For many installations, the role of the security administrator is assumed by the database administrator. The security administrator addresses issues surrounding the following topics:
Authentication — Authentication assures that the identity asserted by one entity can be validated as authentic. For example, when a user logs on to an application, the authentication service assures that the user is permitted to access the application and its features.
Authorization — Authorization grants or denies an entity access to capabilities based on the entity's validated identity.
Auditing — Auditing is the action of generating a trail of secure and nonrepudiatable events during the execution of a business process. Auditing provides a history of application and data events that can be used to validate that all audited users and components, and their actions, were both anticipated and legal in the context of the application and its environment.
Encryption — Transparent data encryption provides for data privacy of specified database objects while the data is "at rest" in your OpenEdge database, regardless of the location of the database or who has a copy of it. OpenEdge combines various cryptography technologies and processes to provide the security administrator with control over who can gain access to private, encrypted data.
For detailed information regarding security topics, see OpenEdge Getting Started: Core Business Services - Security and Auditing.
Authentication — Authentication assures that the identity asserted by one entity can be validated as authentic. For example, when a user logs on to an application, the authentication service assures that the user is permitted to access the application and its features.