Security

 

The i5/OS^® operating system has built in security elements that limit access to data resources of an application server. Security options range from simple physical security to full password security coupled with authorization to commands and data objects.

Users must be properly authorized to have access to the database whether it is local or remote. They must also have proper authorization to collections, tables, and other relational database objects necessary to run their application programs. This typically means that distributed database users must have valid user profiles for the databases they use throughout the network. Security planning must consider user and application program needs across the network.

A distributed relational database administrator is faced with two security issues to resolve:

• System to system protection

• Identification of users at remote sites

When two or more systems are set up to access each other's databases, it is important to make sure that the other side of the communications line is the intended location and not an intruder. For DRDA^® access to a remote relational database, the i5/OS use of Advanced Program-to-Program Communication (APPC) and Advanced Peer-to-Peer Networking^® (APPN) communications configuration capabilities provides options for you to do this network-level security.

The second concern for the distributed relational database administrator is that data security is maintained by the system that stores the data. In a distributed relational database, the user has to be properly authorized to have access to the database (according to the security level of the system) whether the database is local or remote. Distributed relational database network users must be properly identified with a user ID on the application server (AS) for any jobs they run on the AS. Distributed Relational Database Architecture™ (DRDA) support using both APPC/APPN and TCP/IP communications protocols provides for the sending of user IDs and passwords along with connection requests.

This topic collection discusses security topics that are related to communications and DRDA access to remote relational databases. It discusses the significant differences between conversation-level security in an APPC network connection and the corresponding level of security for a TCP/IP connection initiated by a DRDA application. In remaining security discussions, the term user also includes remote users starting communications jobs.

• Elements of distributed relational database security
  A distributed relational database administrator needs to protect the resources of the application servers in the network without unnecessarily restricting access to data by application requesters (ARs) in the network.

• DRDA server access control exit programs
  A security feature of the Distributed Relational Database Architecture (DRDA) server, for use with both Advanced Program-to-Program Communication (APPC) and TCP/IP, extends the use of the DDMACC parameter of the Change Network Attributes (CHGNETA) command to DRDA.

• Object-related security for DRDA
  If the System i™ product is an application server (AS), there are two object-related levels at which security can be enforced to control access to its relational database tables.

• Authority to distributed relational database objects
  You can use either the SQL GRANT and REVOKE statements or the control language (CL) Grant Object Authority (GRTOBJAUT) and Revoke Object Authority (RVKOBJAUT) commands to grant and revoke a user's authority to relational database objects.

• Programs that run under adopted authority for a distributed relational database
  A distributed relational database program can run under adopted authority, which means the user adopts the program owner's authority to objects used by the program while running the program. When a program is created using the *SQL precompiler option for naming, the program runs under the program owner's user profile.

• Protection strategies in a distributed relational database
  Network security in an i5/OS distributed relational database must be planned to protect critical data on any application server (AS) from unauthorized access. But because of the distributed nature of the relational database, security planning must ensure that availability of data in the network is not unnecessarily restricted.

 

Parent topic:

Distributed database programming

 

Related reference

Security considerations for a distributed relational database