Home
SecurityYou can secure your HCL OneDB™ database server and the data that is stored in your HCL OneDB™ databases. You can encrypt data, secure connections, control user privileges and access, and audit data security.
Security in HCL OneDB™The HCL OneDB™ Security Guide documents methods for keeping your data secure by preventing unauthorized viewing and altering of data or database objects, including how to use the secure-auditing facility of the database server.
Securing data
Connection securityYou can administer the security of the connections to the database server by using authentication and authorization processes.
Trusted-context objects and trusted connections You can use trusted-context objects and trusted connections to increase system performance and security within a three-tier application model.
Creating a trusted-context object You must create trusted-context objects before you can create trusted connections to a database server.
Example of assigning user-specific privileges in a trusted-context object This example demonstrates how to assign user-specific privileges for a trusted connection by using the ROLE object. You can use the structure of this example to assign privileges for users of a trusted-context object.

Example of assigning user-specific privileges in a trusted-context object

This example demonstrates how to assign user-specific privileges for a trusted connection by using the ROLE object. You can use the structure of this example to assign privileges for users of a trusted-context object.

In this example, the trusted-context object tcx1 grants user newton a trusted connection if the request is coming from the IPv4 address 192.0.2.1. The trusted connection that newton is granted can be switched to brock without a password. The trusted connection can be switched to hayes, but hayes must provide a password.

newton is granted the default AUDITOR role and privileges. If the connection is switched to brock, brock is granted the default AUDITOR role and privileges. If the connection is switched to hayes, hayes is granted the specific MANAGER role and privileges instead of the AUDITOR role and privileges.

CREATE TRUSTED CONTEXT tcx1
  USER newton
  ATTRIBUTES (ADDRESS '192.0.2.1')
  DEFAULT ROLE AUDITOR
  ENABLE
  WITH USE FOR brock WITHOUT AUTHENTICATION,
               hayes WITH AUTHENTICATION ROLE MANAGER;

Rate this topic

5 stars 4 stars 3 stars 2 stars 1 star

Comment on this topic.

By clicking this box, you acknowledge that you are NOT a U.S. Federal Government employee or agency, nor are you submitting information with respect to or on behalf of one. HCL provides software and services to U.S. Federal Government customers through its partners immixGroup, Inc. Contact this team at https://hcltechsw.com/resources/us-government-contact. Do not include any personal data in this Comment box.