DOCSLIB.ORG

SAP IQ Administration: User Management and Security Company

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
SAP IQ Administration: User Management and Security Company ADMINISTRATION GUIDE | PUBLIC SAP IQ 16.1 SP 04 Document Version: 1.0.0 – 2019-04-05 SAP IQ Administration: User Management and Security company. All rights reserved. All rights company. affiliate THE BEST RUN 2019 SAP SE or an SAP SE or an SAP SAP 2019 © Content 1 Security Management........................................................ 5 1.1 Plan and Implement Role-Based Security............................................6 1.2 Roles......................................................................7 User-Defined Roles.........................................................8 System Roles............................................................ 30 Compatibility Roles........................................................38 Views, Procedures, and Tables That Are Owned by Roles..............................38 Display Roles Granted......................................................39 Determining the Roles and Privileges Granted to a User...............................40 1.3 Privileges..................................................................40 Privileges Versus Permissions.................................................41 System Privileges......................................................... 42 Object-Level Privileges......................................................64 System Procedure Privileges..................................................81 1.4 Passwords.................................................................85 Password and user ID Restrictions and Considerations...............................86 Granting the CHANGE PASSWORD System Privilege to a User..........................86 Revoking the CHANGE PASSWORD System Privilege from a User........................88 Changing a Password – Single Control...........................................90 Dual Control Password Management Option.......................................91 Changing a Password – Dual Control............................................93 1.5 Impersonation..............................................................94 Requirements for Impersonation...............................................95 Granting the SET USER System Privilege to a User..................................98 Starting to Impersonate Another User..........................................100 Verifying the Current Impersonation Status of a User................................101 Stopping Impersonation of Another User........................................102 Revoking the SET USER System Privilege from a User...............................103 1.6 Users....................................................................104 Default (DBA) User........................................................105 Superuser.............................................................. 111 Increase Password Security..................................................111 Password and user ID Restrictions and Considerations...............................112 Case-Sensitivity of User IDs and Passwords.......................................112 Creating a New User.......................................................113 Deleting a User...........................................................113 SAP IQ Administration: User Management and Security 2 PUBLIC Content Changing a User's Password................................................. 114 Converting a User-Extended Role Back to a User...................................115 Permanently Locking a User Account...........................................116 Unlocking User Accounts....................................................117 Automatic Unlocking of User Accounts..........................................118 1.7 Login Policies.............................................................. 119 Login Policy Options.......................................................120 LDAP Login Policy Options.................................................. 122 Modifying the Root Login Policy...............................................123 Creating a New Login Policy..................................................124 Modifying an Existing Login Policy.............................................125 Deleting a Login Policy..................................................... 126 Assigning a Login Policy When Creating a New User.................................126 Assigning a Login Policy to an Existing User.......................................127 1.8 User Connections...........................................................127 Preventing Connection After Failed Login Attempts.................................128 Creating a DBA Recovery Account.............................................130 Logging In with a DBA Recovery Account........................................130 Manage Connections Using Stored Procedures....................................130 Manage Resources Used by Connections........................................ 131 1.9 Security with Views and Procedures..............................................132 Views Provide Tailored Security...............................................133 Use Procedures to Provide Tailored Security......................................136 1.10 Data Confidentiality..........................................................139 Database encryption and decryption...........................................139 IPv6 Support............................................................144 How to Set Up Transport Layer Security.........................................145 Digital certificates........................................................ 146 1.11 Utility Database Server Security.................................................152 Defining the Utility Database Name When Connecting...............................152 Defining the Utility Database Password..........................................153 Permission to Execute File Administration Statements...............................154 1.12 Data Security..............................................................155 System Secure Features....................................................155 1.13 Data Protection and Privacy in SAP IQ.............................................158 Deletion of Personal Data....................................................161 2 External Authentication..................................................... 163 2.1 LDAP User Authentication with SAP IQ............................................163 License Requirements for LDAP User Authentication................................164 About the LDAP Server Configuration Object..................................... 164 Failover Capabilities When Using LDAP User Authentication...........................165 SAP IQ Administration: User Management and Security Content PUBLIC 3 Enabling LDAP User Authentication............................................165 Managing the LDAP Server Configuration Object with SAP IQ..........................175 Managing LDAP User Authentication Login Policy Options............................190 Manage Users and Passwords with LDAP User Authentication.........................194 Displaying Current Status Information for a User...................................195 Displaying Current State for an LDAP Server Configuration Object......................195 2.2 Kerberos user authentication...................................................195 Kerberos clients..........................................................197 Setting up a Kerberos system................................................198 Configuring SAP IQ databases to use Kerberos (SQL)...............................199 Connections from an SAP Open Client or jConnect application.........................201 Connecting using SSPI for Kerberos logins on Windows..............................201 Troubleshooting: Kerberos connections.........................................202 Security: Use login modes to secure the database..................................204 2.3 Licensing Requirements for Kerberos.............................................205 2.4 PAM User Authentication......................................................205 Enabling PAM User Authentication............................................ 206 Sample PAM Authorization Program...........................................206 Sample PAM Configuration..................................................208 3 Advanced Security Options in SAP IQ...........................................209 3.1 Column Encryption in SAP IQ...................................................209 Licensing Requirements for Column Encryption................................... 210 Definitions of Encryption Terms...............................................210 Data Types for Encrypted Columns............................................ 210 LOAD TABLE ENCRYPTED Clause.............................................213 String Comparisons on Encrypted Text..........................................215 Database Options for Column Encryption........................................215 Encryption and Decryption Example............................................217 3.2 Kerberos Authentication Support in SAP IQ.........................................223 Licensing Requirements for Kerberos.......................................... 223 3.3 LDAP User Authentication Support in SAP IQ....................................... 223 License Requirements for LDAP User Authentication................................223 SAP IQ Administration: User Management and Security 4 PUBLIC Content 1 Security Management SAP IQ provides a role-based security model for controlling access
Load more

Recommended publications
  • *** Check Constraints - 10G
    *** Check Constraints - 10g *** Create table and poulated with a column called FLAG that can only have a value of 1 or 2 SQL> CREATE TABLE check_const (id NUMBER, flag NUMBER CONSTRAINT check_flag CHECK (flag IN (1,2))); Table created. SQL> INSERT INTO check_const SELECT rownum, mod(rownum,2)+1 FROM dual CONNECT BY level <=10000; 10000 rows created. SQL> COMMIT; Commit complete. SQL> exec dbms_stats.gather_table_stats(ownname=>NULL, tabname=>'CHECK_CONST', estimate_percent=> NULL, method_opt=> 'FOR ALL COLUMNS SIZE 1'); PL/SQL procedure successfully completed. *** Now perform a search for a value of 3. There can be no such value as the Check constraint only permits values 1 or 2 ... *** The exection plan appears to suggest a FTS is being performed (remember, there are no indexes on the flag column) *** But the statistics clearly show no LIOs were performed, none SQL> SELECT * FROM check_const WHERE flag = 3; no rows selected Execution Plan ---------------------------------------------------------- Plan hash value: 1514750852 ---------------------------------------------------------------------------------- | Id | Operation | Name | Rows | Bytes | Cost (%CPU)| Time | ---------------------------------------------------------------------------------- | 0 | SELECT STATEMENT | | 1 | 6 | 0 (0)| | |* 1 | FILTER | | | | | | |* 2 | TABLE ACCESS FULL| CHECK_CONST | 1 | 6 | 6 (0)| 00:00:01 | ---------------------------------------------------------------------------------- Predicate Information (identified by operation id): ---------------------------------------------------
    [Show full text]
  • Chapter 10. Declarative Constraints and Database Triggers
    Chapter 10. Declarative Constraints and Database Triggers Table of contents • Objectives • Introduction • Context • Declarative constraints – The PRIMARY KEY constraint – The NOT NULL constraint – The UNIQUE constraint – The CHECK constraint ∗ Declaration of a basic CHECK constraint ∗ Complex CHECK constraints – The FOREIGN KEY constraint ∗ CASCADE ∗ SET NULL ∗ SET DEFAULT ∗ NO ACTION • Changing the definition of a table – Add a new column – Modify an existing column’s type – Modify an existing column’s constraint definition – Add a new constraint – Drop an existing constraint • Database triggers – Types of triggers ∗ Event ∗ Level ∗ Timing – Valid trigger types • Creating triggers – Statement-level trigger ∗ Option for the UPDATE event – Row-level triggers ∗ Option for the row-level triggers – Removing triggers – Using triggers to maintain referential integrity – Using triggers to maintain business rules • Additional features of Oracle – Stored procedures – Function and packages – Creating procedures – Creating functions 1 – Calling a procedure from within a function and vice versa • Discussion topics • Additional content and activities Objectives At the end of this chapter you should be able to: • Know how to capture a range of business rules and store them in a database using declarative constraints. • Describe the use of database triggers in providing an automatic response to the occurrence of specific database events. • Discuss the advantages and drawbacks of the use of database triggers in application development. • Explain how stored procedures can be used to implement processing logic at the database level. Introduction In parallel with this chapter, you should read Chapter 8 of Thomas Connolly and Carolyn Begg, “Database Systems A Practical Approach to Design, Imple- mentation, and Management”, (5th edn.).
    [Show full text]
  • 2.4. Constraints
    PostgreSQL 7.3 Documentation Prev Chapter 2. Data Definition Next 2.4. Constraints Data types are a way to limit the kind of data that can be stored in a table. For many applications, however, the constraint they provide is too coarse. For example, a column containing a product price should probably only accept positive values. But there is no data type that accepts only positive numbers. Another issue is that you might want to constrain column data with respect to other columns or rows. For example, in a table containing product information, there should only be one row for each product number. To that end, SQL allows you to define constraints on columns and tables. Constraints give you as much control over the data in your tables as you wish. If a user attempts to store data in a column that would violate a constraint, an error is raised. This applies even if the value came from the default value definition. 2.4.1. Check Constraints A check constraint is the most generic constraint type. It allows you to specify that the value in a certain column must satisfy an arbitrary expression. For instance, to require positive product prices, you could use: CREATE TABLE products ( product_no integer, name text, price numeric CHECK (price > 0) ); As you see, the constraint definition comes after the data type, just like default value definitions. Default values and constraints can be listed in any order. A check constraint consists of the key word CHECK followed by an expression in parentheses. The check constraint expression should involve the column thus constrained, otherwise the constraint would not make too much sense.
    [Show full text]
  • Reasoning Over Large Semantic Datasets
    R O M A TRE UNIVERSITA` DEGLI STUDI DI ROMA TRE Dipartimento di Informatica e Automazione DIA Via della Vasca Navale, 79 – 00146 Roma, Italy Reasoning over Large Semantic Datasets 1 2 2 1 ROBERTO DE VIRGILIO ,GIORGIO ORSI ,LETIZIA TANCA , RICCARDO TORLONE RT-DIA-149 May 2009 1Dipartimento di Informatica e Automazione Universit`adi Roma Tre {devirgilio,torlone}@dia.uniroma3.it 2Dipartimento di Elettronica e Informazione Politecnico di Milano {orsi,tanca}@elet.polimi.it ABSTRACT This paper presents NYAYA, a flexible system for the management of Semantic-Web data which couples an efficient storage mechanism with advanced and up-to-date ontology reasoning capa- bilities. NYAYA is capable of processing large Semantic-Web datasets, expressed in a variety of formalisms, by transforming them into a collection of Semantic Data Kiosks that expose the native meta-data in a uniform fashion using Datalog±, a very general rule-based language. The kiosks form a Semantic Data Market where the data in each kiosk can be uniformly accessed using conjunctive queries and where users can specify user-defined constraints over the data. NYAYA is easily extensible and robust to updates of both data and meta-data in the kiosk. In particular, a new kiosk of the semantic data market can be easily built from a fresh Semantic- Web source expressed in whatsoever format by extracting its constraints and importing its data. In this way, the new content is promptly available to the users of the system. The approach has been experimented using well known benchmarks with very promising results. 2 1 Introduction Ever since Tim Berners Lee presented, in 2006, the design principles for Linked Open Data1, the public availability of Semantic-Web data has grown rapidly.
    [Show full text]
  • CSC 443 – Database Management Systems Data and Its Structure
    CSC 443 – Database Management Systems Lecture 3 –The Relational Data Model Data and Its Structure • Data is actually stored as bits, but it is difficult to work with data at this level. • It is convenient to view data at different levels of abstraction . • Schema : Description of data at some abstraction level. Each level has its own schema. • We will be concerned with three schemas: physical , conceptual , and external . 1 Physical Data Level • Physical schema describes details of how data is stored: tracks, cylinders, indices etc. • Early applications worked at this level – explicitly dealt with details. • Problem: Routines were hard-coded to deal with physical representation. – Changes to data structure difficult to make. – Application code becomes complex since it must deal with details. – Rapid implementation of new features impossible. Conceptual Data Level • Hides details. – In the relational model, the conceptual schema presents data as a set of tables. • DBMS maps from conceptual to physical schema automatically. • Physical schema can be changed without changing application: – DBMS would change mapping from conceptual to physical transparently – This property is referred to as physical data independence 2 Conceptual Data Level (con’t) External Data Level • In the relational model, the external schema also presents data as a set of relations. • An external schema specifies a view of the data in terms of the conceptual level. It is tailored to the needs of a particular category of users. – Portions of stored data should not be seen by some users. • Students should not see their files in full. • Faculty should not see billing data. – Information that can be derived from stored data might be viewed as if it were stored.
    [Show full text]
  • Data Base Lab the Microsoft SQL Server Management Studio Part-3
    Data Base Lab Islamic University – Gaza Engineering Faculty Computer Department Lab -5- The Microsoft SQL Server Management Studio Part-3- By :Eng.Alaa I.Haniy. SQL Constraints Constraints are used to limit the type of data that can go into a table. Constraints can be specified when a table is created (with the CREATE TABLE statement) or after the table is created (with the ALTER TABLE statement). We will focus on the following constraints: NOT NULL UNIQUE PRIMARY KEY FOREIGN KEY CHECK DEFAULT Now we will describe each constraint in details. SQL NOT NULL Constraint By default, a table column can hold NULL values. The NOT NULL constraint enforces a column to NOT accept NULL values. The NOT NULL constraint enforces a field to always contain a value. This means that you cannot insert a new record, or update a record without adding a value to this field. The following SQL enforces the "PI_Id" column and the "LName" column to not accept NULL values CREATE TABLE Person ( PI_Id int NOT NULL, LName varchar(50) NOT NULL, FName varchar(50), Address varchar(50), City varchar(50) ) 2 SQL UNIQUE Constraint The UNIQUE constraint uniquely identifies each record in a database table. The UNIQUE and PRIMARY KEY constraints both provide a guarantee for uniqueness or a column or set of columns. A PRIMARY KEY constraint automatically has a UNIQUE constraint defined on it. Note that you can have many UNIQUE constraints per table, but only one PRIMARY KEY constraint per table. SQL UNIQUE Constraint on CREATE TABLE The following SQL creates a UNIQUE
    [Show full text]
  • Declarative Constraints
    THREE Declarative Constraints 3.1 PRIMARY KEY 3.1.1 Creating the Constraint 3.1.2 Naming the Constraint 3.1.3 The Primary Key Index 3.1.4 Sequences 3.1.5 Sequences in Code 3.1.6 Concatenated Primary Key 3.1.7 Extra Indexes with Pseudo Keys 3.1.8 Enable, Disable, and Drop 3.1.9 Deferrable Option 3.1.10 NOVALIDATE 3.1.11 Error Handling in PL/SQL 3.2 UNIQUE 3.2.1 Combining NOT NULL, CHECK with UNIQUE Constraints 3.2.2 Students Table Example 3.2.3 Deferrable and NOVALIDATE Options 3.2.4 Error Handling in PL/SQL 3.3 FOREIGN KEY 3.3.1 Four Types of Errors 3.3.2 Delete Cascade 3.3.3 Mandatory Foreign Key Columns 3.3.4 Referencing the Parent Syntax 3.3.5 Referential Integrity across Schemas and Databases 3.3.6 Multiple Parents and DDL Migration 3.3.7 Many-to-Many Relationships 3.3.8 Self-Referential Integrity 3.3.9 PL/SQL Error Handling with Parent/Child Tables 3.3.10 The Deferrable Option 69 70 Chapter 3 • Declarative Constraints 3.4 CHECK 3.4.1 Multicolumn Constraint 3.4.2 Supplementing Unique Constraints 3.4.3 Students Table Example 3.4.4 Lookup Tables versus Check Constraints 3.4.5 Cardinality 3.4.6 Designing for Check Constraints 3.5 NOT NULL CONSTRAINTS 3.6 DEFAULT VALUES 3.7 MODIFYING CONSTRAINTS 3.8 EXCEPTION HANDLING 3.9 DATA LOADS This is the first of several chapters that cover enforcing business rules with con- straints.
    [Show full text]
  • On Enforcing Relational Constraints in Matbase
    Scan to know paper details and author's profile On enforcing relational constraints in MatBase Christian Mancas,Valentina Dorobantu ABSTRACT MatBase is a very powerful database management system based not only on the relational data model, but also on the elementary mathematical, entity-relationship, and Datalog logic ones. This paper briefly introduces MatBase and the elementary mathematical data model, after which is focused on the five relational constraint types and their enforcement in relational database management systems, as well as in MatBase. Keywords: relational data model, domain constraint, not null constraint, unique key constraint, referential integrity constraint, tuple constraint, elementary mathematical data model, MatBase. Classification: H.2.6 H.2 Language: English LJP Copyright ID: 206059 ISBN 10: 1537631683 London ISBN 13: 978-1537631684 LJP Journals Press London Journal of Research in Computer Science and Technology 16UK Volume 17 | Issue 1 | Compilation 1.0 © 2017. Christian Mancas,Valentina Dorobantu. This is a research/review paper, distributed under the terms of the Creative Commons Attribution-Noncommercial 4.0 Unported License http://creativecommons.org/licenses/by-nc/4.0/), permitting all non-commercial use, distribution, and reproduction in any medium, provided the original work is properly cited. Powered by TCPDF (www.tcpdf.org) On Enforcing Relational Constraints in MatBase ​ α σ Valentina Dorobantu ​ & Christian Mancas ​ ​ ​ ______________________________________________ I. ABSTRACT 2.1 MatBase MatBase is a very powerful database manage- MatBase [1-5] is a powerful prototype multi- ment system based not only on the relational model, multi-user, and multi-language knowledge data model, but also on the elementary and data (KD) base management system mathematical, entity-relationship, and Datalog (KDBMS) that currently has two versions: one in MS Access 2015 and the other in MS SQL Server logic ones.
    [Show full text]
  • 8 the Effectiveness of Test Coverage Criteria for Relational Database Schema Integrity Constraints
    The Effectiveness of Test Coverage Criteria for Relational Database Schema Integrity Constraints PHIL MCMINN and CHRIS J. WRIGHT, University of Sheffield GREGORY M. KAPFHAMMER, Allegheny College Despite industry advice to the contrary, there has been little work that has sought to test that a relational database’s schema has correctly specified integrity constraints. These critically important constraints ensure the coherence of data in a database, defending it from manipulations that could violate requirements such as “usernames must be unique” or “the host name cannot be missing or unknown.” This article is the first to propose coverage criteria, derived from logic coverage criteria, that establish different levels of testing for the formulation of integrity constraints in a database schema. These range from simple criteria that mandate the testing of successful and unsuccessful INSERT statements into tables to more advanced criteria that test the formulation of complex integrity constraints such as multi-column PRIMARY KEYs and arbitrary CHECK constraints. Due to different vendor interpretations of the structured query language (SQL) specification with regard to how integrity constraints should actually function in practice, our criteria crucially account for the underlying semantics of the database management system (DBMS). After formally defining these coverage criteria and relating them in a subsumption hierarchy, we present two approaches for automatically generating tests that satisfy the criteria. We then describe the results of an empirical study that uses mutation analysis to investigate the fault-finding capability of data generated when our coverage criteria are applied to a wide variety of relational schemas hosted by three well-known and representative DBMSs— HyperSQL, PostgreSQL, and SQLite.
    [Show full text]
  • Declarative Constraints
    5685ch03.qxd_kp 11/6/03 1:36 PM Page 69 THREE Declarative Constraints 3.1 PRIMARY KEY 3.1.1 Creating the Constraint 3.1.2 Naming the Constraint 3.1.3 The Primary Key Index 3.1.4 Sequences 3.1.5 Sequences in Code 3.1.6 Concatenated Primary Key 3.1.7 Extra Indexes with Pseudo Keys 3.1.8 Enable, Disable, and Drop 3.1.9 Deferrable Option 3.1.10 NOVALIDATE 3.1.11 Error Handling in PL/SQL 3.2 UNIQUE 3.2.1 Combining NOT NULL, CHECK with UNIQUE Constraints 3.2.2 Students Table Example 3.2.3 Deferrable and NOVALIDATE Options 3.2.4 Error Handling in PL/SQL 3.3 FOREIGN KEY 3.3.1 Four Types of Errors 3.3.2 Delete Cascade 3.3.3 Mandatory Foreign Key Columns 3.3.4 Referencing the Parent Syntax 3.3.5 Referential Integrity across Schemas and Databases 3.3.6 Multiple Parents and DDL Migration 3.3.7 Many-to-Many Relationships 3.3.8 Self-Referential Integrity 3.3.9 PL/SQL Error Handling with Parent/Child Tables 3.3.10 The Deferrable Option 69 5685ch03.qxd_kp 11/6/03 1:36 PM Page 70 70 Chapter 3 • Declarative Constraints 3.4 CHECK 3.4.1 Multicolumn Constraint 3.4.2 Supplementing Unique Constraints 3.4.3 Students Table Example 3.4.4 Lookup Tables versus Check Constraints 3.4.5 Cardinality 3.4.6 Designing for Check Constraints 3.5 NOT NULL CONSTRAINTS 3.6 DEFAULT VALUES 3.7 MODIFYING CONSTRAINTS 3.8 EXCEPTION HANDLING 3.9 DATA LOADS This is the first of several chapters that cover enforcing business rules with con- straints.
    [Show full text]
  • Relational Data Model and SQL Data Definition Language
    The Relational Data Model and SQL Data Definition Language Paul Fodor CSE316: Fundamentals of Software Development Stony Brook University http://www.cs.stonybrook.edu/~cse316 1 The Relational Data Model A particular way of structuring data (using relations) proposed in 1970 by E. F. Codd Mathematically based Expressions ( queries) can be analyzed by DBMS and transformed to equivalent expressions automatically (query optimization) Optimizers have limits (=> the programmer still needs to know how queries are evaluated and optimized) 2 (c) Pearson Education Inc. and Paul Fodor (CS Stony Brook) Relational Databases In Relational DBs, the data is stored in tables Attributes (column Relation name: Student headers) Id Name Address Status 1111 John 123 Main fresh Tuples 2222 Mary 321 Oak (rows) 1234 Bob 444 Pine 9999 Joan 777 Grand senior 3 (c) Pearson Education Inc. and Paul Fodor (CS Stony Brook) Table Set of rows (no duplicates) Each row/tuple describes a different entity Each column/attribute states a particular fact about each entity Each column has an associated domain Id Name Address Status 1111 John 123 Main fresh 2222 Mary 321 Oak 1234 Bob 444 Pine 9999 Joan 777 Grand senior Domain of Id: integers Domain of Name: strings 4 Domain of(c) PearsonStatus Education= Inc.{fresh, and Paul Fodor soph, (CS Stony junior,Brook) senior} Relation A relation is the mathematical entity corresponding to a table: A relation R can be thought of as predicate R A tuple (x,y,z) is in the relation R iff R(x,y,z) is true Why Relations/Tables? Very simple model.
    [Show full text]
  • I a Suppose You Want to Build a Video Site Similar to Youtube and Keep Data in File- Processing System. Discuss the Relevance Of
    October 2017 Database Management Systems Solution Set I a Suppose you want to build a video site similar to YouTube and keep data in file- processing system. Discuss the relevance of each of the following points to the storage of actual video data, and to metadata about the video, such as title, the user who uploaded it, tags, and which users viewed it. i. Data redundancy and inconsistency ii. Difficulty in accessing data iii. Data isolation iv. Integrity problems v. Atomicity problems vi. Concurrent system anomalies vii. Security problems Ans i. Data redundancy and inconsistency. This would be relevant to metadata to 1a some extent, although not to the actual video data, which is not updated. There are very few relationships here, and none of them can lead to redundancy. ii. Difficulty in accessing data. If video data is only accessed through a few predefined interfaces, as is done in video sharing sites today, this will not be a problem. However, if an organization needs to find video data based on specific search conditions (beyond simple keyword queries) if meta data were stored in files it would be hard to find relevant data without writing application programs. Using a database would be important for the task of finding data. iii. Data isolation. Since data is not usually updated, but instead newly created, data isolation is not a major issue. Even the task of keeping track of who has viewed what videos is (conceptually) append only, again making isolation not a major issue. However, if authorization is added, there may be some issues of concurrent updates to authorization information.
    [Show full text]