Release 10.1A: OpenEdge Data Management:
SQL Development

Database security basics

Because SQL facilitates easy access to databases, the security of your data becomes a major concern in the creation and maintenance of your OpenEdge database. Use the OpenEdge SQL Data Control Language (DCL) to define a security framework that appropriately restricts or allows access to your data. Consider the following factors.

Users

Who are the people using the database? What roles do they play in the operation of the database? For instance, only a human resource staff should have access to personnel records within a company’s database, and only accounting personnel should be granted access to payroll data.

Privileges

How are users allowed to interact with the database? Only qualified personnel should be able to update or delete sensitive data such as customer account profiles, merchandise pricing, employee records, or audit data.

Database objects

Database administrators can grant privileges to specific tables, views, or even entire databases. Some tables contain sensitive data and, therefore, access is restricted to a few individuals. Other tables might be available to a wide audience. For instance, a company that sells merchandise online might wish to make public the entire line of products it sells.