The ADABAS DBMS
offers security options through both ADABAS and
NATURAL. To protect your ADABAS data,
you can use either form of security, or you can have both work together.
ADABAS provides a security
facility to prevent unauthorized access to data stored in ADABAS files.
Security is available through password protection and by maintaining data
in enciphered form.
|
passwords |
provide protection at the ADABAS file
level, data field level, and data value level. These security options are
defined with the SECURITY utility ADASCR and are stored in the ADABAS Security
system file.
To access an ADABAS file
protected by a password, you must provide the valid password. Each data field
in an ADABAS file can be assigned up
to fifteen levels of read and update security. A user password specifies
the authority for the data field, and ADABAS automatically
determines whether the user is authorized to perform the requested operation.
If the permission level of a user's password is equal to or greater than
the permission level for the file the user is trying to access, access is
granted. Any ADABAS file can be protected
on individual data field values. In this case, the password specifies value
restrictions on logical records to be selected, read, and updated. |
|
cipher codes |
are simple numeric codes that you can assign using the
ADACMP utility when creating an ADABAS file.
Ciphering renders data records unreadable when they are not displayed with
an ADABAS program or utility. You
must supply this cipher code in order to access the enciphered data. |
Note: System information such as DDM and
NATURAL SECURITY information is also stored in ADABAS files;
they too can be password-protected or enciphered. ![[cautionend]](../../../../common/61925/HTML/default/images/cautend.gif)
NATURAL provides an optional security system that controls the access and
use of the NATURAL environment. You can restrict the use of whole application
systems, individual programs and functions, and the access to DDMs.
Security is accomplished by defining objects and the
relationships among these objects. There are three objects that you need
to be familiar with when accessing data through NATURAL DDMs with the SAS/ACCESS interface:
users, libraries, and files.
|
users |
can be people, computers, or groups
of either, with assigned
identifiers. The user identifier identifies the user to NATURAL SECURITY
and controls user activity during a NATURAL session. The identifier is unique
to NATURAL and can be up to eight characters long. Each user identifier can
have an associated eight-character password. |
|
libraries |
contain sets of NATURAL source
programs, object modules, or
both that perform a particular function, with assigned identifiers. Stored
in the library data are the ADABAS passwords
or cipher codes to enable NATURAL programs to work with ADABAS Security.
The library identifier identifies the library and the ADABAS file
it is authorized to access to NATURAL SECURITY. The identifier is unique
to NATURAL and can be up to eight characters long. |
|
files |
are the NATURAL DDMs based on ADABAS
files. |
Relationships, called Links, are defined among these objects.
These links define which users can use a library and which files a library
are accessible. The users, libraries, files, and links are all stored in
the NATURAL Security system file, which can also be protected with an ADABAS password
or cipher code since it is an ADABAS file.
For example, one user identifier and library might be able to access a DDM
for read only, while another user identifier and library might be able to
read and update the same DDM.
Copyright © 2007 by SAS Institute Inc., Cary, NC, USA. All rights reserved.
