both Read and Write protection, you must specify its Write password. Similarly, to DESCRIBE a view that has both Read and Alter protection, you must specify its alter password (since Alter is the most restrictive of the two).

The following program shows how to use the DESCRIBE statement to view the descriptor information for a Read and Alter protected view:

/*create a view with read and alter protection*/
data exam / view=exam(read=read alter=alter);    
   set grades; 
run; 
/*describe the view by specifying the most restrictive password */
data view=exam(alter=alter);    
   describe; 
run;

For more information, see DESCRIBE Statement in SAS Statements: Reference and DATA Statement in SAS Statements: Reference.

In most DATA and PROC steps, the way you use password-protected views is consistent with the way that you use other types of password-protected SAS files. For example, the following PROC PRINT prints a Read-protected view:

proc print data=mylib.grade(read=green);
run;

Typically, when you create a PROC SQL view from a password-protected SAS data set, you specify the password in the FROM clause in the CREATE VIEW statement using a data set option. In this way, you can access the underlying data without re-specifying the password when you use the view later. For example, the following statements create a PROC SQL view from a Read-protected SAS data set, and drop a sensitive variable:

proc sql;
   create view mylib.emp as
      select * from mylib.employee(pw=orange drop=salary);
quit;

SAS/ACCESS software enables you to edit View descriptors and, in some interfaces, the underlying data. To prevent someone from editing or reading (browsing) the View descriptor, assign Alter protection to the view. To prevent someone from updating the underlying data, assign Write protection to the view. For more information, see the SAS/ACCESS documentation for your DBMS.

When you create a DATA step view using a password-protected SAS data set, specify the password in the View definition. In this way, when you use the view, you can access the underlying data without respecifying the password.

The following statements create a DATA step view using a password-protected SAS data set, and drop a sensitive variable:

data mylib.emp / view=mylib.emp;
   set mylib.employee(pw=orange drop=salary);
run;

Note that you can use the SAS view without a password, but access to the underlying data requires a password. This is one way to protect a particular column of data. In the above example, proc print data=mylib.emp; executes, but proc print data=mylib.employee; fails without the password.