17.10 - Mechanism QOPs - Advanced SQL Engine - Teradata Database

Teradata Vantage™ - Advanced SQL Engine Security Administration

Product
Advanced SQL Engine
Teradata Database
Release Number
17.10
Release Date
July 2021
Content Type
Administration
Security
Publication ID
B035-1100-171K
Language
English (United States)

Each applicable mechanism contains QOP options that can be set for that mechanism in the TdgssUserConfigFile.xml. The following example shows the TdgssUserConfigFile.xml for a fresh install.

For an explanation of QOP options and instructions on making QOP settings, see Working with Quality of Protection Options.

       <!-- Teradata Method 2 (uses AES) -->
       <Mechanism Name="TD2">
            <!-- DHKeyP and DHKeyG are for legacy (pre-14.0) use only -->
            <MechanismProperties
                ...
                />
            <!-- To update security uncomment one or more QOPs and edit. -->
            <!-- DEFAULT QOP 
            <MechQop Value="Default">
                 AES-K128_GCM_PKCS5Padding_SHA2_DH-K2048
                 AES-K128_CBC_PKCS5Padding_SHA1_DH-K2048
                 AES-K192_GCM_PKCS5Padding_SHA2_DH-K2048
                 AES-K192_CBC_PKCS5Padding_SHA1_DH-K2048
                 AES-K256_GCM_PKCS5Padding_SHA2_DH-K2048
                 AES-K256_CBC_PKCS5Padding_SHA1_DH-K2048
            </MechQop>
            -->
            <!-- LOW SECURITY QOP
            <MechQop Value="Low">
                AES-K128_CBC_PKCS5Padding_SHA1_DH-K2048
            </MechQop>
            -->
            <!-- MEDIUM SECURITY QOP
            <MechQop Value="Medium">
                AES-K192_CBC_PKCS5Padding_SHA1_DH-K2048
            </MechQop>
            -->
            <!-- HIGH SECURITY QOP
            <MechQop Value="High">
                AES-K256_CBC_PKCS5Padding_SHA1_DH-K2048
            </MechQop>
            -->
        </Mechanism>