how to limit data access on AS400 through ODBC, client access or Sequel viewpoint product

5 pts.
Tags:
AS/400
Data access
iSeries Access
ODBC
SEQUEL ViewPoint
[strong]User profiles are assigned a group on our iSeries, and the group has object authority to the data files. What data they can actually see and update is controlled by the application, limited by menu travel and other security parameters built into the system. My issue is with Client Access, ODBC or 3rd party SEQUEL VIEWPOINT product. The users have access to the data based on the group profile assigned to the objects but when using ODBC, etc. they can access the data in an uncontrolled manner.  Is there any documentation out there on the proper way to setup database security to allow update authority on the data within the applications but to limit authority when data is being accessed by 3rd party apps like SEQUEL VIEWPOINT or an ODBC connection. [/strong]

Software/Hardware used:
AS400,ISERIES

Answer Wiki

Thanks. We'll let you know when a new response is added.

Is there any documentation out there on the proper way to setup database security to allow update authority on the data within the applications but to limit authority when data is being accessed by 3rd party apps like SEQUEL VIEWPOINT or an ODBC connection.

Yes. It’s in the Information Center for your OS version/release level. For i5/OS V5R4, for example, you should start by reading the Exit Programs topic and topics around it.

If you cannot set up proper database object authority, then exit programming is just about your only choice (short of product purchases). When network access is allowed, database authorities should be encapsulated in program objects that adopt *OWNER authority. Normal user profiles, and their group profiles, should not have authority across a network to database objects unless you want them to have such authority.

{Disclaimer: My employer is a vendor of exit program products. Further, the parent company of my employer is also the parent company of the SEQUEL product line.}

Tom

Discuss This Question: 3  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Lovemyi
    The best product is by far is PowerTech's Network Security for locking down the exit points for DDM, FTP, ODBC and a host of others. You can get as granular as you like or only report access though it's built in audiing capability or lock down access comlpetely to someone using ODBC that has full access to the data. The only other option I know of is to write your own exit point programs. Lovemyi
    2,310 pointsBadges:
    report
  • RSB
    [...] How to limit data access on AS/400 through ODBC, client access or SQL viewpoint product [...]
    0 pointsBadges:
    report
  • ODBC
    How to restrict exaxtly file name as we want to data access AS400 through ODBC
    35 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following