You are viewing a plain text version of this content. The canonical link for it is here.
Posted to derby-commits@db.apache.org by ch...@apache.org on 2014/05/19 22:09:36 UTC
svn commit: r1596037 [7/13] - in /db/derby/docs/trunk: ./ src/security/
Added: db/derby/docs/trunk/src/security/csecintroderbydefenses.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/security/csecintroderbydefenses.dita?rev=1596037&view=auto
==============================================================================
--- db/derby/docs/trunk/src/security/csecintroderbydefenses.dita (added)
+++ db/derby/docs/trunk/src/security/csecintroderbydefenses.dita Mon May 19 20:09:33 2014
@@ -0,0 +1,88 @@
+<?xml version="1.0" encoding="utf-8"?>
+
+<!DOCTYPE concept PUBLIC "-//OASIS//DTD DITA Concept//EN"
+ "../dtd/concept.dtd">
+<!--
+Licensed to the Apache Software Foundation (ASF) under one or more
+contributor license agreements. See the NOTICE file distributed with
+this work for additional information regarding copyright ownership.
+The ASF licenses this file to You under the Apache License, Version 2.0
+(the "License"); you may not use this file except in compliance with
+the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+-->
+<concept id="csecintroderbydefenses" xml:lang="en-us">
+<title><ph conref="../conrefs.dita#prod/productshortname"></ph> defenses against
+threats</title>
+<shortdesc><ph conref="../conrefs.dita#prod/productshortname"></ph> provides
+numerous defenses against security threats.</shortdesc>
+<prolog></prolog>
+<conbody>
+<p>These defenses are described in the following table.</p>
+<table>
+<title><ph conref="../conrefs.dita#prod/productshortname"></ph> defenses</title>
+<desc>This table lists and describes defenses against threats, including who is responsible for implementing each defense.</desc>
+<tgroup cols="5" colsep="1" rowsep="1">
+<thead>
+<row valign="bottom">
+<entry colname="1">Defense</entry>
+<entry colname="2">Task Owner</entry>
+<entry colname="3">Description</entry>
+</row>
+</thead>
+<tbody>
+<row>
+<entry colname="1">Java security</entry>
+<entry colname="2">System Administrator</entry>
+<entry colname="3">Using a Java <codeph>SecurityManager</codeph> and policy
+file, the System Administrator can restrict the permissions granted to
+user-written code. The System Administrator can also restrict the permissions
+granted to <ph conref="../conrefs.dita#prod/productshortname"></ph>
+itself.</entry>
+</row>
+<row>
+<entry colname="1">SSL/TLS</entry>
+<entry colname="2">System Administrator</entry>
+<entry colname="3">The System Administrator can require that SSL/TLS be used to
+encrypt network traffic between
+<ph conref="../conrefs.dita#prod/productshortname"></ph> clients and servers,
+along the way raising an extra authentication hurdle.</entry>
+</row>
+<row>
+<entry colname="1">Encryption</entry>
+<entry colname="2">Database Owner</entry>
+<entry colname="3">A Database Owner can require that the data for an application
+be encrypted before being stored on disk. This makes it expensive to steal and
+corrupt the data.</entry>
+</row>
+<row>
+<entry colname="1">Authentication</entry>
+<entry colname="2">Database Owner</entry>
+<entry colname="3">Using usernames and passwords, a Database Owner can restrict
+access to an application's data.</entry>
+</row>
+<row>
+<entry colname="1">Coarse-grained authorization</entry>
+<entry colname="2">Database Owner</entry>
+<entry colname="3">A Database Owner can divide an application's users into three
+groups: those with no privileges, those with read-only privileges, and those
+with read-write privileges.</entry>
+</row>
+<row>
+<entry colname="1">Fine-grained SQL authorization</entry>
+<entry colname="2">Database Owner</entry>
+<entry colname="3">By using SQL GRANT and REVOKE statements, a Database Owner
+can further restrict access to fine-grained pieces of data and code.</entry>
+</row>
+</tbody>
+</tgroup>
+</table>
+</conbody>
+</concept>
Propchange: db/derby/docs/trunk/src/security/csecintroderbydefenses.dita
------------------------------------------------------------------------------
svn:eol-style = native
Added: db/derby/docs/trunk/src/security/csecintromapping.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/security/csecintromapping.dita?rev=1596037&view=auto
==============================================================================
--- db/derby/docs/trunk/src/security/csecintromapping.dita (added)
+++ db/derby/docs/trunk/src/security/csecintromapping.dita Mon May 19 20:09:33 2014
@@ -0,0 +1,126 @@
+<?xml version="1.0" encoding="utf-8"?>
+
+<!DOCTYPE concept PUBLIC "-//OASIS//DTD DITA Concept//EN"
+ "../dtd/concept.dtd">
+<!--
+Licensed to the Apache Software Foundation (ASF) under one or more
+contributor license agreements. See the NOTICE file distributed with
+this work for additional information regarding copyright ownership.
+The ASF licenses this file to You under the Apache License, Version 2.0
+(the "License"); you may not use this file except in compliance with
+the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+-->
+<concept id="csecintromapping" xml:lang="en-us">
+<title>Defenses mapped to threats</title>
+<shortdesc>The following table maps defenses to examples of threats that they
+parry.</shortdesc>
+<prolog></prolog>
+<conbody>
+<p>This matrix can help you decide whether you need to configure specific
+defenses. Consult this table if you decide NOT to configure a defense -- make
+sure that you are still shielded from the corresponding threats.</p>
+<table>
+<title><ph conref="../conrefs.dita#prod/productshortname"></ph> defenses</title>
+<desc>For each defense, this table provides the threatened damages, attackers, attack techniques, and vulnerabilities.</desc>
+<tgroup cols="5" colsep="1" rowsep="1">
+<thead>
+<row valign="bottom">
+<entry colname="1">Defense</entry>
+<entry colname="2">Damages</entry>
+<entry colname="3">Attackers</entry>
+<entry colname="4">Techniques</entry>
+<entry colname="5">Vulnerabilities</entry>
+</row>
+</thead>
+<tbody>
+<row>
+<entry colname="1">Java security</entry>
+<entry colname="2">Theft, corruption, denial of service</entry>
+<entry colname="3">Insiders and outsiders</entry>
+<entry colname="4">Malware, physical access</entry>
+<entry colname="5">Network JDBC, unbounded growth, CPU hogging, launch
+privileges, user code, open source</entry>
+</row>
+<row>
+<entry colname="1">SSL/TLS</entry>
+<entry colname="2">Theft and corruption</entry>
+<entry colname="3">Insiders and outsiders</entry>
+<entry colname="4">Man-in-the middle, eavesdropping, physical access</entry>
+<entry colname="5">Network JDBC, cleartext traffic</entry>
+</row>
+<row>
+<entry colname="1">Encryption</entry>
+<entry colname="2">Theft and corruption</entry>
+<entry colname="3">Chiefly insiders</entry>
+<entry colname="4">Physical access</entry>
+<entry colname="5">Open source</entry>
+</row>
+<row>
+<entry colname="1">Authentication</entry>
+<entry colname="2">Theft, corruption, denial of service</entry>
+<entry colname="3">Insiders and outsiders</entry>
+<entry colname="4">Probing</entry>
+<entry colname="5">Superusers</entry>
+</row>
+<row>
+<entry colname="1">Coarse-grained authorization</entry>
+<entry colname="2">Theft, corruption, denial of service</entry>
+<entry colname="3">Insiders and outsiders</entry>
+<entry colname="4">Probing</entry>
+<entry colname="5">Superusers</entry>
+</row>
+<row>
+<entry colname="1">Fine-grained SQL authorization</entry>
+<entry colname="2">Theft, corruption, denial of service</entry>
+<entry colname="3">Insiders and outsiders</entry>
+<entry colname="4">Probing</entry>
+<entry colname="5">Superusers</entry>
+</row>
+<row>
+<entry colname="1">Firewalls</entry>
+<entry colname="2">Theft, corruption, denial of service</entry>
+<entry colname="3">Insiders and outsiders</entry>
+<entry colname="4">Probing</entry>
+<entry colname="5">Network JDBC</entry>
+</row>
+<row>
+<entry colname="1">Accounts</entry>
+<entry colname="2">Theft, corruption, denial of service</entry>
+<entry colname="3">Insiders</entry>
+<entry colname="4">Man-in-the-middle, malware, physical access</entry>
+<entry colname="5">Launch privileges, user code</entry>
+</row>
+<row>
+<entry colname="1">Physical locks</entry>
+<entry colname="2">Theft, corruption, denial of service</entry>
+<entry colname="3">Insiders</entry>
+<entry colname="4">Man-in-the-middle, malware, physical access</entry>
+<entry colname="5">Launch privileges, user code</entry>
+</row>
+<row>
+<entry colname="1">Secure traffic</entry>
+<entry colname="2">Theft and corruption</entry>
+<entry colname="3">Insiders</entry>
+<entry colname="4">Man-in-the-middle, eavesdropping</entry>
+<entry colname="5">Cleartext traffic</entry>
+</row>
+<row>
+<entry colname="1">File permissions</entry>
+<entry colname="2">Theft, corruption, denial of service</entry>
+<entry colname="3">Insiders and outsiders</entry>
+<entry colname="4">Malware</entry>
+<entry colname="5">Launch privileges, user code, open source</entry>
+</row>
+</tbody>
+</tgroup>
+</table>
+</conbody>
+</concept>
Propchange: db/derby/docs/trunk/src/security/csecintromapping.dita
------------------------------------------------------------------------------
svn:eol-style = native
Added: db/derby/docs/trunk/src/security/csecintrootherdefenses.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/security/csecintrootherdefenses.dita?rev=1596037&view=auto
==============================================================================
--- db/derby/docs/trunk/src/security/csecintrootherdefenses.dita (added)
+++ db/derby/docs/trunk/src/security/csecintrootherdefenses.dita Mon May 19 20:09:33 2014
@@ -0,0 +1,49 @@
+<?xml version="1.0" encoding="utf-8"?>
+
+<!DOCTYPE concept PUBLIC "-//OASIS//DTD DITA Concept//EN"
+ "../dtd/concept.dtd">
+<!--
+Licensed to the Apache Software Foundation (ASF) under one or more
+contributor license agreements. See the NOTICE file distributed with
+this work for additional information regarding copyright ownership.
+The ASF licenses this file to You under the Apache License, Version 2.0
+(the "License"); you may not use this file except in compliance with
+the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+-->
+<concept id="csecintrootherdefenses" xml:lang="en-us">
+<title>Defenses outside of
+<ph conref="../conrefs.dita#prod/productshortname"></ph></title>
+<shortdesc>In addition to the defenses provided by
+<ph conref="../conrefs.dita#prod/productshortname"></ph>, you should take
+advantage of defenses provided by your machine and intranet.</shortdesc>
+<prolog></prolog>
+<conbody>
+<p> It is important to configure these defenses to protect
+<ph conref="../conrefs.dita#prod/productshortname"></ph> from attacks by both
+outsiders and insiders.</p>
+<ul>
+<li><b>Firewalls</b>: Limit network access to the machine that runs
+<ph conref="../conrefs.dita#prod/productshortname"></ph>.</li>
+<li><b>Accounts</b>: Limit login access to the machine that runs
+<ph conref="../conrefs.dita#prod/productshortname"></ph>. Centrally administer
+accounts using, for instance, an LDAP server.</li>
+<li><b>Physical locks</b>: Limit physical access to the machine that runs
+<ph conref="../conrefs.dita#prod/productshortname"></ph>.</li>
+<li><b>Secure traffic</b>: Encrypt the traffic that flows on your internal
+network.</li>
+<li><b>File permissions</b>: Restrict the file permissions granted to the
+account that launches
+<ph conref="../conrefs.dita#prod/productshortname"></ph>.</li>
+<li><b>Quotas</b>: Limit the file space and CPU that an account can
+consume.</li>
+</ul>
+</conbody>
+</concept>
Propchange: db/derby/docs/trunk/src/security/csecintrootherdefenses.dita
------------------------------------------------------------------------------
svn:eol-style = native
Added: db/derby/docs/trunk/src/security/csecintrosafer.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/security/csecintrosafer.dita?rev=1596037&view=auto
==============================================================================
--- db/derby/docs/trunk/src/security/csecintrosafer.dita (added)
+++ db/derby/docs/trunk/src/security/csecintrosafer.dita Mon May 19 20:09:33 2014
@@ -0,0 +1,58 @@
+<?xml version="1.0" encoding="utf-8"?>
+
+<!DOCTYPE concept PUBLIC "-//OASIS//DTD DITA Concept//EN"
+ "../dtd/concept.dtd">
+<!--
+Licensed to the Apache Software Foundation (ASF) under one or more
+contributor license agreements. See the NOTICE file distributed with
+this work for additional information regarding copyright ownership.
+The ASF licenses this file to You under the Apache License, Version 2.0
+(the "License"); you may not use this file except in compliance with
+the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+-->
+<concept id="csecintrosafer" xml:lang="en-us">
+<title>Designing safer <ph conref="../conrefs.dita#prod/productshortname"></ph>
+applications</title>
+<shortdesc>The following tips should help you write and deploy safer
+applications that use <ph conref="../conrefs.dita#prod/productshortname"></ph>.
+</shortdesc>
+<prolog></prolog>
+<conbody>
+<ul>
+<li><b>Create a launch account</b>: Create an operating system account for the
+System Administrator. This will be the account that launches
+<ph conref="../conrefs.dita#prod/productshortname"></ph>. This account should
+not be the operating system's superuser.</li>
+<li><b>Limit file permissions</b>: Limit the file permissions of this System
+Administrator account to just the directories that the application should be
+allowed to read and write. Do not grant read or write access on these
+directories to any other operating system accounts.</li>
+<li><b>Create a policy file</b>: Write your own Java Security policy that
+restricts the directories that
+<ph conref="../conrefs.dita#prod/productshortname"></ph> can access and the
+sockets on which it can accept connections. See
+<xref href="csecjavasecurity.dita"/> for more information.</li>
+<li><b>Prevent JDBC leaks</b>: Do not let JDBC connections leak outside your
+intranet's firewall. If possible, design your application so that external
+clients talk to an application server, which in turn communicates with
+<ph conref="../conrefs.dita#prod/productshortname"></ph>. Limit the JDBC
+connections to communication between the application server and
+<ph conref="../conrefs.dita#prod/productshortname"></ph>.</li>
+<li><b>Protect against injection</b>: Do not construct queries by concatenating
+strings that are filled in by clients. To parameterize your queries, use JDBC
+<codeph>?</codeph> parameters in <codeph>PreparedStatement</codeph>s.</li>
+<li><b>Deploy your shields</b>: By default, enable all defenses mentioned in
+this section. If you need to turn off a defense for performance reasons, then
+carefully consider how you will protect your application from the threats which
+that defense parries.</li>
+</ul>
+</conbody>
+</concept>
Propchange: db/derby/docs/trunk/src/security/csecintrosafer.dita
------------------------------------------------------------------------------
svn:eol-style = native
Added: db/derby/docs/trunk/src/security/csecintrothreats.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/security/csecintrothreats.dita?rev=1596037&view=auto
==============================================================================
--- db/derby/docs/trunk/src/security/csecintrothreats.dita (added)
+++ db/derby/docs/trunk/src/security/csecintrothreats.dita Mon May 19 20:09:33 2014
@@ -0,0 +1,83 @@
+<?xml version="1.0" encoding="utf-8"?>
+
+<!DOCTYPE concept PUBLIC "-//OASIS//DTD DITA Concept//EN"
+ "../dtd/concept.dtd">
+<!--
+Licensed to the Apache Software Foundation (ASF) under one or more
+contributor license agreements. See the NOTICE file distributed with
+this work for additional information regarding copyright ownership.
+The ASF licenses this file to You under the Apache License, Version 2.0
+(the "License"); you may not use this file except in compliance with
+the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+-->
+<concept id="csecintrothreats" xml:lang="en-us">
+<title>Threats to unsecured databases</title>
+<shortdesc>A threat is potential damage caused by an attacker using a technique
+to exploit a vulnerability. We have already seen examples of
+<ph conref="../conrefs.dita#prod/productshortname"></ph> vulnerabilities.
+Examples of damages, attackers, and techniques follow.</shortdesc>
+<prolog></prolog>
+<conbody>
+<p>Significant damages include the following.</p>
+<ul>
+<li><b>Denial-of-service attacks</b>: An attacker can monopolize resources on
+the host machine. For instance, an attacker can launch a runaway procedure on
+the <ph conref="../conrefs.dita#prod/productshortname"></ph> virtual machine,
+fill up the file system, or pepper the
+<ph conref="../conrefs.dita#prod/productshortname"></ph> server with incessant
+connection requests.</li>
+<li><b>Theft</b>: An attacker can read private information stored in a
+<ph conref="../conrefs.dita#prod/productshortname"></ph> database or transmitted
+across the network. With enough privileges and by exploiting application code
+visible on the classpath, an attacker can use
+<ph conref="../conrefs.dita#prod/productshortname"></ph> to read private
+information stored elsewhere on the server machine or even on other machines
+inside the firewall.</li>
+<li><b>Corruption</b>: An attacker can modify or destroy information stored in a
+<ph conref="../conrefs.dita#prod/productshortname"></ph> database or elsewhere
+inside the firewall.</li>
+</ul>
+<p>Attackers include the following.</p>
+<ul>
+<li><b>Insiders</b>: These are privileged persons who enjoy access to systems
+inside the firewall and maybe even to restricted machine rooms. Drunken System
+Administrators and disgruntled co-workers can cause significant damage.</li>
+<li><b>Outsiders</b>: These include politically motivated governments and
+guerillas, commercially motivated businesses and criminals, and thrill-seeking
+attackers.</li>
+</ul>
+<p>Techniques of attack include the following.</p>
+<ul>
+<li><b>SQL injection</b>: This technique plagues applications that construct
+queries by concatenating input from clients. A clever client can put SQL into
+these fields. That SQL, not intended by the application, then runs inside the
+database.</li>
+<li><b>Man-in-the-middle</b>: In this technique, the client believes that it is
+talking to the server. In reality, the connection has been intercepted by
+another machine. The device in the middle can examine and alter the
+traffic.</li>
+<li><b>Eavesdropping</b>: This is a special case of the man-in-the-middle
+attack. The attacker listens to the network traffic but does not interfere with
+it. An example of this technique is password sniffing, in which a machine in the
+middle intercepts the credentials handshake between client and server.</li>
+<li><b>Malware</b>: This is a general term for viruses, worms, trojan horses,
+and other intrusive or destructive code that can infect a machine.</li>
+<li><b>Probing</b>: This is the technical equivalent of jiggling door handles to
+see what doors are unlocked.</li>
+<li><b>Physical access</b>: This refers to the low-tech, brute-force technique
+of gaining physical access to a restricted area or machine and, for instance,
+exploiting superuser powers that might be available from a system's
+console.</li>
+<li><b>Social engineering</b>: This refers to the low-tech technique of gaining
+and abusing the confidence of someone who has the keys.</li>
+</ul>
+</conbody>
+</concept>
Propchange: db/derby/docs/trunk/src/security/csecintrothreats.dita
------------------------------------------------------------------------------
svn:eol-style = native
Added: db/derby/docs/trunk/src/security/csecintrovuln.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/security/csecintrovuln.dita?rev=1596037&view=auto
==============================================================================
--- db/derby/docs/trunk/src/security/csecintrovuln.dita (added)
+++ db/derby/docs/trunk/src/security/csecintrovuln.dita Mon May 19 20:09:33 2014
@@ -0,0 +1,56 @@
+<?xml version="1.0" encoding="utf-8"?>
+
+<!DOCTYPE concept PUBLIC "-//OASIS//DTD DITA Concept//EN"
+ "../dtd/concept.dtd">
+<!--
+Licensed to the Apache Software Foundation (ASF) under one or more
+contributor license agreements. See the NOTICE file distributed with
+this work for additional information regarding copyright ownership.
+The ASF licenses this file to You under the Apache License, Version 2.0
+(the "License"); you may not use this file except in compliance with
+the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+-->
+<concept id="csecintrovuln" xml:lang="en-us">
+<title>Vulnerabilities of unsecured databases</title>
+<shortdesc>If you do not configure
+<ph conref="../conrefs.dita#prod/productshortname"></ph> security, you must be
+aware of the following vulnerabilities.</shortdesc>
+<prolog></prolog>
+<conbody>
+<ul>
+<li><b>Network JDBC</b>: Network JDBC connections expose sensitive operations to
+use by persons who may not have account privileges on the database machine.</li>
+<li><b>Cleartext traffic</b>: By default, network traffic travels in
+cleartext.</li>
+<li><b>Unbounded growth</b>: Tables can grow arbitrarily large.</li>
+<li><b>CPU hogging</b>: Unbounded CPU cycles can be consumed by connection
+attempts, SQL queries, and user code running in the database.</li>
+<li><b>Superusers</b>: By default, all <ph conref="../conrefs.dita#prod/productshortname"></ph>
+users enjoy extensive powers to read and write in all databases.</li>
+<li><b>Launch privileges</b>:
+<ph conref="../conrefs.dita#prod/productshortname"></ph> procedural code
+executes with the operating system privileges of the account that launched the
+virtual machine. This includes system-supplied procedures as well as custom,
+user-coded procedures.</li>
+<li><b>User code</b>: Arbitrary user code can execute in the
+<ph conref="../conrefs.dita#prod/productshortname"></ph> virtual machine by
+means of user-coded functions and procedures.</li>
+<li><b>Open source</b>:
+<ph conref="../conrefs.dita#prod/productshortname"></ph>'s code itself is
+publicly visible as part of the
+<ph conref="../conrefs.dita#prod/productlongname"></ph> open source project.
+This means that an attacker can write subtle malware after studying the code and
+file formats. Note that while closed source code enjoys the advantage of
+"security by obscurity", openness can confer other, countervailing security
+advantages.</li>
+</ul>
+</conbody>
+</concept>
Propchange: db/derby/docs/trunk/src/security/csecintrovuln.dita
------------------------------------------------------------------------------
svn:eol-style = native
Added: db/derby/docs/trunk/src/security/csecintrowhy.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/security/csecintrowhy.dita?rev=1596037&view=auto
==============================================================================
--- db/derby/docs/trunk/src/security/csecintrowhy.dita (added)
+++ db/derby/docs/trunk/src/security/csecintrowhy.dita Mon May 19 20:09:33 2014
@@ -0,0 +1,32 @@
+<?xml version="1.0" encoding="utf-8"?>
+
+<!DOCTYPE concept PUBLIC "-//OASIS//DTD DITA Concept//EN"
+ "../dtd/concept.dtd">
+<!--
+Licensed to the Apache Software Foundation (ASF) under one or more
+contributor license agreements. See the NOTICE file distributed with
+this work for additional information regarding copyright ownership.
+The ASF licenses this file to You under the Apache License, Version 2.0
+(the "License"); you may not use this file except in compliance with
+the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+-->
+<concept id="csecintrowhy" xml:lang="en-us">
+<title>Why databases need security</title>
+<shortdesc>An unsecured database has numerous vulnerabilities to different kinds
+of threats.</shortdesc>
+<prolog></prolog>
+<conbody>
+<p>This section does not provide a complete list of these vulnerabilities and
+threats. No survey of security concerns can hope to be complete. However, this
+section attempts to list the major vulnerabilities and threats known today.</p>
+<p>The remainder of this guide describes how you can combat these threats.</p>
+</conbody>
+</concept>
Propchange: db/derby/docs/trunk/src/security/csecintrowhy.dita
------------------------------------------------------------------------------
svn:eol-style = native
Added: db/derby/docs/trunk/src/security/csecjavadb.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/security/csecjavadb.dita?rev=1596037&view=auto
==============================================================================
--- db/derby/docs/trunk/src/security/csecjavadb.dita (added)
+++ db/derby/docs/trunk/src/security/csecjavadb.dita Mon May 19 20:09:33 2014
@@ -0,0 +1,59 @@
+<?xml version="1.0" encoding="utf-8"?>
+
+<!DOCTYPE concept PUBLIC "-//OASIS//DTD DITA Concept//EN"
+ "../dtd/concept.dtd">
+<!--
+Licensed to the Apache Software Foundation (ASF) under one or more
+contributor license agreements. See the NOTICE file distributed with
+this work for additional information regarding copyright ownership.
+The ASF licenses this file to You under the Apache License, Version 2.0
+(the "License"); you may not use this file except in compliance with
+the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+-->
+<concept id="csecjavadb" xml:lang="en-us">
+<title>Relationship between Java DB and Apache
+<ph conref="../conrefs.dita#prod/productshortname"></ph></title>
+<shortdesc>Java DB is a relational database management system that is based on
+the Java programming language and SQL. Java DB is the Oracle release of the
+Apache Derby project, the Apache Software Foundation's (ASF) open source
+relational database project.</shortdesc>
+<prolog><metadata>
+<keywords><indexterm>Java DB and Derby</indexterm>
+<indexterm>Derby and Java DB</indexterm>
+</keywords>
+</metadata></prolog>
+<conbody>
+<p>The Java DB product includes
+<ph conref="../conrefs.dita#prod/productshortname"></ph> without any
+modification whatsoever to the underlying source code.</p>
+<p>Because Java DB and <ph conref="../conrefs.dita#prod/productshortname"></ph>
+have the same functionality, the Java DB documentation refers to the core
+functionality as <ph conref="../conrefs.dita#prod/productshortname"></ph>.</p>
+<p>The Java DB <ph conref="../conrefs.dita#vers/shortversionnumber"></ph>
+documentation is based
+on the <ph conref="../conrefs.dita#prod/productshortname"></ph> <ph
+conref="../conrefs.dita#vers/shortversionnumber"></ph> documentation.
+References to "<ph conref="../conrefs.dita#prod/productshortname"></ph>" in the
+Java DB documentation should be understood as synonyms for "Java DB."</p>
+<p>Oracle has made changes to the
+<ph conref="../conrefs.dita#prod/productlongname"></ph> documentation. This
+manual is identical to the
+<cite><ph conref="../conrefs.dita#prod/productshortname"></ph> Security
+Guide</cite>, with the following exceptions:</p>
+<ul>
+<li>Oracle has added this topic, "Relationship between Java DB and
+<ph conref="../conrefs.dita#prod/productlongname"></ph>".</li>
+<li>In the titles of manuals,
+"<ph conref="../conrefs.dita#prod/productshortname"></ph>" has been changed to
+"Java DB".</li>
+</ul>
+</conbody>
+</concept>
Propchange: db/derby/docs/trunk/src/security/csecjavadb.dita
------------------------------------------------------------------------------
svn:eol-style = native
Added: db/derby/docs/trunk/src/security/csecjavasecurity.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/security/csecjavasecurity.dita?rev=1596037&view=auto
==============================================================================
--- db/derby/docs/trunk/src/security/csecjavasecurity.dita (added)
+++ db/derby/docs/trunk/src/security/csecjavasecurity.dita Mon May 19 20:09:33 2014
@@ -0,0 +1,125 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!DOCTYPE concept PUBLIC "-//OASIS//DTD DITA Concept//EN"
+ "../dtd/concept.dtd">
+<!--
+Licensed to the Apache Software Foundation (ASF) under one or more
+contributor license agreements. See the NOTICE file distributed with
+this work for additional information regarding copyright ownership.
+The ASF licenses this file to You under the Apache License, Version 2.0
+(the "License"); you may not use this file except in compliance with
+the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+-->
+<concept id="csecjavasecurity" xml:lang="en-us">
+<title>Configuring Java security</title>
+<shortdesc>The Java security manager lets you reduce the damage that your
+application can do.</shortdesc>
+<prolog><metadata>
+<keywords></keywords>
+</metadata></prolog>
+<conbody>
+<p>Using a security manager, the System Administrator can restrict how an
+application cooperates with other applications running in the same virtual
+machine (VM) or elsewhere on the same machine. When you run
+<ph conref="../conrefs.dita#prod/productshortname"></ph> under a security
+manager, you can restrict the following:</p>
+<ul>
+<li><b>Backups</b>: You control where the
+<ph conref="../conrefs.dita#prod/productshortname"></ph> engine writes and reads
+database backup files.</li>
+<li><b>Imports and exports</b>: You control where the engine imports data from
+and where it exports data to.</li>
+<li><b>Jar files</b>: You control where the engine obtains jar files of
+customer-coded functions and procedures.</li>
+<li><b>Sockets</b>: You control what machines can connect to the server and
+What machines the server can connect to.</li>
+</ul>
+<p>To take advantage of these powerful controls, first customize a copy of the
+<ph conref="../conrefs.dita#prod/productshortname"></ph> security policy
+template. You will find a template security policy in the
+<ph conref="../conrefs.dita#prod/productshortname"></ph> distribution at
+<codeph>demo/templates/server.policy</codeph>.</p>
+<p><xref href="rsecnetservbasic.dita"/> shows this basic policy. It grants
+permissions to both the <codeph>derby.jar</codeph> and
+<codeph>derbynet.jar</codeph> codebases. To run
+<ph conref="../conrefs.dita#prod/productshortname"></ph> in embedded mode, you
+must grant permissions to <codeph>derby.jar</codeph>. To run the
+<ph conref="../conrefs.dita#prod/productshortname"></ph> Network Server, you
+must grant permissions to both <codeph>derby.jar</codeph> and
+<codeph>derbynet.jar</codeph>.</p>
+<p><xref href="rsecpolicysample.dita#rsecpolicysample"></xref> shows a sample
+customized policy file.</p>
+<p>To customize the file, make the following edits:</p>
+<ul>
+<li><b>URLs</b>: Replace the <codeph>${derby.install.url}</codeph> variables
+with a URL pointing to the directory that holds the
+<ph conref="../conrefs.dita#prod/productshortname"></ph> jar files. For example:
+<codeblock>file:///Users/me/javadb/lib/</codeblock></li>
+<li><b>System home</b>: Look for instances of the string
+<codeph>${derby.system.home}</codeph>. Replace them with the name of the
+directory that holds your <codeph>derby.properties</codeph> file.</li>
+<li><b>Tracing</b>: Grant
+<ph conref="../conrefs.dita#prod/productshortname"></ph> the power to manage a
+directory tree that will hold server trace information. Look for the
+<codeph>${derby.drda.traceDirectory}</codeph> variable and replace it with the
+directory where the server should write its diagnostic traces. For more
+information on <ph conref="../conrefs.dita#prod/productshortname"></ph> tracing,
+see "Controlling tracing by using the trace facility" in the
+<ph conref="../conrefs.dita#pub/citadmin"></ph>.</li>
+<li><b>Backups/imports/jars</b>: Look for the first instance of the string
+<codeph><<ALL FILES>></codeph>. Make two more copies of this line so that
+there are three copies of this line in the file. On the first line, replace
+<codeph><<ALL FILES>></codeph> with the directory tree that you will use
+for holding database backups. For example:
+<codeblock>/Users/me/backups</codeblock>
+<p>Similarly, on the second line, replace <codeph><<ALL FILES>></codeph>
+with the directory tree which you will use for staging imported/exported data.
+On the third line, replace <codeph><<ALL FILES>></codeph> with the
+directory tree that holds the jar files of functions and procedures that you
+will load into databases. For the detailed syntax of these lines, see the
+API documentation for <codeph>java.io.FilePermission</codeph>.</p></li>
+<li><b>Sysinfo</b>: The <codeph>sysinfo</codeph> logic appears redundantly in
+several <ph conref="../conrefs.dita#prod/productshortname"></ph> jar files:
+<codeblock>derby.jar
+derbynet.jar
+derbyclient.jar
+derbytools.jar</codeblock>
+<p>If you want to run the <codeph>sysinfo</codeph> command, you will need to
+grant permissions to the first of these jar files that appears in your
+classpath.</p>
+<p><note>If you are running
+<ph conref="../conrefs.dita#prod/productshortname"></ph> by using the command
+<codeph>java -jar derbyrun.jar</codeph>, the first relevant jar file in the
+classpath is <codeph>derby.jar</codeph>. The template policy file grants these
+permissions to <codeph>derbynet.jar</codeph>. Note that the template policy file
+grants <codeph>sysinfo</codeph> the privilege to read all files in the system.
+You can restrict this to just the directory that contains the jar files wired
+into your classpath.</note></p></li>
+<li><b>Sockets</b>: The template policy file accepts connection requests from
+all hosts. You may want to restrict the template file's
+<codeph>java.net.SocketPermission</codeph> to connections from a particular
+subdomain. For details, see the API documentation for
+<codeph>java.net.SocketPermission</codeph>. In addition, if you are using LDAP
+authentication, then you must grant <codeph>derby.jar</codeph> the privilege to
+connect to the LDAP server.</li>
+</ul>
+<p>This manual does not describe the Java security manager in depth. For more
+information, see <xref format="html"
+href="http://docs.oracle.com/javase/8/docs/technotes/guides/security/"
+scope="external"/>. In particular, you may want to read the
+Security Architecture paper (<xref format="html"
+href="http://docs.oracle.com/javase/8/docs/technotes/guides/security/spec/security-spec.doc.html"
+scope="external"/>)
+and the Default Policy Implementation and Policy File Syntax information
+(<xref format="html"
+href="http://docs.oracle.com/javase/8/docs/technotes/guides/security/PolicyFiles.html"
+scope="external"/>).</p>
+</conbody>
+</concept>
Propchange: db/derby/docs/trunk/src/security/csecjavasecurity.dita
------------------------------------------------------------------------------
svn:eol-style = native
Added: db/derby/docs/trunk/src/security/csecldapbooting.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/security/csecldapbooting.dita?rev=1596037&view=auto
==============================================================================
--- db/derby/docs/trunk/src/security/csecldapbooting.dita (added)
+++ db/derby/docs/trunk/src/security/csecldapbooting.dita Mon May 19 20:09:33 2014
@@ -0,0 +1,49 @@
+<?xml version="1.0" encoding="utf-8"?>
+
+<!DOCTYPE concept PUBLIC "-//OASIS//DTD DITA Concept//EN"
+ "../dtd/concept.dtd">
+<!--
+Licensed to the Apache Software Foundation (ASF) under one or more
+contributor license agreements. See the NOTICE file distributed with
+this work for additional information regarding copyright ownership.
+The ASF licenses this file to You under the Apache License, Version 2.0
+(the "License"); you may not use this file except in compliance with
+the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+-->
+<concept id="csecldapbooting" xml:lang="en-us">
+<title>Booting an LDAP server</title>
+<shortdesc>To begin, launch the OpenDS QuickSetup JNLP (Java Web Start)
+installer, then follow the installation steps to set up your directory
+server.</shortdesc>
+<prolog><metadata>
+<keywords>
+<indexterm>LDAP directory service<indexterm>booting</indexterm></indexterm>
+</keywords>
+</metadata></prolog>
+<conbody>
+<p>You can obtain the installer from <xref format="html"
+href="https://opends.java.net/" scope="external"/> by clicking the
+"Install with QuickSetup" link.</p>
+<p>As part of this installation, you will specify a password, which we will
+call <i>YOUR_SELECTED_PASSWORD</i>.</p>
+<p>Next, load some credentials into the directory server. Download this sample
+file of credentials:
+<xref format="txt" href="http://today.java.net/today/2007/03/22/secArticle.LDIF"
+scope="external"/>. Now load it into your directory server using the
+<codeph>import-ldif</codeph> tool in the <codeph>bin</codeph> directory of your
+OpenDS installation. (Make sure that OpenDS is not running when you import
+credentials; otherwise you will receive an error message indicating that the
+import utility cannot acquire a lock over storage.)</p>
+<codeblock><b>import-ldif --backendID userRoot --ldifFile secArticle.LDIF</b></codeblock>
+<p>Now bring up the OpenDS server by running the <codeph>start-ds</codeph>
+script in the <codeph>bin</codeph> directory of your OpenDS installation.</p>
+</conbody>
+</concept>
Propchange: db/derby/docs/trunk/src/security/csecldapbooting.dita
------------------------------------------------------------------------------
svn:eol-style = native
Added: db/derby/docs/trunk/src/security/csecnativeconvert.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/security/csecnativeconvert.dita?rev=1596037&view=auto
==============================================================================
--- db/derby/docs/trunk/src/security/csecnativeconvert.dita (added)
+++ db/derby/docs/trunk/src/security/csecnativeconvert.dita Mon May 19 20:09:33 2014
@@ -0,0 +1,48 @@
+<?xml version="1.0" encoding="utf-8"?>
+
+<!DOCTYPE concept PUBLIC "-//OASIS//DTD DITA Concept//EN"
+ "../dtd/concept.dtd">
+<!--
+Licensed to the Apache Software Foundation (ASF) under one or more
+contributor license agreements. See the NOTICE file distributed with
+this work for additional information regarding copyright ownership.
+The ASF licenses this file to You under the Apache License, Version 2.0
+(the "License"); you may not use this file except in compliance with
+the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+-->
+<concept id="csecnativeconvert" xml:lang="en-us">
+<title>Converting an existing database to use NATIVE authentication</title>
+<shortdesc>If you wish to apply NATIVE authentication to a database that was
+created without it, the procedure is slightly different depending on whether you
+specify NATIVE:<i>credentialsDB</i> or
+NATIVE:<i>credentialsDB</i>:LOCAL.</shortdesc>
+<prolog><metadata>
+<keywords><indexterm>user authentication<indexterm>NATIVE authentication</indexterm></indexterm>
+<indexterm>NATIVE authentication<indexterm>converting a database to use</indexterm></indexterm>
+</keywords>
+</metadata></prolog>
+<conbody>
+<ul>
+<li>If you specify NATIVE:<i>credentialsDB</i>, add users of the existing
+database to the <i>credentialsDB</i>. For instance, if the old database was
+created without any authentication, then its default user name is APP, and you
+could do the following:
+<codeblock><b>CALL SYSCS_UTIL.SYSCS_CREATE_USER('app', 'app');</b></codeblock></li>
+<li>If you plan to specify NATIVE:<i>credentialsDB</i>:LOCAL, first connect to
+the existing database as its
+<xref href="cseccsecuredbowner.dita">Database Owner</xref> using its old
+authentication scheme. Call <codeph>SYSCS_UTIL.SYSCS_CREATE_USER</codeph> to add
+credentials for the Database Owner. For example, if the existing database was
+created with no authentication, the Database Owner is APP, and you would add
+credentials for APP as shown above.</li>
+</ul>
+</conbody>
+</concept>
Propchange: db/derby/docs/trunk/src/security/csecnativeconvert.dita
------------------------------------------------------------------------------
svn:eol-style = native
Added: db/derby/docs/trunk/src/security/csecnativecreddb.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/security/csecnativecreddb.dita?rev=1596037&view=auto
==============================================================================
--- db/derby/docs/trunk/src/security/csecnativecreddb.dita (added)
+++ db/derby/docs/trunk/src/security/csecnativecreddb.dita Mon May 19 20:09:33 2014
@@ -0,0 +1,59 @@
+<?xml version="1.0" encoding="utf-8"?>
+
+<!DOCTYPE concept PUBLIC "-//OASIS//DTD DITA Concept//EN"
+ "../dtd/concept.dtd">
+<!--
+Licensed to the Apache Software Foundation (ASF) under one or more
+contributor license agreements. See the NOTICE file distributed with
+this work for additional information regarding copyright ownership.
+The ASF licenses this file to You under the Apache License, Version 2.0
+(the "License"); you may not use this file except in compliance with
+the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+-->
+<concept id="csecnativecreddb" xml:lang="en-us">
+<title>Working with a credentials database</title>
+<shortdesc>With NATIVE authentication, a database can become a credentials
+database in any of several ways.</shortdesc>
+<prolog><metadata>
+<keywords><indexterm>user authentication<indexterm>NATIVE authentication</indexterm></indexterm>
+<indexterm>NATIVE authentication<indexterm>credentials database</indexterm></indexterm>
+</keywords>
+</metadata></prolog>
+<conbody>
+<ul>
+<li>When the database is being created, it is identified as the credentials
+database by the system-level property setting
+<codeph>derby.authentication.provider=NATIVE:<i>credentialsDB</i></codeph>.</li>
+<li>When the database is being created, LOCAL authentication of connections is
+specified by the system-level property setting
+<codeph>derby.authentication.provider=NATIVE:<i>credentialsDB</i>:LOCAL</codeph>.</li>
+<li>When the database already exists, the
+<xref href="cseccsecuredbowner.dita">Database Owner</xref> calls the
+<codeph>SYSCS_UTIL.SYSCS_CREATE_USER</codeph> system procedure to store the
+Database Owner's credentials in the database. If the Database Owner calls this
+procedure to store another user's credentials first, an error is raised.</li>
+</ul>
+<p>When a database becomes a credentials database, the following things
+happen:</p>
+<ul>
+<li>The value of <codeph>derby.authentication.provider=NATIVE::LOCAL</codeph>
+is stored in the database, marking it as a credentials database.</li>
+<li>From this point forward, the value of
+<codeph>derby.authentication.provider</codeph> cannot be overridden or changed
+for connections to this database.</li>
+<li>If the database is being newly created, the Database Owner's credentials
+(provided in the connection arguments) are stored in the database's SYSUSERS
+system table.</li>
+<li>All future connections to the database are authenticated against the
+credentials in its SYSUSERS system table.</li>
+</ul>
+</conbody>
+</concept>
Propchange: db/derby/docs/trunk/src/security/csecnativecreddb.dita
------------------------------------------------------------------------------
svn:eol-style = native
Added: db/derby/docs/trunk/src/security/csecnativeenable.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/security/csecnativeenable.dita?rev=1596037&view=auto
==============================================================================
--- db/derby/docs/trunk/src/security/csecnativeenable.dita (added)
+++ db/derby/docs/trunk/src/security/csecnativeenable.dita Mon May 19 20:09:33 2014
@@ -0,0 +1,60 @@
+<?xml version="1.0" encoding="utf-8"?>
+
+<!DOCTYPE concept PUBLIC "-//OASIS//DTD DITA Concept//EN"
+ "../dtd/concept.dtd">
+<!--
+Licensed to the Apache Software Foundation (ASF) under one or more
+contributor license agreements. See the NOTICE file distributed with
+this work for additional information regarding copyright ownership.
+The ASF licenses this file to You under the Apache License, Version 2.0
+(the "License"); you may not use this file except in compliance with
+the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+-->
+<concept id="csecnativeenable" xml:lang="en-us">
+<title>Enabling NATIVE authentication explicitly</title>
+<shortdesc>You can turn on NATIVE authentication explicitly by using a
+property.</shortdesc>
+<prolog><metadata>
+<keywords><indexterm>user authentication<indexterm>NATIVE authentication</indexterm></indexterm>
+<indexterm>NATIVE authentication<indexterm>enabling</indexterm></indexterm>
+</keywords>
+</metadata></prolog>
+<conbody>
+<p>To do so, specify one of the following values for the
+<codeph>derby.authentication.provider</codeph> property:</p>
+<ul>
+<li>NATIVE:<i>credentialsDB</i>
+<p>This value tells <ph conref="../conrefs.dita#prod/productshortname"></ph> to
+use <i>credentialsDB</i>, a dedicated database, to store user credentials. This
+value must be set by using system-wide Java Virtual Machine (JVM) properties or
+by using the <codeph>derby.properties</codeph> file; it cannot be set in the
+database by using the <codeph>SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY</codeph>
+procedure. When this system-wide value is set, <i>credentialsDB</i> is used to
+authenticate all operations. If an individual database holds credentials for the
+<xref href="cseccsecuredbowner.dita">Database Owner</xref>, the global
+credentials database is used only to authenticate system-wide operations such as
+engine shutdown.</p>
+<p>The value of <i>credentialsDB</i> must be a valid name for a database.</p>
+</li>
+<li>NATIVE:<i>credentialsDB</i>:LOCAL
+<p>This value tells <ph conref="../conrefs.dita#prod/productshortname"></ph> to
+use <i>credentialsDB</i> for system-wide operations, but to use an individual
+database's SYSUSERS system table to authenticate connections to that database.
+This value must be set by using system-wide JVM properties or by using the
+<codeph>derby.properties</codeph> file; it cannot be set in the database by
+using the <codeph>SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY</codeph> system
+procedure.</p>
+</li>
+</ul>
+<p>See the <ph conref="../conrefs.dita#pub/citref"></ph> for details on the
+<codeph>derby.authentication.provider</codeph> property.</p>
+</conbody>
+</concept>
Propchange: db/derby/docs/trunk/src/security/csecnativeenable.dita
------------------------------------------------------------------------------
svn:eol-style = native
Added: db/derby/docs/trunk/src/security/csecnativemanagecreds.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/security/csecnativemanagecreds.dita?rev=1596037&view=auto
==============================================================================
--- db/derby/docs/trunk/src/security/csecnativemanagecreds.dita (added)
+++ db/derby/docs/trunk/src/security/csecnativemanagecreds.dita Mon May 19 20:09:33 2014
@@ -0,0 +1,54 @@
+<?xml version="1.0" encoding="utf-8"?>
+
+<!DOCTYPE concept PUBLIC "-//OASIS//DTD DITA Concept//EN"
+ "../dtd/concept.dtd">
+<!--
+Licensed to the Apache Software Foundation (ASF) under one or more
+contributor license agreements. See the NOTICE file distributed with
+this work for additional information regarding copyright ownership.
+The ASF licenses this file to You under the Apache License, Version 2.0
+(the "License"); you may not use this file except in compliance with
+the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+-->
+<concept id="csecnativemanagecreds" xml:lang="en-us">
+<title>Managing users and passwords</title>
+<shortdesc>To manage users and passwords,
+<ph conref="../conrefs.dita#prod/productshortname"></ph> provides a group of
+system procedures.</shortdesc>
+<prolog><metadata>
+<keywords><indexterm>user authentication<indexterm>NATIVE authentication</indexterm></indexterm>
+<indexterm>NATIVE authentication<indexterm>managing credentials</indexterm></indexterm>
+</keywords>
+</metadata></prolog>
+<conbody>
+<ul>
+<li>To create users for a database, the
+<xref href="cseccsecuredbowner.dita">Database Owner</xref> calls
+<codeph>SYSCS_UTIL.SYSCS_CREATE_USER</codeph>, which takes a user name and
+password as arguments. This procedure can also be executed by a user or role
+to which the Database Owner has granted sufficient privileges.</li>
+<li>To remove a user, the Database Owner calls
+<codeph>SYSCS_UTIL.SYSCS_DROP_USER</codeph>, which takes one argument,
+the user name of the user. This procedure can also be executed by a user or role
+to which the Database Owner has granted sufficient privileges.</li>
+<li>To reset a forgotten or expired password, the Database Owner calls
+<codeph>SYSCS_UTIL.SYSCS_RESET_PASSWORD</codeph>, with a user name and
+password as arguments. This procedure can also be executed by a user or role
+to which the Database Owner has granted sufficient privileges.</li>
+<li>To change a user's own password, any user can call the system procedure
+<codeph>SYSCS_UTIL.SYSCS_MODIFY_PASSWORD</codeph>, which takes only one
+argument, the password. Typically, a user calls this procedure when their
+password is about to expire.</li>
+</ul>
+<p>See the <ph conref="../conrefs.dita#pub/citref"></ph> for details on these
+procedures.</p>
+</conbody>
+</concept>
Propchange: db/derby/docs/trunk/src/security/csecnativemanagecreds.dita
------------------------------------------------------------------------------
svn:eol-style = native
Added: db/derby/docs/trunk/src/security/csecnativeotherprops.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/security/csecnativeotherprops.dita?rev=1596037&view=auto
==============================================================================
--- db/derby/docs/trunk/src/security/csecnativeotherprops.dita (added)
+++ db/derby/docs/trunk/src/security/csecnativeotherprops.dita Mon May 19 20:09:33 2014
@@ -0,0 +1,64 @@
+<?xml version="1.0" encoding="utf-8"?>
+
+<!DOCTYPE concept PUBLIC "-//OASIS//DTD DITA Concept//EN"
+ "../dtd/concept.dtd">
+<!--
+Licensed to the Apache Software Foundation (ASF) under one or more
+contributor license agreements. See the NOTICE file distributed with
+this work for additional information regarding copyright ownership.
+The ASF licenses this file to You under the Apache License, Version 2.0
+(the "License"); you may not use this file except in compliance with
+the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+-->
+<concept id="csecnativeotherprops" xml:lang="en-us">
+<title>NATIVE authentication and other database properties</title>
+<shortdesc>When NATIVE authentication is enabled,
+<ph conref="../conrefs.dita#prod/productshortname"></ph> behaves as if the
+<codeph>derby.connection.requireAuthentication</codeph> and
+<codeph>derby.database.sqlAuthorization</codeph> properties are also
+set.</shortdesc>
+<prolog><metadata>
+<keywords><indexterm>user authentication<indexterm>NATIVE authentication</indexterm></indexterm>
+<indexterm>NATIVE authentication<indexterm>and other database properties</indexterm></indexterm>
+</keywords>
+</metadata></prolog>
+<conbody>
+<p>That is, a user name and password must be specified whenever a user connects
+to a database, and object owners control access to database objects. See
+<xref href="csecauthorfine.dita#csecauthorfine"></xref> for more information,
+and see
+<xref href="rseccsecurenativeauthex.dita"/> for an example of the use of NATIVE
+authentication.</p>
+<p>For maximum security, the passwords that users specify when they connect to
+databases have an expiration date that you can modify by using the property
+<codeph>derby.authentication.native.passwordLifetimeMillis</codeph>. The
+password of the
+<xref href="cseccsecuredbowner.dita">Database Owner</xref> never expires. By
+default, ordinary user passwords expire after 31 days.</p>
+<p>If a password is about to expire, or if the Database Owner's password is
+near what would be the expiration date,
+<ph conref="../conrefs.dita#prod/productshortname"></ph> issues a warning that
+the password will soon expire (or, in the Database Owner's case, that the
+password is stale). By default, the warning is issued if the password is due to
+expire in one-eighth of the password's lifetime. For example, if the password
+has a 31-day lifetime, the warning will be issued 3.875 days before the
+expiration date. You can change this proportion by using the property
+<codeph>derby.authentication.native.passwordLifetimeThreshold</codeph>.</p>
+<p>Use the <codeph>derby.authentication.builtin.algorithm</codeph> property to
+change the way passwords are encrypted when they are stored in the SYSUSERS
+system table. The default algorithm is SHA-256. Two related properties are
+<codeph>derby.authentication.builtin.saltLength</codeph> and
+<codeph>derby.authentication.builtin.iterations</codeph>, which can be used to
+make the hashed passwords harder for attackers to crack.</p>
+<p>See the <ph conref="../conrefs.dita#pub/citref"></ph> for details on these
+properties.</p>
+</conbody>
+</concept>
Propchange: db/derby/docs/trunk/src/security/csecnativeotherprops.dita
------------------------------------------------------------------------------
svn:eol-style = native
Added: db/derby/docs/trunk/src/security/csecnetservauthent.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/security/csecnetservauthent.dita?rev=1596037&view=auto
==============================================================================
--- db/derby/docs/trunk/src/security/csecnetservauthent.dita (added)
+++ db/derby/docs/trunk/src/security/csecnetservauthent.dita Mon May 19 20:09:33 2014
@@ -0,0 +1,31 @@
+<?xml version="1.0" encoding="utf-8"?>
+
+<!DOCTYPE concept PUBLIC "-//OASIS//DTD DITA Concept//EN"
+ "../dtd/concept.dtd">
+<!--
+Licensed to the Apache Software Foundation (ASF) under one or more
+contributor license agreements. See the NOTICE file distributed with
+this work for additional information regarding copyright ownership.
+The ASF licenses this file to You under the Apache License, Version 2.0
+(the "License"); you may not use this file except in compliance with
+the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+-->
+<concept id="csecnetservauthent" xml:lang="en-us">
+<title>Configuring Network Server authentication in special circumstances</title>
+<shortdesc>Some advanced Network Server configuration features may be useful in
+certain situations.</shortdesc>
+<prolog><metadata>
+<keywords><indexterm>Network Server authentication<indexterm>configuring</indexterm></indexterm>
+</keywords>
+</metadata></prolog>
+<conbody>
+</conbody>
+</concept>
Propchange: db/derby/docs/trunk/src/security/csecnetservauthent.dita
------------------------------------------------------------------------------
svn:eol-style = native
Added: db/derby/docs/trunk/src/security/csecnetservfileperms.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/security/csecnetservfileperms.dita?rev=1596037&view=auto
==============================================================================
--- db/derby/docs/trunk/src/security/csecnetservfileperms.dita (added)
+++ db/derby/docs/trunk/src/security/csecnetservfileperms.dita Mon May 19 20:09:33 2014
@@ -0,0 +1,130 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!DOCTYPE concept PUBLIC "-//OASIS//DTD DITA Concept//EN"
+ "../dtd/concept.dtd">
+<!--
+Licensed to the Apache Software Foundation (ASF) under one or more
+contributor license agreements. See the NOTICE file distributed with
+this work for additional information regarding copyright ownership.
+The ASF licenses this file to You under the Apache License, Version 2.0
+(the "License"); you may not use this file except in compliance with
+the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+-->
+<concept id="csecnetservfileperms" xml:lang="en-us">
+<title>Restricting file permissions</title>
+<shortdesc>Additional file protections are available on some file systems,
+including Windows NTFS, Unix, and Linux. If you are running a Java 7 or higher
+VM, you can configure <ph conref="../conrefs.dita#prod/productshortname"></ph>
+to take advantage of these extra file protections.</shortdesc>
+<prolog><metadata>
+<keywords><indexterm>derby.storage.useDefaultFilePermissions property</indexterm>
+<indexterm>database files<indexterm>specifying permissions with Java SE 7 and up</indexterm></indexterm>
+<indexterm>file permissions<indexterm>specifying with Java SE 7 and up</indexterm></indexterm>
+<indexterm>permissions<indexterm>file, specifying with Java SE 7 and up</indexterm></indexterm>
+</keywords>
+</metadata></prolog>
+<conbody>
+<p>By default, <ph conref="../conrefs.dita#prod/productshortname"></ph> creates
+new directories and files with the default permissions of the operating system
+account that started the VM (the umask setting on Unix and Linux). You can
+configure <ph conref="../conrefs.dita#prod/productshortname"></ph> to override
+those default permissions and to restrict access to just that account. If you
+configure <ph conref="../conrefs.dita#prod/productshortname"></ph> this way,
+only that account can access the directories and files created by
+<ph conref="../conrefs.dita#prod/productshortname"></ph>. If you are running on
+a Java 7 or higher VM, you can configure this extra protection by setting the
+following system property, either on the VM command line or in
+<codeph>derby.properties</codeph>:</p>
+<codeblock>derby.storage.useDefaultFilePermissions=false</codeblock>
+<p>For more information, see "derby.storage.useDefaultFilePermissions" in
+the <ph conref="../conrefs.dita#pub/citref"></ph>.</p>
+<p>If you set this property, other operating system accounts will have no access
+to directories or files created by
+<ph conref="../conrefs.dita#prod/productshortname"></ph>. This behavior can be
+helpful in enhancing default security for database files.</p>
+<p>The exact behavior is determined by two factors: how the
+<ph conref="../conrefs.dita#prod/productshortname"></ph> engine is started, and
+the presence or absence and specified value of the property
+<codeph>derby.storage.useDefaultFilePermissions</codeph>.</p>
+<p>The two tables that follow show how file access works with Java SE 7 and
+later JVMs and with Java SE 6. In both tables,</p>
+<ul>
+<li>"Environment" means that access is controlled entirely by the JVM
+environment and the file location only (that is, by the umask setting on UNIX
+and Linux systems and by the default file permissions on Windows NTFS).</li>
+<li>"Restricted" means that
+<ph conref="../conrefs.dita#prod/productshortname"></ph> restricts access to the
+operating system account that started the JVM.</li>
+</ul>
+<p>The following table shows how file access works on Java SE 7 and later
+systems with various settings of the
+<codeph>derby.storage.useDefaultFilePermissions</codeph> property.</p>
+<table>
+<title>File access on Java SE 7 and later systems</title>
+<desc>This table shows how access to <ph conref="../conrefs.dita#prod/productshortname"></ph> files is controlled on Java SE 7 and later systems.</desc>
+<tgroup cols="3" colsep="1" rowsep="1">
+<colspec colname="col1" colnum="1" colwidth="20*"/>
+<colspec colname="col2" colnum="2" colwidth="40*"/>
+<colspec colname="col3" colnum="3" colwidth="40*"/>
+<thead>
+<row valign="bottom">
+<entry colname="col1">Property Setting</entry>
+<entry colname="col2">Server Started from Command Line</entry>
+<entry colname="col3">Server Started Programmatically or Embedded</entry>
+</row>
+</thead>
+<tbody>
+<row>
+<entry colname="col1">No property specified</entry>
+<entry colname="col2">Restricted</entry>
+<entry colname="col3">Environment</entry>
+</row>
+<row>
+<entry colname="col1">Property set to true</entry>
+<entry colname="col2">Environment</entry>
+<entry colname="col3">Environment</entry>
+</row>
+<row>
+<entry colname="col1">Property set to false</entry>
+<entry colname="col2">Restricted</entry>
+<entry colname="col3">Restricted</entry>
+</row>
+</tbody>
+</tgroup>
+</table>
+<p>The following table shows how file access works on Java SE 6 systems.</p>
+<table>
+<title>File access on Java SE 6 systems</title>
+<desc>This table shows how access to <ph conref="../conrefs.dita#prod/productshortname"></ph> files is controlled on Java SE 6 systems.</desc>
+<tgroup cols="3" colsep="1" rowsep="1">
+<colspec colname="col1" colnum="1" colwidth="20*"/>
+<colspec colname="col2" colnum="2" colwidth="40*"/>
+<colspec colname="col3" colnum="3" colwidth="40*"/>
+<thead>
+<row valign="bottom">
+<entry colname="col1">Property Setting</entry>
+<entry colname="col2">Server Started from Command Line</entry>
+<entry colname="col3">Server Started Programmatically or Embedded</entry>
+</row>
+</thead>
+<tbody>
+<row>
+<entry colname="col1">Not applicable</entry>
+<entry colname="col2">Environment</entry>
+<entry colname="col3">Environment</entry>
+</row>
+</tbody>
+</tgroup>
+</table>
+<p>If you are running on a Java 6 or earlier VM, then you may want to adjust
+your account's default file permissions before using
+<ph conref="../conrefs.dita#prod/productshortname"></ph>.</p>
+</conbody>
+</concept>
Propchange: db/derby/docs/trunk/src/security/csecnetservfileperms.dita
------------------------------------------------------------------------------
svn:eol-style = native
Added: db/derby/docs/trunk/src/security/csecnetservsecurity.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/security/csecnetservsecurity.dita?rev=1596037&view=auto
==============================================================================
--- db/derby/docs/trunk/src/security/csecnetservsecurity.dita (added)
+++ db/derby/docs/trunk/src/security/csecnetservsecurity.dita Mon May 19 20:09:33 2014
@@ -0,0 +1,57 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!DOCTYPE concept PUBLIC "-//OASIS//DTD DITA Concept//EN"
+ "../dtd/concept.dtd">
+<!--
+Licensed to the Apache Software Foundation (ASF) under one or more
+contributor license agreements. See the NOTICE file distributed with
+this work for additional information regarding copyright ownership.
+The ASF licenses this file to You under the Apache License, Version 2.0
+(the "License"); you may not use this file except in compliance with
+the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+-->
+<concept id="csecnetservsecurity" xml:lang="en-us">
+<title>Network Server security</title>
+<shortdesc>By default, the
+<ph conref="../conrefs.dita#prod/productshortname"></ph> Network Server listens
+only on the localhost. Clients must use the localhost host name to
+connect.</shortdesc>
+<prolog><metadata>
+<keywords><indexterm>Network Server security</indexterm><indexterm>Network
+Server<indexterm>and security changes</indexterm></indexterm></keywords>
+</metadata></prolog>
+<conbody>
+<p>By default, clients cannot access the Network Server from another host. To
+enable connections from other hosts, set the <codeph>derby.drda.host</codeph>
+property, or start the Network Server with the <codeph>-h</codeph> option
+in the <codeph>java org.apache.derby.drda.NetworkServerControl start</codeph>
+command.</p>
+<p>In the following example, the server will listen only on the localhost, and
+clients cannot access the server from another host:</p>
+<codeblock><b>java org.apache.derby.drda.NetworkServerControl start</b></codeblock>
+<p>In the following example, the server runs on the host machine
+<codeph>sampleserver.example.com</codeph> and also listens for clients
+from other hosts. Clients must specify the server in the URL or DataSource as
+<codeph>sampleserver.example.com</codeph>:</p>
+<codeblock><b>java org.apache.derby.drda.NetworkServerControl start \
+-h sampleserver.example.com</b></codeblock>
+<p>To start the Network Server so that it will listen on all interfaces, start
+with an IP address of <codeph>0.0.0.0</codeph>, as shown in the following
+example:</p>
+<codeblock><b>java org.apache.derby.drda.NetworkServerControl start -h 0.0.0.0</b></codeblock>
+<p>A server that is started with the <codeph>-h 0.0.0.0</codeph> option will
+listen to client requests that originate from both <codeph>localhost</codeph>
+and from other machines on the network.</p>
+<p>However, administrative commands (for example,
+<codeph>org.apache.derby.drda.NetworkServerControl shutdown</codeph>) can run
+only on the host where the server was started, even if the server was started
+with the <codeph>-h</codeph> option.</p>
+</conbody>
+</concept>
Propchange: db/derby/docs/trunk/src/security/csecnetservsecurity.dita
------------------------------------------------------------------------------
svn:eol-style = native
Added: db/derby/docs/trunk/src/security/csecpref11181.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/security/csecpref11181.dita?rev=1596037&view=auto
==============================================================================
--- db/derby/docs/trunk/src/security/csecpref11181.dita (added)
+++ db/derby/docs/trunk/src/security/csecpref11181.dita Mon May 19 20:09:33 2014
@@ -0,0 +1,35 @@
+<?xml version="1.0" encoding="utf-8"?>
+
+<!DOCTYPE concept PUBLIC "-//OASIS//DTD DITA Concept//EN"
+ "../dtd/concept.dtd">
+<!--
+Licensed to the Apache Software Foundation (ASF) under one or more
+contributor license agreements. See the NOTICE file distributed with
+this work for additional information regarding copyright ownership.
+The ASF licenses this file to You under the Apache License, Version 2.0
+(the "License"); you may not use this file except in compliance with
+the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+-->
+<concept id="csecpref11181" xml:lang="en-us">
+<title>Purpose of this guide</title>
+<shortdesc>This guide provides information on securing
+<ph conref="../conrefs.dita#prod/productshortname"></ph> databases.</shortdesc>
+<prolog></prolog>
+<conbody>
+<p><ph conref="../conrefs.dita#prod/productshortname"></ph> provides several ways
+to protect the correctness and privacy of your data as well as to prevent
+accidental or malicious misuse of the database software itself. This guide
+explains how to improve the database security of applications and machines that
+use <ph conref="../conrefs.dita#prod/productshortname"></ph>. It describes how
+to configure security for both embedded applications and applications that use
+the <ph conref="../conrefs.dita#prod/productshortname"></ph> Network Server.</p>
+</conbody>
+</concept>
Propchange: db/derby/docs/trunk/src/security/csecpref11181.dita
------------------------------------------------------------------------------
svn:eol-style = native
Added: db/derby/docs/trunk/src/security/csecpref23947.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/security/csecpref23947.dita?rev=1596037&view=auto
==============================================================================
--- db/derby/docs/trunk/src/security/csecpref23947.dita (added)
+++ db/derby/docs/trunk/src/security/csecpref23947.dita Mon May 19 20:09:33 2014
@@ -0,0 +1,74 @@
+<?xml version="1.0" encoding="utf-8"?>
+
+<!DOCTYPE concept PUBLIC "-//OASIS//DTD DITA Concept//EN"
+ "../dtd/concept.dtd">
+<!--
+Licensed to the Apache Software Foundation (ASF) under one or more
+contributor license agreements. See the NOTICE file distributed with
+this work for additional information regarding copyright ownership.
+The ASF licenses this file to You under the Apache License, Version 2.0
+(the "License"); you may not use this file except in compliance with
+the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+-->
+<concept id="csecpref23947" xml:lang="en-us">
+<title>How this guide is organized</title>
+<shortdesc>This guide includes the following two parts.</shortdesc>
+<prolog></prolog>
+<conbody>
+<p>Part One: Introduction to database security</p>
+<ul>
+<li><i><xref href="csecintrowhy.dita"/></i>
+<p>Describes the vulnerabilities and threats that databases face.</p></li>
+<li><i><xref href="csecintrodefenses.dita"/></i>
+<p>Describes the kinds of defenses that databases can use.</p></li>
+<li><i><xref href="csecintromapping.dita"/></i>
+<p>Shows how the defenses available to databases map to the threats that they
+face.</p></li>
+<li><i><xref href="csecintrosafer.dita"/></i>
+<p>Describes important techniques for securing databases.</p></li>
+<li><i><xref href="csecterms.dita"/></i>
+<p>Provides a glossary of security terms used in this part.</p></li>
+</ul>
+<p>Part Two: Configuring security for
+<ph conref="../conrefs.dita#prod/productshortname"/></p>
+<ul>
+<li><i><xref href="cseccsecure12392.dita"/></i>
+<p>Lists basic tasks for configuring security in an embedded or client/server
+environment.</p></li>
+<li><i><xref href="cseccsecure24366.dita"/></i>
+<p>Explains how to encrypt <ph conref="../conrefs.dita#prod/productshortname"/>
+databases.</p></li>
+<li><i><xref href="cseccsecure90988.dita"/></i>
+<p>Explains how to use signed jar files in
+<ph conref="../conrefs.dita#prod/productshortname"/> databases.</p></li>
+<li><i><xref href="csecssl.dita"/></i>
+<p>Explains how to use SSL/TLS to encrypt network traffic in a client/server
+environment.</p></li>
+<li><i><xref href="cseccsecureidentity.dita"/></i>
+<p>Describes the concepts of identity, users, and authorization identifiers in
+<ph conref="../conrefs.dita#prod/productshortname"/>.</p></li>
+<li><i><xref href="cseccsecure42374.dita"/></i>
+<p>Explains how to configure authentication, which determines whether someone is
+a legal user.</p></li>
+<li><i><xref href="csecauthorization.dita"/></i>
+<p>Explains how to configure authorization, which determines what operations can
+be performed by a user's identity.</p></li>
+<li><i><xref href="csecjavasecurity.dita"/></i>
+<p>Explains how to use a Java security manager with
+<ph conref="../conrefs.dita#prod/productshortname"/>.</p></li>
+<li><i><xref href="csecnetservfileperms.dita"/></i>
+<p>Explains how to take advantage of file system protections.</p></li>
+<li><i><xref href="csecputtogether.dita"/></i>
+<p>Shows how to enable all the available
+<ph conref="../conrefs.dita#prod/productshortname"/> defenses.</p></li>
+</ul>
+</conbody>
+</concept>
Propchange: db/derby/docs/trunk/src/security/csecpref23947.dita
------------------------------------------------------------------------------
svn:eol-style = native
Added: db/derby/docs/trunk/src/security/csecpref24290.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/security/csecpref24290.dita?rev=1596037&view=auto
==============================================================================
--- db/derby/docs/trunk/src/security/csecpref24290.dita (added)
+++ db/derby/docs/trunk/src/security/csecpref24290.dita Mon May 19 20:09:33 2014
@@ -0,0 +1,31 @@
+<?xml version="1.0" encoding="utf-8"?>
+
+<!DOCTYPE concept PUBLIC "-//OASIS//DTD DITA Concept//EN"
+ "../dtd/concept.dtd">
+<!--
+Licensed to the Apache Software Foundation (ASF) under one or more
+contributor license agreements. See the NOTICE file distributed with
+this work for additional information regarding copyright ownership.
+The ASF licenses this file to You under the Apache License, Version 2.0
+(the "License"); you may not use this file except in compliance with
+the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+-->
+<concept id="csecpref24290" xml:lang="en-us">
+<title>Audience</title>
+<shortdesc>This guide is intended for software developers who already know
+some SQL and Java.</shortdesc>
+<prolog></prolog>
+<conbody>
+<p><ph conref="../conrefs.dita#prod/productshortname"></ph> users who are
+not familiar with the SQL standard or the Java programming language will benefit
+from consulting books on those subjects.</p>
+</conbody>
+</concept>
Propchange: db/derby/docs/trunk/src/security/csecpref24290.dita
------------------------------------------------------------------------------
svn:eol-style = native
Added: db/derby/docs/trunk/src/security/csecpref29520.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/security/csecpref29520.dita?rev=1596037&view=auto
==============================================================================
--- db/derby/docs/trunk/src/security/csecpref29520.dita (added)
+++ db/derby/docs/trunk/src/security/csecpref29520.dita Mon May 19 20:09:33 2014
@@ -0,0 +1,38 @@
+<?xml version="1.0" encoding="utf-8"?>
+
+<!DOCTYPE concept PUBLIC "-//OASIS//DTD DITA Concept//EN"
+ "../dtd/concept.dtd">
+<!--
+Licensed to the Apache Software Foundation (ASF) under one or more
+contributor license agreements. See the NOTICE file distributed with
+this work for additional information regarding copyright ownership.
+The ASF licenses this file to You under the Apache License, Version 2.0
+(the "License"); you may not use this file except in compliance with
+the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+-->
+<concept id="csecpref29520" xml:lang="en-us">
+<title>About this guide</title>
+<prolog></prolog>
+<conbody>
+<p>For general information about the
+<ph conref="../conrefs.dita#prod/productshortname"></ph> documentation, such as
+a complete list of books, conventions, and further reading, see
+<ph conref="../conrefs.dita#pub/citgetstart"></ph>.</p>
+<p>For more information about
+<ph conref="../conrefs.dita#prod/productshortname"></ph>, visit the
+<ph conref="../conrefs.dita#prod/productshortname"></ph> website at
+<xref format="html" href="http://db.apache.org/derby/" scope="external"/>.
+The website provides pointers to the
+<ph conref="../conrefs.dita#prod/productshortname"></ph> Wiki and other
+resources, such as the derby-users mailing list, where you can ask questions
+about issues not covered in the documentation.</p>
+</conbody>
+</concept>
Propchange: db/derby/docs/trunk/src/security/csecpref29520.dita
------------------------------------------------------------------------------
svn:eol-style = native
Added: db/derby/docs/trunk/src/security/csecputrun.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/security/csecputrun.dita?rev=1596037&view=auto
==============================================================================
--- db/derby/docs/trunk/src/security/csecputrun.dita (added)
+++ db/derby/docs/trunk/src/security/csecputrun.dita Mon May 19 20:09:33 2014
@@ -0,0 +1,119 @@
+<?xml version="1.0" encoding="utf-8"?>
+
+<!DOCTYPE concept PUBLIC "-//OASIS//DTD DITA Concept//EN"
+ "../dtd/concept.dtd">
+<!--
+Licensed to the Apache Software Foundation (ASF) under one or more
+contributor license agreements. See the NOTICE file distributed with
+this work for additional information regarding copyright ownership.
+The ASF licenses this file to You under the Apache License, Version 2.0
+(the "License"); you may not use this file except in compliance with
+the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+-->
+<concept id="csecputrun" xml:lang="en-us">
+<title>Creating and using a secure database</title>
+<shortdesc>Now the Database Owner creates an encrypted database, turns on
+coarse-grained authorization, and creates some data that everyone can read but
+only he can write.</shortdesc>
+<conbody>
+<p>Fine-grained authorization is automatically turned on because we are using
+NATIVE authentication.</p>
+<p>Connection URLs are shown on multiple lines, but must be entered on one
+line.</p>
+<codeblock><b>java -Djavax.net.ssl.trustStore=/Users/me/vault/ClientTrustStore \
+-Djavax.net.ssl.trustStorePassword=secretClientTrustStorePassword \
+-Djavax.net.ssl.keyStore=/Users/me/vault/ClientKeyStore \
+-Djavax.net.ssl.keyStorePassword=secretClientPassword \
+org.apache.derby.tools.ij</b>
+ij version 10.9
+ij> <b>connect 'jdbc:derby://localhost:8246/mchrystaEncryptedDB;create=true;
+user=mchrysta;password=mchrysta;dataEncryption=true;
+encryptionAlgorithm=Blowfish/CBC/NoPadding;
+bootPassword=mySuperSecretBootPassword;ssl=peerAuthentication';</b>
+ij> --
+-- Prevent our authentication properties from being overridden on the
+-- command line or in derby.properties.
+--
+<b>call SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY
+( 'derby.database.propertiesOnly','true');</b>
+Statement executed.
+ij> --
+-- This time around, there is no need to add credentials for the database
+-- owner. That is because the database owner's credentials were
+-- automatically added when we created the NATIVE database, advertised to
+-- the server by setting
+-- -Dderby.authentication.provider=NATIVE:mchrystaEncryptedDB.
+--
+--call SYSCS_UTIL.SYSCS_CREATE_USER( 'mchrysta', 'mchrysta' );
+
+-- now add other users
+<b>call SYSCS_UTIL.SYSCS_CREATE_USER( 'thardy', 'thardy' );</b>
+Statement executed.
+ij> <b>call SYSCS_UTIL.SYSCS_CREATE_USER( 'jhallett', 'jhallett' );</b>
+Statement executed.
+ij> <b>call SYSCS_UTIL.SYSCS_CREATE_USER( 'tquist', 'tquist' );</b>
+Statement executed.
+ij> --
+-- Turn on coarse-grained authorization
+--
+<b>call SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY
+( 'derby.database.fullAccessUsers', 'tquist,mchrysta' );</b>
+Statement executed.
+ij> <b>call SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY
+( 'derby.database.readOnlyAccessUsers', 'thardy,jhallett' );</b>
+Statement executed.
+ij> --
+-- Shut down the database and bring it back up. This will turn on NATIVE
+-- authentication and fine-grained authorization.
+--
+<b>connect 'jdbc:derby://localhost:8246/mchrystaEncryptedDB;shutdown=true;
+user=mchrysta;password=mchrysta;ssl=peerAuthentication';</b>
+ERROR 08006: DERBY SQL error: SQLCODE: -1, SQLSTATE: 08006, SQLERRMC:
+Database 'mchrystaEncryptedDB' shutdown.
+ij> --
+-- Reboot the encrypted, password-protected database.
+--
+<b>connect 'jdbc:derby://localhost:8246/mchrystaEncryptedDB;user=mchrysta;
+password=mchrysta;bootPassword=mySuperSecretBootPassword;
+ssl=peerAuthentication';</b>
+ij(CONNECTION1)> --
+-- Create some data and let everyone see it.
+--
+<b>create table mchrysta.t1( a varchar( 20 ) );</b>
+0 rows inserted/updated/deleted
+ij(CONNECTION1)> <b>insert into mchrysta.t1( a ) values ( 'mchrysta' );</b>
+1 row inserted/updated/deleted
+ij(CONNECTION1)> <b>grant select on table mchrysta.t1 to public;</b>
+0 rows inserted/updated/deleted
+ij(CONNECTION1)> --
+-- Verify that another user can read the newly created data but not write
+-- it:
+--
+<b>connect 'jdbc:derby://localhost:8246/mchrystaEncryptedDB;user=tquist;
+password=tquist;ssl=peerAuthentication';</b>
+ij(CONNECTION2)> --
+-- Verify that this user can see the data ...
+--
+<b>select * from mchrysta.t1;</b>
+A
+--------------------
+mchrysta
+
+1 row selected
+ij(CONNECTION2)> --
+-- ... but not write the data:
+--
+<b>insert into mchrysta.t1( a ) values ( 'tquist' );</b>
+ERROR 42500: User 'TQUIST' does not have INSERT permission on table
+'MCHRYSTA'.'T1'.
+</codeblock>
+</conbody>
+</concept>
Propchange: db/derby/docs/trunk/src/security/csecputrun.dita
------------------------------------------------------------------------------
svn:eol-style = native
Added: db/derby/docs/trunk/src/security/csecputstart.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/security/csecputstart.dita?rev=1596037&view=auto
==============================================================================
--- db/derby/docs/trunk/src/security/csecputstart.dita (added)
+++ db/derby/docs/trunk/src/security/csecputstart.dita Mon May 19 20:09:33 2014
@@ -0,0 +1,44 @@
+<?xml version="1.0" encoding="utf-8"?>
+
+<!DOCTYPE concept PUBLIC "-//OASIS//DTD DITA Concept//EN"
+ "../dtd/concept.dtd">
+<!--
+Licensed to the Apache Software Foundation (ASF) under one or more
+contributor license agreements. See the NOTICE file distributed with
+this work for additional information regarding copyright ownership.
+The ASF licenses this file to You under the Apache License, Version 2.0
+(the "License"); you may not use this file except in compliance with
+the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+-->
+<concept id="csecputstart" xml:lang="en-us">
+<title>Starting a secured Network Server</title>
+<shortdesc>Bring up the server, turning on SSL and Java security.</shortdesc>
+<conbody>
+<p>This example uses the customized security policy shown in
+<xref href="rsecpolicysample.dita#rsecpolicysample"></xref>. The command line
+first brings up the server, turning on SSL and Java Security. It also tells the
+server that NATIVE credentials will be stored in the
+<codeph>mchrystaEncryptedDB</codeph> database. That last directive causes the
+<xref href="cseccsecuredbowner.dita">Database Owner</xref>'s credentials to be
+stored when <codeph>mchrystaEncryptedDB</codeph> is
+created.</p>
+<codeblock><b>java -Djavax.net.ssl.keyStore=/Users/me/vault/ServerKeyStore \
+-Djavax.net.ssl.keyStorePassword=secretServerPassword \
+-Djavax.net.ssl.trustStore=/Users/me/vault/ServerTrustStore \
+-Djavax.net.ssl.trustStorePassword=secretServerTrustStorePassword \
+-Dderby.storage.useDefaultFilePermissions=false \
+-Dderby.authentication.provider=NATIVE:mchrystaEncryptedDB \
+-Djava.security.manager \
+-Djava.security.policy=/Users/me/myServer.policy \
+org.apache.derby.drda.NetworkServerControl start -p 8246 \
+-ssl peerAuthentication</b></codeblock>
+</conbody>
+</concept>