Data security

Post questions here relative to DataStage Server Edition for such areas as Server job design, DS Basic, Routines, Job Sequences, etc.

Moderators: chulett, rschirm, roy

Post Reply
jzparad
Charter Member
Charter Member
Posts: 151
Joined: Thu Apr 01, 2004 9:37 pm

Data security

Post by jzparad »

Hi all,

The DataStage Administrator guide describes the Operator role as someone who has permission to run and manage DataStage jobs. I'm assuming that this simply means that an operator is not allowed to modify a job.

What I'm after is a way of allowing someone to run jobs, look at logs but not be able to view the data. Is this at all possible? It would seem to me not but maybe someone out there has come up with a way.


Thanks in advance.
Jim Paradies
ArndW
Participant
Posts: 16318
Joined: Tue Nov 16, 2004 9:08 am
Location: Germany
Contact:

Post by ArndW »

Since access to data is determined by a userid (an OS one or a database one) I don't think it is possible - since a user needs to read the data in order to run a job it is impossible to keep that user from reading the data outside of DS. If you implement a system using parameters and computed userids/passwords or time-dependant acces it might be possible, but it would still be capable of circumvention.
jzparad
Charter Member
Charter Member
Posts: 151
Joined: Thu Apr 01, 2004 9:37 pm

Post by jzparad »

Thanks Arnd,

I thought that might be the case but I was hoping someone out there would suggest a "sudo for Windows" type solution.
Jim Paradies
chulett
Charter Member
Charter Member
Posts: 43085
Joined: Tue Nov 12, 2002 4:34 pm
Location: Denver, CO

Post by chulett »

Curious, Jim...what do you mean by "view the data"? What data, exactly?
-craig

"You can never have too many knives" -- Logan Nine Fingers
jzparad
Charter Member
Charter Member
Posts: 151
Joined: Thu Apr 01, 2004 9:37 pm

Post by jzparad »

Curious, Jim...what do you mean by "view the data"? What data, exactly?
The data being transformed is what is called sensitive data. An example of this would be HR information about employees. The customer wants to be able to have operators (perhaps even from offshore companies) run the jobs and view the logs but they do not want these operators to actually view the data that is being transformed. This means that they should not be able to go to the actual data files and open them. In the case of database tables, they should be prevented from loging in to the database and viewing the actual tables.
Jim Paradies
ameyvaidya
Charter Member
Charter Member
Posts: 166
Joined: Wed Mar 16, 2005 6:52 am
Location: Mumbai, India

Post by ameyvaidya »

Jim,
Viewing of data through Datastage is not possible through Director (Atleast I havent figured out a way of doing it).

As far as securing the file locations and database connections, they can be stored as encrypted user-defined environment variables.

So if only director is installed on the operators' workstations, they should not have access to any data..
Amey Vaidya<i>
I am rarely happier than when spending an entire day programming my computer to perform automatically a task that it would otherwise take me a good ten seconds to do by hand.</i>
<i>- Douglas Adams</i>
ray.wurlod
Participant
Posts: 54607
Joined: Wed Oct 23, 2002 10:52 pm
Location: Sydney, Australia
Contact:

Post by ray.wurlod »

I think, if you install with the Operator's licence (xxxxxx-DSDIR) on the Operator's PC, you will get pretty much exactly what you want. The Operator role only allows the running of released jobs (at least up to version 7.0) and does not allow viewing of log entries that might contain data (unless this is explicitly permitted via a check box in the Administrator client).
IBM Software Services Group
Any contribution to this forum is my own opinion and does not necessarily reflect any position that IBM may hold.
jzparad
Charter Member
Charter Member
Posts: 151
Joined: Thu Apr 01, 2004 9:37 pm

Post by jzparad »

Viewing of data through Datastage is not possible through Director (Atleast I havent figured out a way of doing it).
I think, if you install with the Operator's licence (xxxxxx-DSDIR) on the Operator's PC, you will get pretty much exactly what you want. The Operator role only allows the running of released jobs (at least up to version 7.0) and does not allow viewing of log entries that might contain data (unless this is explicitly permitted via a check box in the Administrator client).


I think I left out one important detail in explaining the problem. The environment is Windows and everyone uses Terminal Service to connect remotely to the box. This includes developers and operators. This means that everyone has access to OS level files.

However, I think that your solution is probably the best we'll get. We are just going to have to insist that the operators use remote clients to run the jobs.


Thanks everyone for your input.
Jim Paradies
Post Reply