Product Documentation

Database Administrator's Guide

Previous Topic

Next Topic

Security

FairCom DB provides a variety of keywords that can be used for security purposes.

Note: FairCom DB File and User Security are available only when using the client/server operational model.

 
Encryption

 
ADMIN_ENCRYPT

Encrypt the FAIRCOM.FCS file at the time it is created.

 
ADVANCED_ENCRYPTION

Enable advanced encryption for files.

 
CHANGE_ENCRYPTION_ON_COMPACT

Change the encryption attributes of a file using the compact function from a client.

 
LOG_ENCRYPT

Camouflages the contents of the transaction logs to deter unauthorized access.

 
MASTER_KEY_FILE

Specifies a file from which c-tree reads the master encryption key.

 
User Access

 
LOGON_FAIL_LIMIT

Specifies the optional limit on the number of consecutive failed logons that causes subsequent logon attempts to fail for LOGON_FAIL_TIME minutes.

 
LOGON_FAIL_TIME

The length of time logons are blocked after the logon limit is exceeded.

 
LOGON_MUST_TIME

Requires users to log on “at-least-once” within the specified time.

 
STARTUP_BLOCK_LOGONS

Prevents non-ADMIN user logons when the server is started.

 
Tamper-Proof Settings

These keywords affect people's ability to alter system integrity by overriding settings from a command line or by altering configuration files. See also Settings File.

 
NULL_STRING

Defines a symbol that represents a null string so that options can be blocked in the settings file without activating them.

 
COMPATIBILITY NO_COMMAND_LINE

Instructs FairCom DB to ignore command-line arguments.

 
COMPATIBILITY NO_CONFIG_FILE

Instructs FairCom DB to ignore the standard configuration file, ctsrvr.cfg.

 
Restrictions

 
ENABLE_TRANSFER_FILE_API

Enables the file transfer function, ctTransferFile(), which is used to transfer a file to or from the server.

 
FILEDEF_SECURITY_LEVEL

Protects the resource APIs, ADDRES(), UPDRES(), and DELRES(), with safeguards against unauthorized modification of file definition resources such as IFIL definitions, conditional indexes, row-level filters, etc.

 
Security-Related Compatibility Options

 
COMPATIBILITY NONADMIN_FILBLK

Permits a non-ADMIN user to set a file block if the blocking user has the file opened with update permissions.

 
COMPATIBILITY NONADMIN_QUIET

Permits a non-ADMIN user to call ctQuiet() to quiesce the server.

 
COMPATIBILITY NONADMIN_TRANSFER_FILE

Permits a non-ADMIN user to call ctTransferFile() to transfer a file.

 
COMPATIBILITY NON_ADMIN_SHUTDOWN

Allows non-ADMIN users to shut down the Server.

TLS

See Client Communication Keywords TLS

In This Section

ADMIN_ENCRYPT

ADVANCED_ENCRYPTION

ALLOW_MASTER_KEY_CHANGE

CHANGE_ENCRYPTION_ON_COMPACT

COMPATIBILITY NO_COMMAND_LINE

COMPATIBILITY NO_CONFIG_FILE

COMPATIBILITY NON_ADMIN_SHUTDOWN

COMPATIBILITY NONADMIN_FILBLK

COMPATIBILITY NONADMIN_QUIET

COMPATIBILITY NONADMIN_TRANSFER_FILE

COMPATIBILITY SQLIMPORT_ADMIN_PASSWORD

DEBUG_LOG

ENABLE_TRANSFER_FILE_API

FILEDEF_SECURITY_LEVEL

LOG_ENCRYPT

LOGON_FAIL_LIMIT

LOGON_FAIL_TIME

LOGON_MUST_TIME

MASTER_KEY_FILE

MASTER_KEY_LIB

NULL_STRING

OPENSSL_ENCRYPTION

READONLY_SERVER

SERVER_CERTIFICATE_FILE

SERVER_ENCRYPTED_STORE_FILE

SERVER_PRIVATE_KEY_FILE

SSL_CIPHERS

SSL_CONNECTIONS_ONLY

STARTUP_BLOCK_LOGONS

VERIFY_CLIENT_CERTIFICATE

X509_AUTHENTICATION

TOCIndex