Ingres Q & A
From: rhh@tachy.uah.ualberta.ca (Roy Hann) Paul@pafpaf.demon.co.uk (Paul Farrow) writes: : Can any one help??? : : I have a client who wishes to use Powerbuilder with an Ingres backend : ie client server architecture. : : This will be for a financial institution so security is a must. : : I need tips on keeping everything secure. ie. Use DB procedures so that : the SQL can not be picked up, define roles etc etc : : Anything considered as I may of forgotten something Am I about to ignite a Holy War?? I don't think concealing the SQL is much good. Security that relies on ignorance or on application code is no security at all, in my exalted opinion. If you you have to hide what your SQL is doing to feel "secure" then you probably (IMO) have a yawning breach in your security that needs a real fix. Anyway, I haven't tried it, but I'd bet that setting II_EMBED_SET to 'printqry' will show you the SQL that goes on inside a database procedure pretty quick. The FIRST places to implement security are (a) right in the database engine, to prevent unauthorized access, and (b) in the network hardware, to prevent unauthorized eavesdropping. Since I know diddle about network security I shall leave that someone else, but my guess is eavesdropping is pretty darned easy. Some questions to ask yourself: are the underlying INGRES files secure? Can the disc be treated as a raw device? Are the the checkpoint tapes secure? And the system dumps? Can the entire machine be picked up and carried away?!! I am not sure roles do much to enhance security, in fact I am very uneasy about them. Suitable views might do better. If security is a REALLY big issue, look at INGRES/Enhanced Security. Call you local CA office for the info. Some people argue persuasively that INGRES/NET compromises security because it is possible (in principle) to "watch" it decrypt the client copy of the password that it sends to the server. If your application is juicy enough to attract that kind of attention it may be worth checking up on how feasible that kind of snooping really is. I don't think about security as much as I probably should, and we sure don't see much discussion of it here. I hope someone who actually knows something about it answers this poster's questions! --Roy Hann
Ingres Q & A
To William's Home Page
© William Yuan 2000
Email William