3.1 What are the key elements of security in SQL?
Key points
In TurboIMAGE, security is implemented based on how users need to use the
database. User classes are set up for each unique set of users.
Associated with each user class is a number (1 to 63) and a password. The
class number is used in the database schema to indicate whether or not the
class has read, write or update access to a particular data set or to a subset
of data items.
When you initiate access to the database, you supply the password to establish
the user class. More than one user can use the same password.
In SQL, security is also implemented based on how users need to use the
database, but using a different scheme:
- WHO
- Normally, each user has a unique DBEUserID. On MPE/iX, the format of a
DBEUserID is user@account (for example, wolfgang@mrkting). Two or more users
would share the same DBEUserID only if the the System Manager allowed the users
to use the same user and account information when logging on to the machine.
On HP-UX, the format of a DBEUserID is the same as the logon name.
- A group is similar to a TurboIMAGE class. Use the
CREATE GROUP and ADD USER statements to add users
to groups:
isql=> CREATE GROUP mygroup;
isql=> ADD USER wolfgang@mrkting TO GROUP mygroup;
isql=> ADD USER joe@brown TO GROUP mygroup;
isql=> COMMIT WORK;
- WHAT
- Authorities are similar to read and write class lists in TurboIMAGE:
- Read access is similar to SELECT authority in SQL.
- Update access (which also provides read access) is similar to
the sum of SELECT and UPDATE authorities in SQL.
- Write access (which also provides read and update access) is similar
to the sum of SELECT, UPDATE, INSERT, and DELETE authorities in SQL.
Page last updated on November 29, 1995
|
Printable version
