17.20 - System Processing of Confidentiality and Integrity QOP Policies - Analytics Database - Teradata Vantage

Teradata Vantage™ - Analytics Database Security Administration - 17.20

Deployment
VantageCloud
VantageCore
Edition
Enterprise
IntelliFlex
VMware
Product
Analytics Database
Teradata Vantage
Release Number
17.20
Published
June 2022
Language
English (United States)
Last Update
2023-03-07
dita:mapPath
hjo1628096075471.ditamap
dita:ditavalPath
qkf1628213546010.ditaval
dita:id
zuy1472246340572

The system enforces confidentiality or integrity policy as a result of a:

  • Client request for confidentiality or integrity
  • QOP policy assigned to the user, IP address, profile, or host group for the session

When only a client request for confidentiality is in effect, the system uses the DEFAULT QOP.

If a session is subject to multiple QOP security policies, the system determines the session security policy and QOP according to the following hierarchy, where the higher number and letter always takes precedence:

  1. No applicable policy
    This is the only policy condition that allows a logon from a pre-14.10 client.
  2. Clear text
    This policy condition occurs only when the has-policy Option applies to a session, but no other client request or policy for confidentiality or integrity applies.
  3. Integrity
    1. Default QOP
    2. Low QOP
    3. Medium QOP
    4. High QOP
  4. Confidentiality
    1. Default QOP
    2. Low QOP
    3. Medium QOP
    4. High QOP