Informix Guide to SQL: Tutorial

Informix Guide to SQL: Tutorial
Chapter 11: Granting and Limiting Access to Your Database

Home Contents Index Master Index New Book

Securing Confidential Data

No matter what access controls the operating system gives you, when the contents of an entire database are highly sensitive, you might not want to leave it on a public disk that is fixed to the computer. You can circumvent normal software controls when the data must be secure.

When you or another authorized person is not using the database, it does not have to be available on-line. You can make it inaccessible in one of the following ways, which have varying degrees of inconvenience:

Detach the physical medium from the computer, and take it away. If the disk itself is not removable, the disk drive might be removable.
Copy the database directory to tape, and take possession of the tape.
Use an encryption utility to copy the database files. Keep only the encrypted version.

In the latter two cases, after making the copies, you must remember to erase the original database files using a program that overwrites an erased file with null data.

Instead of removing the entire database directory, you can copy and then erase the files that represent individual tables. Do not overlook the fact that index files contain copies of the data from the indexed column or columns. Remove and erase the index files as well as the table files.

Informix Guide to SQL: Tutorial, version 9.1
Copyright © 1998, Informix Software, Inc. All rights reserved.