Click here to view and discuss this page in DocCommentXchange. In the future, you will be sent there automatically.

SAP Sybase SQL Anywhere 16.0 » SQL Anywhere Server - Database Administration » User and database security

 

Data security

Since databases may contain proprietary, confidential, or private information, ensuring that the database and the data in it are designed for security is very important.

SQL Anywhere has several features to assist in building a secure environment for your data:

  • User identification and authentication   These features control who has access to a database.

  • Discretionary access control features   These features control the actions a user can perform while connected to a database.

  • Auditing   This feature helps you maintain a record of actions on the database.

  • Database server options   These features let you control who can perform administrative operations (for example, loading databases). These options are set when you start the database server. See Control privileges from the command line.

  • Views and stored procedures   These features allow you to specify the data a user can access and the operations a user can execute.

  • Database and table encryption   You can choose to secure your database either with simple encryption, or with strong encryption. Simple encryption is equivalent to obfuscation. Strong encryption renders the database completely inaccessible without an encryption key.

    Table encryption features allow you to encrypt individual tables, instead of encrypting the entire database.

  • Transport-layer security   You can use transport-layer security to authenticate communications between client applications and the database server. Transport-layer security uses RSA encryption technology.

    Note

    If you are concerned about other processes on the computer that is running the database server being able to access the contents of your client/server communications, it is recommended that you use encryption.

    Note

    Separately licensed component required.

    FIPS-certified encryption requires a separate license. All strong encryption technologies are subject to export regulations.

    See Separately licensed components.

  • Secure features   You can disable features for all databases running on a database server.

  • SELinux support   SELinux policies control an application's access to system resources. SQL Anywhere includes a policy that secures it on Red Hat Enterprise Linux 5.

    For information about compiling and installing the SQL Anywhere SELinux policy, see $SQLANY16/selinux/readme.

 See also

Security: Use views and procedures to limit data users can access
General security tips
Security considerations: User IDs
Disk sandboxing
Secure features
Database activity audits
Database encryption and decryption
Windows Mobile database security