This project is read-only.
A deep discussion on label security is available with the whitepaper:

A security label is a piece of information that describes the sensitivity of a data item (an object). It is a string containing markings from one or more categories. Users (subjects) have permissions described with the same markings. Essentially, each subject has a label of its own. To determine access to a particular object, the subject’s label is compared against the label on the object.

The Label Security Toolkit contains tools and design guidance for implementing label-based row and cell level security with SQL Server 2005 and later.


The following documentation is provided with the Label Security Toolkit.

• Using the Label Security Toolkit
• Database Developer’s Reference
• RLS/CLS Framework Design Whitepaper
• Readme files for each sample

To quickly get oriented with the toolkit and the Label Policy Designer, start with Using the Label Security Toolkit. The document introduces label-based access control, walks through the use of the Label Policy Designer, and explains how to configure your application data model to support row/cell level security.

The Database Developer’s Reference contains more detailed reference information on the database objects used to implement row and cell level security, as well as other in-depth topics.

The Framework Design Whitepaper is a backgrounder which explains the design on which the Label Security Toolkit is based. You do not need to read this to use the toolkit, but if you want to understand the internals, this is the place to look. This document will be available soon.

Label Policy Designer Tool

Use the Label Policy Designer Tool to implement the row/cell level security framework. It allows you to design a specific taxonomy of markings, and set the rules used to validate and compare labels. Based on this logical definition, the tool will create the framework in a target database (or generate a deployment script).

The tool can also be used for basic maintenance/administration of an existing label policy, including adding/removing valid markings and removing the label policy from a database.


Included with the toolkit are several samples demonstrating implementation of RLS/CLS databases. These are an important companion to the documentation for understanding the details of using row- or cell-level security. These examples include:
  • Applying label policies to a target database
  • Creating application tables and views
  • Using updateable views to handle write operations
  • Writing instead-of triggers to handle write operations
  • Writing custom code against a database with row/cell level security


The Label Policy Designer requires full database owner rights on the target database. It should be used only by administrators with clearance to data stored in these databases. As an alternative, the tool can be used to set up the label policy(s) before sensitive data is added to the database, and then the administrator’s rights can be reduced. In any case, other routine administrative work such as taking backups or administering user permissions can be performed with lesser privileges that do not require full database access.

Last edited Jul 19, 2011 at 2:48 PM by lararubbelke, version 5


chg Oct 12, 2012 at 9:54 AM 
new version (January2012)

ahmedelbatal Mar 3, 2012 at 6:17 PM

MaxPerf Feb 15, 2012 at 10:09 PM 
The 'A deep discussion on label security is available with the whitepaper' link above doesn't work ( SQL_Server_RLS-CLS_White_paper.docx ). Can someone please post a working link to it as all of my Googled results just point to the same URL