DB2 Database Asset Protection Standards:

From HORSE - Holistic Operational Readiness Security Evaluation.
Revision as of 14:37, 15 May 2007 by Mdpeters (talk | contribs) (New page: INSTEAD OF triggers. In addition to native support for INSERT , UPDATE , and DELETE , Secure.Data supports INSTEAD OF triggers that perform Secure.Data operations transparently.<br> <br> C...)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

INSTEAD OF triggers. In addition to native support for INSERT , UPDATE , and DELETE , Secure.Data supports INSTEAD OF triggers that perform Secure.Data operations transparently.

Control of external routines. Secure.Data user-defined functions (UDFs), methods, and stored procedures can interfere with the execution of other external routines or the database, so security restrictions on these routines are important. DB2 v.8.1 defines new authorities to explicitly control creation of these external routines. The routine EXECUTE can only be used in SQL statements when the routine definer has the EXECUTE privilege on any packages used by the routine.

New authorities for registering external routines. The new CREATE_EXTERNAL_ROUTINE authority is required to register external routines (such as stored procedures, UDFs, and methods).

NOT FENCED routine restrictions. DB2 UDB NOT FENCED UDFs boost the performance of Secure.Data operations. NOT FENCED routines run in the same process as the database manager. The CREATE_NOT_FENCED_ROUTINE authority is required to register NOT FENCED routines, limiting the risk to introduce routines that may corrupt the database manager's shared memory or damage the database control structures. NOT FENCED routines can also corrupt databases and their tables.

Retrieved from "http://horseproject.wiki/index.php?title=DB2_Database_Asset_Protection_Standards:&oldid=4297"