SQL Anywhere Studio Security Guide
Keeping Your Data Secure
Since databases may contain proprietary, confidential, or private information, ensuring that the database and the data in it are designed for security is very important.
Adaptive Server Anywhere has several features to assist in building a secure environment for your data:
User identification and authentication These features control who has access to a database.
For information on these subjects, see Creating new users.
Discretionary access control features These features control the actions a user can carry out while connected to a database.
For more information, seeDatabase permissions overview.
Auditing This feature helps you maintain a record of actions on the database.
For more information, see Auditing database activity.
Database server options These features let you control who can carry out operations (for example, loading databases). These options are set when you start the database server.
For more information, see Controlling permissions from the command line.
Views and stored procedures These features allow you to specify the data a user can access and the operations a user can execute.
For more information, see Using views and procedures for extra security.
Database encryption Database encryption features allow you to choose the level of database encryption. You can choose to secure your database either with simple encryption, or with strong encryption. Simple encryption is equivalent to obfuscation. Strong encryption renders the database completely inaccessible without the key.
For more information, see Initialization utility options.
Communication encryption You can encrypt client/server communications with simple or strong encryption for greater security as they pass over the network. Strong encryption is only supported over the TCP/IP port on Solaris, Linux, NetWare, and all supported Windows operating systems except Windows CE.
Communication encryption is a separately licensable component and must be ordered before you can install it. To order this component, see the card in your SQL Anywhere Studio package or see http://www.sybase.com/detail?id=1015780.
For more information, see Encrypting client/server communications.
C2 certification C2 is a set of security guidelines established by the U.S. government to maintain consistency within their organization. If you are running Adaptive Server Anywhere 7.0, and if you have the appropriate hardware, you can set up your machine to run in a C2 certified manner. The C2-certified documentation is available at http://my.sybase.com/detail?id=1010458.
For information on running the current version of Adaptive Server Anywhere in a manner equivalent to the C2-certified environment, see Installation.