15.10 - Extensible Authentication, Authorization, and Encryption - ODBC Driver for Teradata

ODBC Driver for Teradata User Guide

ODBC Driver for Teradata
User Guide

Authentication is the indisputable establishment of identities between two mutually suspicious parties when faced with adversaries with a malicious intent. In other words, authentication answers a very simple question: Who are you?

In research literature, authentication is defined as a proof of authenticity; it determines if the source of a message is genuine. Authentication says nothing about capabilities; that is, it does not determine if a source has the right to access certain resources within the destination.

User authentication in Teradata Database using ODBC Driver for Teradata uses the following mechanisms:

  • Conventional Teradata Mechanism – consists of a username and a password, which are validated by the database during logon. This is sometimes referred to as CSO.
  • SSO – the system is trusted, and the user is logged on without providing a username and password. The user's identity, which is obtained through a network or domain login, is transmitted to Teradata and verified.
  • SSO is only supported when the server is running Windows and the client running a Windows version supporting SSPI. SSO is supported using NTLM or Kerberos as the authentication mechanism.

    The Extensible User Authentication feature expands these authentication mechanisms to include LDAP, Teradata-defined, and other user-defined mechanisms. It also provides support for Kerberos on all platforms that support Kerberos.