This chapter explains how SAS servers
retrieve SAS data for requesting users. For higher security environments,
especially sites that need to provide secure access to SAS tables
(data sets), this is essential information.
The central point of
the chapter is that different servers retrieve SAS files from the
operating system under different host identities. If you understand
the underlying factors and relationships, you can make informed choices
about data retrieval and risk. The discussion is organized as follows:
-
Identity Passing introduces
the concept of preservation of user identity and outlines the behavior
of each type of server.
-
Launch Credentials explains how
a server's host identity is specified and how you can assign a different
account to a server.
-
Host Access to SAS Tables explains the
risk of direct access that bypasses metadata controls and the concept
of mediated access.
-