Database Administrator's Guide

Security Keywords

FairCom DB provides a variety of keywords that can be used for security purposes.

Note: FairCom DB File and User Security are available only when using the client/server operational model.

 
Encryption

 
ADMIN_ENCRYPT

Encrypt the FAIRCOM.FCS file at the time it is created.

 
ADVANCED_ENCRYPTION

Enable advanced encryption for files.

 
CHANGE_ENCRYPTION_ON_COMPACT

Change the encryption attributes of a file using the compact function from a client.

 
LOG_ENCRYPT

Camouflages the contents of the transaction logs to deter unauthorized access.

 
MASTER_KEY_FILE

Specifies a file from which c-tree reads the master encryption key.

 
User Access

 
LOGON_FAIL_LIMIT

Specifies the optional limit on the number of consecutive failed logons that causes subsequent logon attempts to fail for LOGON_FAIL_TIME minutes.

 
LOGON_FAIL_TIME

The length of time logons are blocked after the logon limit is exceeded.

 
LOGON_MUST_TIME

Requires users to log on “at-least-once” within the specified time.

 
STARTUP_BLOCK_LOGONS

Prevents non-ADMIN user logons when the server is started.

 
Tamper-Proof Settings

These keywords affect people's ability to alter system integrity by overriding settings from a command line or by altering configuration files. See also Settings File.

 
NULL_STRING

Defines a symbol that represents a null string so that options can be blocked in the settings file without activating them.

 
COMPATIBILITY NO_COMMAND_LINE

Instructs FairCom DB to ignore command-line arguments.

 
COMPATIBILITY NO_CONFIG_FILE

Instructs FairCom DB to ignore the standard configuration file, ctsrvr.cfg.

 
Restrictions

 
ENABLE_TRANSFER_FILE_API

Enables the file transfer function, ctTransferFile(), which is used to transfer a file to or from the server.

 
FILEDEF_SECURITY_LEVEL

Protects the resource APIs, ADDRES(), UPDRES(), and DELRES(), with safeguards against unauthorized modification of file definition resources such as IFIL definitions, conditional indexes, row-level filters, etc.

 
Security-Related Compatibility Options

 
COMPATIBILITY NONADMIN_FILBLK

Permits a non-ADMIN user to set a file block if the blocking user has the file opened with update permissions.

 
COMPATIBILITY NONADMIN_QUIET

Permits a non-ADMIN user to call ctQuiet() to quiesce the server.

 
COMPATIBILITY NONADMIN_TRANSFER_FILE

Permits a non-ADMIN user to call ctTransferFile() to transfer a file.

 
COMPATIBILITY NON_ADMIN_SHUTDOWN

Allows non-ADMIN users to shut down the Server.

In This Section ADMIN_ENCRYPT ADVANCED_ENCRYPTION ALLOW_MASTER_KEY_CHANGE CHANGE_ENCRYPTION_ON_COMPACT COMPATIBILITY NO_COMMAND_LINE COMPATIBILITY NO_CONFIG_FILE COMPATIBILITY NONADMIN_FILBLK COMPATIBILITY NONADMIN_QUIET COMPATIBILITY NONADMIN_TRANSFER_FILE COMPATIBILITY NON_ADMIN_SHUTDOWN ENABLE_TRANSFER_FILE_API FILEDEF_SECURITY_LEVEL LOG_ENCRYPT LOGON_FAIL_LIMIT LOGON_FAIL_TIME LOGON_MUST_TIME MASTER_KEY_FILE MASTER_KEY_LIB NULL_STRING OPENSSL_ENCRYPTION READONLY_SERVER STARTUP_BLOCK_LOGONS COMPATIBILITY SQLIMPORT_ADMIN_PASSWORD