Configuring an Integrity QOP Policy | Teradata Vantage - Configuring an Integrity QOP Policy - Advanced SQL Engine - Teradata Database

Security Administration

Product
Advanced SQL Engine
Teradata Database
Release Number
17.10
Published
July 2021
Language
English (United States)
Last Update
2022-02-15
dita:mapPath
ppz1593203596223.ditamap
dita:ditavalPath
wrg1590696035526.ditaval
dita:id
B035-1100
lifecycle
previous
Product Category
Teradata Vantageā„¢

Integrity is an automated checksum routine that the system uses to guarantee that data is not altered during transmission between a Teradata Vantage system and its clients.

You can create a integrity policies that require use of a specific hash algorithm for the checksum routine, and apply the policies by user, profile, or network group.

If a session subject to an Integrity or Confidentiality QOP uses the Kerberos authentication mechanism (which does not support QOP policy), the system enforces the use of integrity, but it ignores the QOP algorithm specified in the policy and uses the algorithm provided by Kerberos.


To configure an integrity QOP policy:

  1. Examine the TdgssUserConfigFile.xml and make sure that the QOP entries are enabled and set according to your requirements. See Working with Quality of Protection Options.
  2. Create the integrity QOP container. See Creating the integ-qops Container.
  3. Create the needed integrity QOP objects. See Creating Integrity QOP Objects in the integ-qops Container.
  4. Add members to each integrity QOP to apply QOP policy. Assigning Members to an Integrity QOP Policy.
  5. Optionally remove members from an integrity QOP. See Removing Members from an Integrity QOP.