Cloudscape and Security,
Page 8 of 9


[top]
[prev]
[next]
Documentation Top
Global Index
Reference Manual
TOC Index
Grammar index
Developer's Guide
TOC Index
Tuning Cloudscape
TOC Index

Notes on the Cloudscape Security Features

Because Cloudscape does not support traditional grant and revoke features, the security model has some basic limitations. For both embedded and client/server systems, it assumes that users are trusted. You must trust your full-access users not to perform undesirable actions.

In addition, in the Cloudscape system, it is not necessary to have a specific connection (or permission to access a particular database) to shut down the system. Any authenticated user can shut down the system.

However, a sophisticated user with the database encryption key might be able to physically change those properties in the database files.

Other security holes to think about are:

  • JDK subversion, running the application under a home-grown JDK
  • trolling for objects
  • class substitution, locating a class that has access to sensitive data and replacing it with one that passes on information

For notes on the security limitations in a distributed, synchronized Cloudscape system, see the Cloudscape Synchronization Guide.

[top]
[prev]
[next]


Cloudscape Version 3.0
For technical support, go to: www.cloudscape.com and click Support.
Copyright © 1998 and 1999 Cloudscape, Inc. All rights reserved.