虽然MDMServer将终端用户认证委托给系统用户,但是它必须知道终端用户的身份,以提供事务性授权和数据授权。
Although the MDM Server entrusts end user authentication to the system user, it is necessary for it to know the identity of the end user in order to provision transactional and data authorization.
这包括识别、认证、授权、访问控制、数据屏蔽、审计和加密。
This includes identification and authentication, authorization, access control, data masking, auditing, and encryption.
用户标识必须传播到服务中,并用于授权数据访问。
User identity must be propagated into services and used to authorize data access.
加密与认证和授权没有直接的关系,但是,在保护传输中的或静止的数据不受未经授权用户访问的时候,它也是一个重要的方面。
Encryption is not directly related to authentication and authorization but is an important aspect of protecting data, during transit or at rest, from unauthorized users.
而且,在这个模型中,授权数据已经与认证数据分隔开了,这样,授权数据就应该不用嵌入认证令牌中了。
Also in this model, authorization data has been separated from the authentication information so authorization data should not be embedded in authentication tickets.
防止对数据进行未授权的访问和更改。
Data must be protected from unauthorized access and modification.
这个模型将篡改授权数据的风险降至了最低,因此服务器不用花费大量的时间来验证数据了。
The model minimizes the risk of tampering with the authorization data so that servers do not spend more time in verifying the data.
在本文中,我将谈到数据安全性的机密性方面:确保受保护的数据只能被授权用户或系统访问。
In this article, I will address the confidentiality aspect of data security: Making sure protected data can only be accessed by authorized people or systems.
系统应该提供相应的机制,以便使用自行管理环境中的用户数据对用户进行身份验证,并使用按需环境中的访问控制数据进行授权。
The system should provide mechanisms to authenticate users with user data residing in the on-premise environment, and authorize with access control data residing in an on-demand environment.
它可以对一些数据库事件,例如授权检查、数据库对象维护、安全性维护、系统管理和用户验证等做日志记录。
It is capable of logging database events such as authorization checking, database object maintenance, security maintenance, system administration, and user validation.
用户映射定义本地数据库(MYSAMPLE)中的授权ID如何映射到远程数据库(SAMPLE)中的授权id。
The user mapping defines how the authorization ID at the local database (MYSAMPLE) is mapped to an authorization ID at the remote database (SAMPLE).
系统授权id:这是表示建立数据库连接的用户的授权id。
System authorization ID: This is the authorization ID representing the user who establishes a database connection.
数据访问服务基于授权和限制(策略和访问规则)来提供或阻止数据访问。
Data access services provide or prevent access to data based on authorizations and restrictions (policies and rules for access).
为了找到有效数据库授权ID,需要确保外部用户就是所声称的用户,然后将其外部用户ID映射到内部DB 2授权ID。
In order to find the effective database authorization ID, you need to ensure that the external user is who they say they are, and then map their external user ID to an internal DB2 authorization ID.
步骤5:通过提供XKMS密钥数据和授权信息,创建XKMSRegister对象的一个实例。
Step 5: Create an instance of the XKMSRegister object by providing the XKMS key data and authorization information.
MDMServer提供了很多功能,可以解决主数据架构的认证、授权和审计需求。
MDM Server provides many capabilities to address a master data architecture's authentication, authorization, and audit needs.
根据上述业务需要,可以设置LDAP服务器,使之管理以下业务授权数据。
Based on the business needs above, you can set up your LDAP server to manage the following transaction authorization data.
可以构造很多其他的查询来检索授权数据。
There are many other queries that you can construct to retrieve authorization data. Here are two more examples.
数据可以传送到用户授权的其它Firefox实例上。
The data can then be relayed to other instances of Firefox that are authorized by the user.
未经授权的访问——获得对Web服务或其数据的未经授权的访问。
Unauthorized access — Gaining unauthorized access to a Web service or its data.
终端用户只能访问授权给他们的数据集市,而非所有的数据仓库数据。
End users can only access the data mart granted to them, not all data warehouse data.
通过支持对象、数据和授权迁移来支持数据库迁移场景。
Supports object, data, and authorization migration in support of database migration scenarios.
这可确保用户无法访问未经授权的数据。
默认角色和默认策略共同构成默认授权:多维数据集上针对没有显式访问规则的用户的隐式访问规则。
Together, the default role and default policy make up the default authorization: the implicit rule of access on the cube for users with no explicit rule of access.
授权策略数据库包含域内所有资源的表示。
The authorization policy database contains a representation of all resources in the domain.
取决于应用程序复杂性,或许可以开发一个使用元数据描述授权规则的自定义框架,以自动将安全更改应用到SQL。
Depending on the application complexity, it may be feasible to develop a custom framework that USES metadata to describe authorization rules and applies security changes to the SQL automatically.
关于这些数据库授权级别的更多信息,请参阅DB 2UD b文档(参见参考资料)。
More information about these database authority levels can be found in the DB2 UDB documentation see Resources.
当数据网格安全启用时,只有经过授权的用户才能访问数据网格中的数据。
When data grid security is enabled, only authorized users can access data in the data grid.
只有当每个用户都有一个单独的数据库授权ID时,才可能出现那样的应用程序与用户ID之间的映射。
Such a mapping between application and user ID is only possible if each user has a separate database authorization ID.
只有当每个用户都有一个单独的数据库授权ID时,才可能出现那样的应用程序与用户ID之间的映射。
Such a mapping between application and user ID is only possible if each user has a separate database authorization ID.
应用推荐