Client Authentication

Implementing strong security programs provides Vertica users the assurance that access to sensitive information is closely guarded. Vertica uses several approaches to manage data access.

The database server uses client authentication to establish the identity of the requesting client and determines whether that client is authorized to connect to the Vertica server using the supplied credentials.

Encrypting Client-Server Communication

Vertica uses Secure Socket Layer (SSL) and Transport Layer Security (TLS) to establish a secure connection between the client machine and the server. Configure SSL/TLS to:

For details see TLS/SSL Server Authentication.

Authentication Management

Users with the DBADMIN Role can manage the following authentication tasks:

Important: Configure client authentication so that the DBADMIN user can always access the database locally. If a problem occurs with the authentication that blocks all users from logging in, the DBADMIN user needs access to correct the problem.

For details about managing authentication records, see:

See Implementing Client Authentication.

User Authorization

Database users should have access to just the database resources they need to perform their required tasks. For example, some users need to query only specific sets of data. To prevent unauthorized access to additional data, you can limit their access to just the data that they need to run their queries. Other users should be able to read the data but not be able to modify or insert new data. Still other users might need more permissive access, including the right to create and modify schemas, tables, and views, or grant other users access to database resources.

For information on controlling data access, see the following: