Last year I wrote a white paper for a project about row-level security. The info in the document is proprietary to one of our products but I do have all the references I used.
One of the reasons you will see so many links to Oracle information is because Oracle has row-level security built in. I learned a great deal about best-practices and typical usage from studying their documentation. I would definitely recommend reading their introductions to row-level security (typically the first chaper of the administrator's guide). There is a great deal of info on how its used in the marketplace.
Anyway, the links are below:
Berkus, Josh. “Thinking about Row Level Security” (2009):
http://it.toolbox.com/blogs/database-soup/thinking-about-row-level-security-part-1-30732
Davidson, Louis. “Pro SQL Server 2008 Relational Database Design and Implementation” (2008):
Erdogan, Kemal. “A Fairly Capable Authorization Sub-System with Row-Level Security Capabilities (AFCAS)” (2008): http://www.codeproject.com/KB/database/AFCAS.aspx
Finnigan, Pete. “Oracle Row Level Security” (2003): http://www.securityfocus.com/infocus/1743
Finnigan, Pete. “Using Oracle VPD in the Real World” (2008): http://www.petefinnigan.com/Oracle_Security_VPD6Slides.pdf
Kondreddi, Narayana Vyas. “Implementing row level security in SQL Server databases” (2001): http://vyaskn.tripod.com/row_level_security_in_sql_server_databases.htm
Lambert, Bob. “Protecting Your Data with Row Level Security for SQL Server Databases” (2009): http://www.ddj.com/database/215900773;jsessionid=HXW3NHLZHKL4FQE1GHOSKHWATMY32JVN?pgno=1
Lewis, Jonathan. “Row Level Security” (2006):
http://www.dbazine.com/oracle/or-articles/jlewis15
Marston, Tony. “A Role-Based Access Control (RBAC) system for PHP” (2004): http://www.tonymarston.net/php-mysql/role-based-access-control.html
Microsoft Corporation. “BUG: Changes to the Group Membership in Windows Are Not Reflected Immediately in the SQL Server IS_MEMBER Function” (2009): http://support.microsoft.com/kb/812774
Oracle Corporation. “Oracle Label Security Administrator’s Guide 10g Release 1 (10.1)” (2003): http://download.oracle.com/docs/cd/B19306_01/network.102/b14267.pdf
Oracle Corporation. “Oracle Label Security Administrator’s Guide 11g Release 1 (11.1)” (2007): http://download.oracle.com/docs/cd/B28359_01/network.111/b28529.pdf
Oracle Corporation. “Oracle Label Security in Government and Defense Environments” (2009):
http://www.oracle.com/database/docs/database-govdef-label-security-whitepaper.pdf
Rask, Art et al. “Implementing Row- and Cell-Level Security in Classified Databases Using SQL Server 2005” (2005):