Security features fall into three categories that are important to IoT.
We need to concentrate on how each of these is important to IoT concerns.
1. Connection Security
Informix server always requires that you have permission to connect to the database server. The first step in connecting to the server is to identify yourself by giving your username. The Informix server must recognize you as a valid user or else the connection will fail. The recognition of your username also provides the server information on how to validate your access.
Note that in some of the connection software, CSDK, JDBC, etc. that you don’t always directly specify a username. In these cases, the username comes from the username of your process.
There are two basic ways that the Informix server authenticates users:
A. You have access because you are on a trusted machine.
There are several different ways to make a machine trusted:
Note that you can use the INFORMIXSQLHOSTS file to control this access. In the options column (column 4), you can specify a s=0,1,2,3 value.
s=0 do not use either hosts.equiv or .rhosts.
s=1 use hosts.equiv but not .rhosts
s=2 use .rhosts but not hosts.equiv
s=3 (default) use both hosts.equiv and .rhosts
B. You must supply a password
The password you supply can be authenticated several different ways depending on whether you are a database user (user created with CREATE USER … statement) or an OS user. Note that if you are a database user and your name is the same as an OS user, the database user properties will apply to you.
Authenticate as a database user by supplying the password that was included in the CREATE USER … statement or (ALTER USER … to change the password).
Authenticate as an OS user by supplying the OS password for the user.
Authenticate using PAM. This is the most flexible authentication method. To make the authentication exactly the same as login to the machine (i.e. expired passwords, locked accounts) use PAM with the ‘login’ service. i.e. use s=4,pam_serv=login,pamauth=password.
Informix offers two ways to do this:
2. Data Security
Informix Server provides two ways to encrypt data:
A. Encryption at Rest
Encryption at rest can only be enabled at server initialization. To use Encryption at Rest you must set the DISK_ENCRYPTION parameter in the ONCONFIG file.
The value of this parameter must contain the name of the keystore and optionally which encryption method to use. Informix server supports AES128 (default), AES192, and AES256.
E.g. DISK_ENCRYPTION keystore=servername,cipher=aes128
B. Column Level Encryption (CLE)
CLE provides functions to encrypt and decrypt your data. There are two encrypt functions, ENCRYPT_AES and ENCRYPT_TDES. You can encrypt every entry in a table with the same password or use a different password for each row. Note that because each value is ‘slated’ before it is encrypted, that you cannot have an index on a CLE column.
For the CLE column, you need to determine how many characters wide the column needs to be. There is a formula included in the CLE description but the easy way is to take an example of your longest data and use the length() function to tell you the answer, e.g.
execute function length(encrypt_aes("This is my data", "p@ssw0rd"));
So for this case you could use char(43) for your CLE column.
Also, the documentation for CLE says that it only works for character-type columns. While this is true, there are builtin casts for integers and float types to character. So, the following works:
Create table cletab(clecol char(43));
Insert into cletab values(encrypt_aes(1234567890, “p@ssw0rd”));
Select decrypt_char(clecol) from cletab;
Note that the returned result is a character string, not an integer.
Please see the documentation on CLE for more details.
3. Transaction Security
A. Backup and Restore
Informix provides two utilities for backing up and restoring database server data. Both utilities backup and restore storage spaces and logical logs. However, they support different features and it is important to know the differences.
ON-Bar backs up and restores storage spaces (dbspaces) and logical files, by using a storage manager, whereas ontape does not use a storage manager.
A recovery system, which includes backup and restore systems, enables you to back up your database server data and later restore it if your current data becomes corrupted or inaccessible. Please see the Backup and Restore guide.
Auditing creates a record of selected activities that users perform. An audit administrator who analyzes the audit trail can use these records for the following purposes:
Auditing is based on the notion of audit events and audit masks. Audit masks represent events that can be audited, e.g. Create Table (CRTB). Audit masks are one or more audit events that you wish to audit. An audit mask is assigned to a user (or group of users). The audit mask determines which audit events are audited for that user.
In a normal running system, 95%+ of all audit events are the four events for a row, i.e. read row (RDRW), insert row (INRW), update row (UPRW) and delete row (DLRW). For these events you can choose which tables will or will not be included in the audit logs. This set of events is called ROW level auditing.
Audit is controlled by the adtcfg file in the INFORMIXDIR/aaodir directory. After you server reads this file it will write a new file named adtcfg.nn, where nn is the DBSERVERNUM from the ONCONFIG file. This is so that if you have multiple Informix servers using the same INFORMIXDIR that the adtcfg information is separate for each instance. You can edit this file before you start the server or you can use the onaudit utility to configure and print audit configuration.
There are five entries in the adtcfg file:
onshowaudit -n nn is the utility to print the contents of the audit log files. Various options are available to format and limit the output. For example, if you were interested in the actions of a particular user, you could use ‘onshowaudit -n nn -u username’ to print only those entries.
Note that whenever an audit log file fills up and a new one is created, a server alarm is generated. You can use the ALARMPROGRAM to immediately save or process audit log files if necessary.
For more information on Informix auditing see the Informix Server Secure Auditing Facility.
Other Online Informix Security Documentation:
Informix Server v12.10 documentation.
Security in Informix documentation - Security
Informix + security white paper or book - Redbook
Presentations on Slideshare.
Comment below with any questions.
Senior Software Engineer
Connect with me on LinkedIn