QPR Knowledge Base

Database Security

Hide Navigation Pane

Database Security

Previous topic Next topic No expanding text in this topic  

Database Security

Previous topic Next topic JavaScript is required for expanding text Mail us feedback on this topic!  

Comments (...)

Red lines in the following image illustrate the database security issues discussed on this chapter.

 

pic_db_security

Database Security in QPR ScoreCard System

 

As mentioned in the overview, the QPR ScoreCard System needs to be configured to allow only a few connections to the database - the rest of the work is handled by user administration.

 

When connecting to the database, the system uses the basic authentication methods provided by ODBC-compliant database vendors.

 

 

QPR ScoreCard Server

 

The QPR ScoreCard Server needs one database user the context of which it uses when connecting to the database. This user must have full (INSERT, UPDATE and SELECT) access to every table in the QPR database.

 

 

Reporting Components

 

Third-party reporting components used for QPR ScoreCard reporting require read (SELECT) access to the QPR database tables. Additional security can be reached by denying access to certain tables that are not necessary for the reports (i.e. SC_USER).

Comments (...)