16.10 - Configuring an Integrity QOP Policy - Teradata Database

Teradata Database Security Administration

prodname
Teradata Database
vrm_release
16.10
created_date
June 2017
category
Administration
Security
featnum
B035-1100-161K

Integrity is an automated checksum routine that the system uses to guarantee that data is not altered during transmission between a Teradata Database system and its clients.

You can create a integrity policies that require use of a specific hash algorithm for the checksum routine, and apply the policies by user, profile, or network group.

If a session subject to an Integrity or Confidentiality QOP uses the Kerberos authentication mechanism (which does not support QOP policy), the system enforces the use of integrity, but it ignores the QOP algorithm specified in the policy and uses the algorithm provided by Kerberos.


To configure an integrity QOP policy:

  1. Examine the TdgssUserConfigFile.xml and make sure that the QOP entries are enabled and set according to your requirements. See Working with Quality of Protection Options.
  2. Create the integrity QOP container. See Creating the integ-qops Container.
  3. Create the needed integrity QOP objects. See Creating Integrity QOP Objects in the integ-qops Container.
  4. Add members to each integrity QOP to apply QOP policy. Assigning Members to an Integrity QOP Policy.
  5. Optionally remove members from an integrity QOP. See Removing Members from an Integrity QOP.