16.10 - About Quality of Protection - Teradata Database

Teradata Database Security Administration

prodname
Teradata Database
vrm_release
16.10
created_date
June 2017
category
Administration
Security
featnum
B035-1100-161K

Quality of Protection (QOP) determines the strength of the algorithm used to:

  • Encrypt message traffic between a Teradata Database and its clients (confidentiality)
  • Calculate the check sum that protects message data from being altered during transmission (integrity checking)

The system applies QOP to a session based on the client Legacy TeraGSS version (see Legacy TeraGSS), applicable security policy, and whether confidentiality or integrity are explicitly requested by the client, as shown in the following table. Also see Network Security Policy.

Teradata Database Release QOP Policy Applies Teradata Client (Legacy TeraGSS) Release Client Logon Result
14.10 Yes 13.10 and before The logon fails because the Legacy TeraGSS version does not support QOP policy.
14.0
14.10 The system examines any applicable QOP policy and the DEFAULT QOP and uses the strongest QOP.
No 13.10 and before If the client requests confidentiality, the system uses the LEGACY QOP.
14.0 and up If the client requests confidentiality, the system uses the DEFAULT QOP.
The DEFAULT QOP is initially set to AES-K128, but you can change the encryption algorithm. See QOP Configuration Options.