Following is a list of security enhancements introduced in SQL Anywhere version 11.0.0.
ISYSUSER and ISYSEXTERNLOGIN system tables are now encrypted when table encryption is enabled Previously, when encrypting a database, or when creating a database with table encryption enabled, the ISYSCOLSTAT system table was automatically encrypted. Now, the ISYSUSER and ISYSEXTERNLOGIN system tables are also encrypted, to provide additional security.
Auditing enhancements Now, auditing can be controlled through Sybase Central. From the Database Properties window, you can enable auditing, disable auditing, and specify which information they want to audit. Auditing information can be viewed in Sybase Central on the Auditing tab in the right pane. See Configuring auditing (Sybase Central) and Retrieving auditing information (Sybase Central).
When auditing is enabled, errors for failed connections are now logged, indicating the reason for the failure.
256-bit AES encryption now supported SQL Anywhere now supports 256-bit AES encryption for databases, tables, files, and data. This enhancement impacts several areas, as noted below:
Database and table encryption You can now specify AES256 and AES256_FIPS for the ENCRYPTION clause of the CREATE DATABASE statement. See CREATE DATABASE statement.
You can also specify AES256 and AES256_FIPS for the -ea option of the Initialization utility (dbinit) and Unload utility (dbunload). See Initialization utility (dbinit) and Unload utility (dbunload).
FIPS-certified algorithms You can now use 256-bit FIPS-certified AES algorithms. See -fips database server option.
Encrypting and decrypting data When encrypting data using the ENCRYPT and DECRYPT functions, you can now specify AES256 and AES256_FIPS. See ENCRYPT function [String] and DECRYPT function [String].
Creating encrypted copies of databases, transaction logs, and dbspaces When creating an encrypted copy of an encrypted or unencrypted database, transaction log, or dbspace using the CREATE ENCRYPTED FILE statement, you can now specify a 256-bit AES algorithm (AES256 or AES256_FIPS). See CREATE ENCRYPTED FILE statement.
DBTools support for 256-bit AES encryption The a_create_db and an_unload_db structures have been extended to support AES256 and AES256_FIPS as values for the encryption_algorithm member. See a_create_db structure [database tools] and an_unload_db structure [database tools].
See also:
Password encryption supported for jConnect and Open Client Password encryption is now supported for jConnect and Open Client connections. See:
 |
Discuter à propos de cette page dans DocCommentXchange.
|
Copyright © 2013, SAP AG ou société affiliée SAP - SAP Sybase SQL Anywhere 16.0 |