Table 13-1 describes the major tasks that are required to securely administer Adaptive Server and refers you to the documentation that contains the instructions for performing each task.
Task |
Description |
See |
---|---|---|
1. Install Adaptive Server, including auditing. |
This task includes preparing for installation, loading files from your distribution medium, performing the actual installation, and administering required physical resources. |
The installation documentation for your platform and Chapter 18, “Auditing” |
2. Set up a secure administrative environment. |
This includes enabling auditing, granting roles to individual users to ensure individual accountability, assigning login names to system administrators and system security officers, and establishing password and login policies. |
Chapter 14, “Managing Adaptive Server Logins, Database Users, and Client Connections” |
3. Add user logins to the server; add users to databases; establish groups and roles; set proxy authorization. |
Add logins, create groups, add users to databases, drop and lock logins, and assign initial passwords. Assign roles to users, create user-defined roles, and define role hierarchies and mutual exclusivity of roles. |
Chapter 14, “Managing Adaptive Server Logins, Database Users, and Client Connections” |
4. Administer permissions for users, groups, and roles. |
Grant and revoke permissions for certain SQL commands, executing certain system procedures, and accessing databases, tables, particular table columns, and views. Create access rules to enforce fine-grained access control. |
|
5. Configure encryption in your database to encrypt sensitive data in tables. Encrypt sensitive data. |
Configure Adaptive Server to use column-level encryption, decide which columnar data to encrypt, perform a one-time key creation operation, and use alter table to perform initial data encryption. |
Users Guide for Encrypted Columns |
6. Establish integrity controls over data. |
Add check constraints, domain roles, and referential constraints to validate incoming data. |
Transact-SQL Users guide and Reference Manual: Commands |
7. Set up and maintain auditing. |
Determine what is to be audited, audit the use of Adaptive Server, and use the audit trail to detect penetration of the system and misuse of resources. |
Chapter 18, “Auditing,” and the Adaptive Server installation and configuration documentation for your platform |
8. Set up your installation for advanced authentication mechanisms and network security. |
Configure the server to use services, such as LDAP, PAM, or Kerberos- based user authentication, data confidentiality with encryption, data integrity. |
Chapter 16, “External Authentication” and Chapter 19, “Confidentiality of Data” |