Previous Page | Next Page

Data Integrity and Security

DBMS Security


Privileges

The database administrator controls who has privileges to access or update DBMS objects. This person also controls who can create objects, and creators of the objects control who can access the objects. A user cannot use DBMS facilities to access DBMS objects through SAS/ACCESS software unless the user has the appropriate DBMS privileges or authority on those objects. You can grant privileges on the DBMS side by using the SQL pass-through facility to EXECUTE an SQL statement, or by issuing a GRANT statement from the DBLOAD procedure SQL statement.

You should give users only the privileges on the DBMS that they must have. Privileges are granted on whole tables or views. You must explicitly grant to users the privileges on the DBMS tables or views that underlie a view so they can use that view.

See your DBMS documentation for more information about ensuring security on the DBMS side of the interface.


Triggers

If your DBMS supports triggers, you can use them to enforce security authorizations or business-specific security considerations. When and how triggers are executed is determined by when the SQL statement is executed and how often the trigger is executed. Triggers can be executed before an SQL statement is executed, after an SQL statement is executed, or for each row of an SQL statement. Also, triggers can be defined for DELETE, INSERT, and UPDATE statement execution.

Enabling triggers can provide more specific security for delete, insert, and update operations. SAS/ACCESS abides by all constraints and actions that are specified by a trigger. For more information, see the documentation for your DBMS.

Previous Page | Next Page | Top of Page