Security, i.e. ensuring the confidentiality and integrity of stored information, is an important aspect in today’s dp and SQL systems.
A distinction is made between the following security criteria:
System access control (identification, authentication)
Users must be identified and authenticated before interaction can begin.Data access control (administration of rights, verification of rights)
The system must manage access rights between users (subjects) and objects. Each time users attempt to access objects which are subject to administration of rights, the operating system must check whether they are authorized to do this. Unauthorized access attempts must be rejected.Logging
The system must contain a logging component which is able to log events which are relevant to security.Reprocessing
Before being reused by other users, sensitive stored objects must be processed in such a way that no conclusions can be drawn about their previous content.
General information on the subject of security in dp systems and information on security in BS2000 is provided in the “ SECOS (BS2000)” manual.
The security officer of the dp system and the SESAM/SQL administrator must use the protective mechanisms of the dp system, in other words of BS2000, and of SESAM/SQL to develop a security policy which offers the required security and permits regular checks. The protective mechanisms of BS2000 are described in the ” SECOS (BS2000)” manual; the protective mechanisms of SESAM/SQL are described in this chapter.
The SESAM/SQL database system includes a wide range of protective mechanisms for effective data protection.
The files of a SESAM/SQL database can be protected by BS2000 passwords, see section “BS2000 passwords for files in the database”.
Users must be authorized to access the database (system access control), in other words they must be registered with the database system as authorized users. Details of the requirements for working with a SESAM/SQL database are provided in section “Access permission for a SESAM/SQL database”. This section introduces the concepts of a system user ID and an authorization identifier, and describes how to set up a user with comprehensive privileges.
Here the SESAM/SQL administrator can also use the technical options of BS2000 and openUTM, e.g. access check via chipcard or electronic signature.
Users must be privileged to perform the relevant operations within the database (data access control). They have to have been assigned the relevant privilege for each operation they would like to carry out. Access protection in SQL through privilege assignment is described in section “Access protection based on privileges in SQL”. The section begins by describing features of access protection under SQL, such as special privileges and table privileges. It also covers aspects of assigning and revoking privileges that require special attention.
In section “Access protection in connection with views” you will find a description of how views can enhance access protection under SQL.
Data access control can also be implemented for CALL DML tables using the SEPA utility routine, see section “Password protection with SEPA for CALL DML tables”.
The section “Data access control by means of data enryption” describes how sensitive data can be protected by means of encryption. This data is also protected in accordance with the security criterion “reprocessing”. Using different keys also enables data from different security areas (e.g. credit card numbers and medical data) to be encrypted differently.
The section “Protection of person-related data by means of anonymization” describes how sensitive data is anonymized with SESAM/SQL.
The section “Logging security-relevant events with SAT” describes the logging component of SESAM/SQL.
The SESCOSP and SEDI70 utility routines (see the “ Database Operation” manual) log database accesses and create logs for auditing the SESAM/SQL system.