Following is a list of security enhancements introduced in SQL Anywhere version 11.0.0.
ISYSUSER and ISYSEXTERNLOGIN system tables are now encrypted when table encryption is enabled Previously, when encrypting a database, or when creating a database with table encryption enabled, the ISYSCOLSTAT system table was automatically encrypted. Now, the ISYSUSER and ISYSEXTERNLOGIN system tables are also encrypted, to provide additional security.
Auditing enhancements Now, auditing can be controlled through Sybase Central. From the Database Properties window, users with DBA authority can enable auditing, disable auditing, and specify which information they want to audit. Auditing information can be viewed in Sybase Central on the Auditing tab in the right pane. See Controlling auditing and Retrieving auditing information.
When auditing is enabled, errors for failed connections are now logged, indicating the reason for the failure.
Database and table encryption You can now specify AES256 and AES256_FIPS for the ENCRYPTION clause of the CREATE DATABASE statement. See CREATE DATABASE statement.
FIPS-approved algorithms You can now use a 256-bit FIPS-approved AES algorithm on a FIPS-enabled platform. See -fips dbeng12/dbsrv12 server option.
Creating encrypted copies of databases, transaction logs, and dbspaces When creating an encrypted copy of an encrypted or unencrypted database, transaction log, or dbspace using the CREATE ENCRYPTED FILE statement, you can now specify a 256-bit AES algorithm (AES256 or AES256_FIPS). See CREATE ENCRYPTED FILE statement.
DBTools support for 256-bit AES encryption The a_create_db and an_unload_db structures have been extended to support AES256 and AES256_FIPS as values for the encryption_algorithm member. See a_create_db structure and an_unload_db structure.
Discuss this page in DocCommentXchange.
|Copyright © 2010, iAnywhere Solutions, Inc. - SQL Anywhere 12.0.0|