Securing the Database

This topic outlines how to make your data and the access to your database more secure.

Obfuscating Sensitive Data

Sensitive data, such as passwords and Login objects, is obfuscated before being transmitted to the database using industry standards. By obfuscating the connection to the database management system, you can add an additional security layer to your system.

Obfuscating the SQL Connection

During setup you have to configure the connection to the database management system. The default installation uses a connection to the database that is not encoded. Depending on your requirements, for example the network infrastructure, that kind of connection can be read by an attacker, which can lead to information leakage.

Depending on your database, you may have to add additional parameters to the ODBC connection string. You have to set these parameters in the configuration file (ucsrv.ini) of the Automation Engine. For more information, see Automation Engine INI file.

Refer to your vendor's documentation for details.

Obfuscating Passwords in Configuration Files

The user name and the password for database access has to be stored in the configuration file of the Automation Engine and utilities. For security reasons it is recommended to obfuscate that information.

You can obfuscate the credentials by using the UCYBCRYP utility. For more information, see Obfuscating Passwords.

Defining a Dedicated Database User for SQLI and SEC_SQLI VARA Objects

Usually, the connection between the AE and the AE database is established as defined in the ODBC section, keysqlDriverConnect of the AE's INI file. The user that you specify there needs full permissions for all AE processes to work properly. This is the database user that is used when executing SEC_SQLI or SQLI VARA objects.

You can configure the system to use a different database user with less privileges to access the AE database when executing SQLI and SEC_SQLI VARA objects. You do so by defining a DB Login object that contains the credentials of the AE database user and by specifying that Login object in the SQLI_LOGIN key of the UC_SYSTEM_SETTINGS variable. If both prerequisites are true (the DB Login object exists and it is defined in the SQLI_LOGIN variable), the specified database user is used to establish the connection. This adds an extra security layer by restricting the access rights of the database user to, for example, just read-only. This ensures that SQLI and SEC_SQLI VARA objects can read data from the database but cannot modify or delete it.

To apply this security feature you must configure a Login object and the SQLI_LOGIN variable. This is how you do it:

  1. In Client 0, create a Login (LOGIN) object of type DB that contains the credentials (user name and password) of the AE database user.

  2. In Client 0, add the following key to the UC_SYSTEM_SETTINGS variable: SQLI_LOGIN.

  3. In SQLI_LOGIN, enter the name of the Login object that you have just created.

See also:

Security and System Hardening