Manualshelf

TurboIMAGE/XL Database Management System Reference Manual MPE/iX V6.5 (30391-90011)

ManualsBrandsHP ManualsSoftwareMPE/iX 6.5 Operating System
51525354555657585960
Chapter 2 51
Database Structure and Protection
Protecting the Database
Defining Database Security
After the data items, data sets, and paths for the database have been defined, database
security can be addressed. Defining security involves the following two steps:
1. Defining user classes and passwords
2. Setting up read and write class lists
User Classes and Passwords
Consider who will be using the database. Do all users perform the same tasks or are the
tasks varied? Do all users need to read and update the same data items? The answers to
these questions will help define how many user classes are needed.
For each type of user, define a password and user class number. Each user class is
identified by an integer from 1 to 63. Because more than one user at a time can use the
same password, you may only need to define a few passwords for your database. You may
want to relate the user class number to the user's job position; for example, the ORDERS
database is defined with these user classes and passwords:
When you initiate access to the database, you must supply a password to establish the user
class. If the password is null or does not match any password defined for the database, the
user class assigned is zero which has read access to unprotected data sets.
NOTE
Because user class 0 has read access, calls requiring read access to an item or
set will complete successfully (condition word 0) even if an invalid password
was supplied.
The database creator does not need to supply a password. If you are the logged on as the
database creator and enter a semicolon in place of a password, you are granted full access
to all data sets in the database. TurboIMAGE/XL uses the number 64 to identify the
database creator and the numbers 0 to 63 to identify all others.
Read and Write Class Lists
After you have defined user classes and passwords, define the type of access allowed by
each password to the data items and data sets in the database. Establish security in the
schema by including or excluding the user class numbers in the read or write class list of
the data items and data sets, or by omitting a user class list entirely. Omitting a user class
list (known as an absent list) has the same effect as including all user classes, including
user class 0, in the read class list.
User Class Password
11 CREDIT;
12 BUYER;
13 SHIP-REC;
14 CLERK;
18 DO-ALL;