Common ODBC strategies that are not secure

Avoid some common IBM® i Access ODBC security techniques to ensure your environment is secure.

Sometimes system administrators attempt to secure access to the data, rather than securing the data itself. This is extremely risky, as it requires that administrators understand ALL of the methods by which users can access data. Some common ODBC security techniques to avoid are:

Command line security

This may be useful for a character-based interface or for 5250 emulation-based applications. However, this method assumes that if you prevent users from entering commands in a 5250 emulation session, they can access data only through the programs and menus that the system administrator provides to them. Therefore, command line security is never truly secure. The use of IBM i Access policies and Application Administration improve security, and use of object level authority improves it even more.

Potentially, IBM i Access policies can restrict ODBC access to a particular data source that might be read only. Application Administration in IBM Navigator for i can prevent ODBC access.

For additional information, see the IBM Security - Reference.

User exit programs

A user exit program allows the system administrator to secure an IBM-supplied host server program. The IBM i Access ODBC driver uses the Database host server: exit points QIBM_QZDA_INIT; QIBM_QZDA_NDBx; and QIBM_QZDA_SQLx. Some ODBC drivers and IBM i Access data access methods (such as OLE DB) may use other host servers.

Journals

Journaling often is used with client/server applications to provide commitment control. The journals contain detailed information on every update made to a file that is being journaled. The journal information can be formatted and queried to return specific information, including:

  • The user profiles that updated the file
  • The records that were updated
  • The type of update

Journaling also allows user-defined journal entries. When used with a user exit program or trigger, this offers a relatively low-overhead method of maintaining user-defined audits. For further information, see the Backup and Recovery.

Data Source Name (DSN) restrictions

The IBM i Access ODBC driver supports a DSN setting to give read-only access to the database. The IBM i Access ODBC driver supports a read-only and a read-call data source setting. Although not secure, these settings can assist in preventing inadvertent delete and update operations.