From: Asphalt Blazer on 16 Feb 2010 12:24 Hi, I would like to use AUTHENTICATION=DATA_ENCRYPT parameter on my database for increased security. But I cannot find any in depth articles about it on the internet. I would like to know about the following: 1. If the data (SQL) is encrypted, will dynamic SQL snaphots show the SQL or does it show it in an encrypted format? Or is there a setting that needs to be done? 2. If type 4 drivers are used by the clients and they do not catalog the databases on the clients, will they be automatically using DATA_ENCRYPT or will it default to SERVER. Also, when using DATA_ENCRYPT, does the database need to be cataloged on the client even when using Type 4 drivers? 3. Are there any issues that this group has encountered regarding using DATA_ENCRYPT.
From: John on 22 Feb 2010 11:55 On Feb 16, 10:24 am, Asphalt Blazer <asphaltbla...(a)gmail.com> wrote: > Hi, > I would like to use AUTHENTICATION=DATA_ENCRYPT parameter on my > database for increased security. But I cannot find any in depth > articles about it on the internet. I would like to know about the > following: > > 1. If the data (SQL) is encrypted, will dynamic SQL snaphots show the > SQL or does it show it in an encrypted format? Or is there a setting > that needs to be done? > > 2. If type 4 drivers are used by the clients and they do not catalog > the databases on the clients, will they be automatically using > DATA_ENCRYPT or will it default to SERVER. Also, when using > DATA_ENCRYPT, does the database need to be cataloged on the client > even when using Type 4 drivers? > > 3. Are there any issues that this group has encountered regarding > using DATA_ENCRYPT. Try this link... http://lmgtfy.com/?q=db2+data+encryption+and+security+data_encrypt
From: Asphalt Blazer on 22 Feb 2010 13:04 On Feb 22, 11:55 am, John <jgleip...(a)gmail.com> wrote: > On Feb 16, 10:24 am, Asphalt Blazer <asphaltbla...(a)gmail.com> wrote: > > > > > Hi, > > I would like to use AUTHENTICATION=DATA_ENCRYPT parameter on my > > database for increased security. But I cannot find any in depth > > articles about it on the internet. I would like to know about the > > following: > > > 1. If the data (SQL) is encrypted, will dynamic SQL snaphots show the > > SQL or does it show it in an encrypted format? Or is there a setting > > that needs to be done? > > > 2. If type 4 drivers are used by the clients and they do not catalog > > the databases on the clients, will they be automatically using > > DATA_ENCRYPT or will it default to SERVER. Also, when using > > DATA_ENCRYPT, does the database need to be cataloged on the client > > even when using Type 4 drivers? > > > 3. Are there any issues that this group has encountered regarding > > using DATA_ENCRYPT. > > Try this link... > > http://lmgtfy.com/?q=db2+data+encryption+and+security+data_encrypt Thank You John. But with all due respect, if I could use google and get the answers to my questions, then I needn't have spent time asking questions here. Obviously I have searched before I posed the questions here. As I said in my previous email, I could not find any in depth articles. If I am wrong and you have a link to a specific article, please feel free to post the link.
From: Ian on 22 Feb 2010 14:18 On 2/16/10 10:24 AM, Asphalt Blazer wrote: > Hi, > I would like to use AUTHENTICATION=DATA_ENCRYPT parameter on my > database for increased security. But I cannot find any in depth > articles about it on the internet. I would like to know about the > following: > > 1. If the data (SQL) is encrypted, will dynamic SQL snaphots show the > SQL or does it show it in an encrypted format? Or is there a setting > that needs to be done? No. DATA_ENCRYPT encrypts communication on the wire between client and server. The idea is to prevent someone from inspecting TCP/IP packets coming down the wire. Nothing else. My understanding (although I could be wrong) is that the encryption is fairly weak -- and this is one of the reasons why SSL is now supported. SQL snapshots are not encrypted, ever. If they contain proprietary information, you need to control access to the snapshot facility. > 2. If type 4 drivers are used by the clients and they do not catalog > the databases on the clients, will they be automatically using > DATA_ENCRYPT or will it default to SERVER. Also, when using > DATA_ENCRYPT, does the database need to be cataloged on the client > even when using Type 4 drivers? When a DB2 client connects to the DB2 server, it "talks" with the server to decide how to communicate. If both client and server have been configured in the same manner (i.e. AUTHENTICATION = DATA_ENCRYPT on the server and the client is aware of this ahead of time) then everything is simple. If the client does not know what the server's AUTHENTICATION parameter is set to, the client and server negotiate to get the value of AUTHENTICATION.
|
Pages: 1 Prev: Alternative to COUNT(*) Next: federation server developer edition and asynchronous processing |