SQL Anywhere Studio Security Guide
Keeping Your Data Secure
By assigning user IDs and passwords, the database administrator controls who has access to a database. By granting permissions to each user ID, the database administrator controls what tasks each user can carry out when connected. This section describes the features available for controlling database access.
When you log onto the database, you have access to all database objects that meet any of the following criteria:
objects you created.
objects to which you received explicit permission.
objects to which a group you belong to received explicit permission.
The user cannot access any database object that does not meet these criteria. In short, users can access only the objects they own or objects to which they explicitly received access permissions.
For more information, see the following:
Integrated logins allow users to use a single login name and password to log onto both the Windows NT/2000/XP operating systems and onto a database. An external login name is associated with a database user ID. When you attempt an integrated login, you log onto the operating system by giving both a login name and password. The operating system then tells the server who you are, and the server logs you in as the associated database user ID. No additional login name or password are required.
There are some security implications of integrated logins to consider. For example, leaving the user profile Guest enabled with a blank password can permit unrestricted access to a database that is hosted by that server. Literally any user can log in to the server using any login ID and any password because they are logged in by default to the Guest user profile.
For more information, see the following:
Increasing password security
Controlling the tasks users can perform
Designing database objects for security