Securing SAS Data

The Name Server helps SPD Server clients locate and connect to SPD Server hosts. The Name Server controls access to the SPD Server LIBNAME domains. The SPD Server administrator defines LIBNAME domains in an SPD Server LIBNAME parameter file.

When an SPD Server administrator starts a server on the host machine, SPD Server reads the spdssrv.parm parameter file and registers the domains that are listed in the parameter file with the Name Server. The Name Server remembers which SPD Server host or hosts have access to a given LIBNAME domain. If you want to specify a LIBNAME domain, you can do so using a LIBNAME statement or an SQL pass-through CONNECT statement. Your SPD Server administrator can provide you with a list of the LIBNAME domains that are mapped to your SPD Server host machine.

SPD Server uses Access Control Lists (ACLs) and SPD Server user IDs to secure domain resources. You obtain your user ID and password from your SPD Server administrator.

SPD Server supports ACL groups, which are similar to UNIX groups. SPD Server administrators can associate an SPD Server user with as many as five ACL groups.

ACL file security is turned on by default when an administrator starts an SPD Server. ACL permissions affect all SPD Server resources, including domains, tables, table columns, catalogs, catalog entries, and utility files. When ACL file security is enabled, SPD Server only grants access rights to the owner (creator) of an SPD Server resource. Resource owners can use PROC SPDO to grant ACL permissions to a specific group (ACL group) or to all SPD Server users.

The resource owner can use the following properties to grant ACL permissions to all SPD Server users:

The resource owner can use the following properties to grant ACL permissions to a named ACL group: