Database security

2 Introduction

Database security

The Eloquence A.06.00 database has a different security concept than the previous version. The database server maintains its own user list (stored in the server catalog). For each database, there are authorization groups where database specific privileges are assigned to. Users can become a member of those authorization groups and will have all rights granted to this group.

The users "dba" (administrator) and "public" (generic user) are predefined when the database environment is created. The "PASSWORDS" defined in the database schema are converted into authorization groups and the read/write list is converted to the apropriate privileges.

Eloquence has a new statement to deal with this:

DBLOGON(User$, Passwd$)

This will save the provided user id and password for a later connect to the database server. If you omit the DBLOGON statement, the user "public" will be assumed. When you do the first DBOPEN on a database server, the authorization information is submitted and verified by the server.

The Password field in the DBOPEN statement is no longer used, because the access capabilites are defined by the user/group.

The capabilities of a user for a specific database depends on the groups he/she is associated with. So while you cannot delete the predefined users, you can simply remove them from all authorization groups for a particular database and they end up with no access or deny the connect privilege and the server will deny the connection at all.

A sensible administrator would create real user names and associate them with authorization groups. As an additional benefit, you have a single user name/password for all databases (on a single server). Schema associates the public user with all authorization groups but this can easily be changed with the dbutil utility.

The user name is a random name, for example "marc". The password is an arbitrary string, eg. "The secret password". The server will validate the user and password on connction and associate the session with effective privileges.

A user may be a member of up to 8 groups per database. It will get all capabilities associated with those groups. There is no limit on the number of user names and groups.

User privileges

User capabilities which are not database specific are specified by user privileges. The following user privileges are available:

DBA: The user has server administration privileges
CONNECT: The user is allowed to connect the server. This is implied if a user has the DBA privilege.
UADMIN: The user is allowed to administrate user accounts

Group privileges

The Eloquence database uses groups (profiles) to manage database specific privileges. When a user is associated with a group, it will gain all capabilities granted to the group.

Group capabilities which are not data set specific are specified by group privileges. The following group privileges are available:

DADMIN: Group members have administration privileges for this database (this is implied for users which have the DBA privilege).
DBPRIV: Group members are allowed to assign database specific privileges.

Table privileges

The Eloquence database uses groups to manage database specific privileges. Table (or data set) specific privileges are granted to groups. When a user is associated with a group, it will gain all capabilities granted to the group.

The following table specific privileges are available:

READ: Group members are allowed to read the dataset
WRITE: Group members are allowed to write to the dataset This implies the READ privilege.
ERASE: Group members are allowed to erase the dataset.

Predefined users

When a new database environment is created (by dbvolcreate), two users are predefined.

Predefined users
user id Description Default Privileges
dba default administration user. DBA, UADMIN
public Default user. This is used when no user id is known when opening a database (missing DBLOGON before opening a database) and is provided for backward compatibility. CONNECT

Predefined users
user id	Description	Default Privileges
dba	default administration user.	DBA, UADMIN
public	Default user. This is used when no user id is known when opening a database (missing DBLOGON before opening a database) and is provided for backward compatibility.	CONNECT

NOTE: The default users should not be deleted, as they are used when creating a new database to provide a default. If you don't want them, simply remove the user privileges and they are no longer active.

Predefined groups

When a new database catalog is created (by schema), two groups are created automatically in addition to the groups defined by schema:

group id Privileges Assigned users
dba GADMIN, DBPRIV dba
public public
As defined in schema As defined in schema public

group id	Privileges	Assigned users
dba	GADMIN, DBPRIV	dba
public		public
As defined in schema	As defined in schema	public

Privilege usage


Operation	Privileges
Connect to the server	CONNECT or DBA
Manage database user	UADMIN
Manage user privileges	UADMIN
Create database catalog (schema)	DBA
Add database group	DBPRIV
Assign user to database group	DBPRIV
Manage group privileges	DBPRIV
Create a database (DBCREATE)	DBA or DADMIN
Purge a database (DBPURGE)	DBA or DADMIN
Erase data sets	DBA, DADMIN or ERASE privilige on specific data set

Eloquence Database Manual - 19 DEC 2002