Derby can be
deployed in a number of ways and in a number of different environments. The
security needs of the Derby system
are also diverse.
Derby supplies or supports
the following optional security mechanisms:
user names and passwords before permitting them access to the Derby system.
A means of granting specific users permission
to read a database or to write to a database.
A means of encrypting Derby data
stored on disk.
Validation of certificates for signed jar files
validates certificates for classes loaded from signed jar files.
Network encryption and authentication
network traffic may be encrypted with SSL/TLS. SSL/TLS certificate
authentication is also supported. See "Network encryption and authentication with SSL/TLS" in the
Java DB Server and Administration Guide for
The following figure shows some of the Derby security
mechanisms at work in a client/server environment. User authentication is
performed by accessing an LDAP directory service. The data in the database
is not encrypted in this trusted environment.
Figure 1. Using an LDAP directory service in a trusted
The following figure shows how another Derby security
mechanism, disk encryption, protects data when the recipient might not know
how to protect data. It is useful for databases deployed in an embedded
Figure 2. Using disk encryption to protect data
Configuring security for your environment
In most cases, you enable Derby's security features through the use of properties. It is important to understand the best way of setting properties for your environment.
Working with user authentication
Derby provides support for user authentication and user authorization. User authentication means that Derby authenticates the name and password for a user before allowing that user access to the system. User authorization allows access to a particular database. You are strongly urged to implement both authentication and authorization on any multi-user database used in production.
Users and authorization identifiers
User names within the Derby system are known as authorization identifiers. The authorization identifier is a string that represents the name of the user, if one was provided in the connection request.
When you specify user authorizations, Derby verifies that a user has been granted permission to access a system, database, object, or SQL action.
Signed jar files
In a Java 2 environment, Derby can detect digital signatures on jar files. When attempting to load a class from a signed jar file stored in the database, Derby will verify the validity of the signature.
Running Derby under a security manager
When running within an application or application server with a Java 2 Security Manager enabled, Derby must be granted certain permissions to execute and access database files.