Home | Previous Page | Next Page   Audit Administration > Administrative Roles and Role Separation >

Database System Security Officer

The DBSSO is a system administrator who performs all the routine tasks related to maintaining the security of a database server. These tasks include the following actions:

The DBSSO performs these tasks with the onaudit utility. For information, see The onaudit Utility.

The DBSSO role is supported by a designated account and software. To use the audit tools, the users who fill the DBSSO role must log into the designated account and meet access-control requirements. After the DBSSO users meet the access-control requirements and use the administrative software, their actions can be audited.

Tip:
A DBSSO on UNIX is any user who belongs to the group that owns $INFORMIXDIR/dbssodir. On Windows, the administrator uses registry settings, through the Role Separation dialog box that appears during installation, to specify DBSSO users.

Important:
The onaudit utility can create a potential threat to the security of the database server. An unscrupulous user can abuse a DBSSO account, for example, by turning off auditing for a specific user. To reduce this risk, all actions taken through onaudit should be audited.
Home | [ Top of Page | Previous Page | Next Page | Contents | Index ]