Table 13-1 describes the major tasks that are required to administer Adaptive Server in a secure manner and refers you to the documentation that contains the instructions for performing each task.
Task |
Description |
See |
|---|---|---|
1. Install Adaptive Server, including auditing. |
This task includes preparing for installation, loading files from your distribution medium, performing the actual installation, and administering the physical resources that are required. |
The installation documentation for your platform and Chapter 18, “Auditing.” |
2. Set up a secure administrative environment. |
This includes enabling auditing, granting roles to individual users to ensure individual accountability, assigning login names to system administrators and system security officers and establishing password and login policies. |
Chapter 14, “Managing Adaptive Server Logins, Database Users, and Client Connections” |
3. Add user logins to the server; add users to databases; establish groups and roles; set proxy authorization. |
Add logins, create groups, add users to databases, drop and lock logins, and assign initial passwords. Assign roles to users, create user-defined roles, and define role hierarchies and mutual exclusivity of roles. |
Chapter 14, “Managing Adaptive Server Logins, Database Users, and Client Connections” |
4. Administer permissions for users, groups, and roles. |
Grant and revoke permissions for certain SQL commands, executing certain system procedures, and accessing databases, tables, particular table columns, and views. Create access rules to enforce fine-grained access control. |
|
5. Configure encryption in your database to encrypt sensitive data in tables. Encrypt sensitive data. |
Configure Adaptive Server to use column-level encryption, decide which columnar data to encrypt, perform a one-time key creation operation, use alter table to perform initial data encryption. |
User Guide for Encrypted Columns |
6. Establish integrity controls over data. |
Add check constraints, domain roles, and referential constraints to validate incoming data. |
Adaptive Server Transactional-SQL User's guide and Reference Manual: Commands. |
7. Set up and maintain auditing. |
Determine what is to be audited, audit the use of Adaptive Server, and use the audit trail to detect penetration of the system and misuse of resources. |
Chapter 18, “Auditing,” and the Adaptive Server installation and configuration documentation for your platform |
8. Set up your installation for advanced authentication mechanisms and network security. |
Configure the server to use services, such as LDAP, PAM, or Kerberos- based User Authentication, data confidentiality with encryption, data integrity.. |
Chapter 16, “External Authentication” and Chapter 19, “Confidentiality of Data.” |
