Securing Database Resources › Securing Access to Non-SQL-Defined Databases › Using Database Procedures
Using Database Procedures
What You can Do
You can use a database procedure to enforce user-defined security rules for non-SQL-defined databases. The procedure can make use of centralized security to actually do the checking which in turn will invoke an external package if appropriate.
What is a Database Procedure
A database procedure is a user-written exit specified as part of the schema definition of the non-SQL-defined database. Both area- and record-level procedures are supported. They allow you to specify which non-SQL DML verbs will cause invocation of the procedure.
Advantages of Database Procedures
- You can choose resource names for records which are meaningful in your environment.
- You can selectively check privileges based on the record or area and the type of access being performed, limiting the additional overhead incurred to only those resources which require a higher degree of security checking.
- Within the procedure you can apply additional rules based on such information as the content of the record (the equivalent of row-level security), the program name being used, and the contents of the BIND PROCEDURE block as passed from the application program.
- Facilities for caching information are provided.
Copyright © 2014 CA.
All rights reserved.
|
|