Sec_Replay_Detection
database parameter
Description
When you access an SAP Adaptive Server Enterprise database in
PowerBuilder through Open Client, Sec_Replay_Detection is one of several
parameters that support per-packet security for network-based security
services. (For other per-packet security parameters, see the See Also
section.)
Sec_Replay_Detection controls whether your connection’s security
mechanism can detect and reject unauthorized attempts to capture and
replay transmitted data. When Sec_Replay_Detection is set to 1, the
security mechanism detects and subsequently rejects any unauthorized
attempts by third parties to capture packets sent to the server and
repeat (replay) the commands in the packets at a later time.
When Sec_Replay_Detection is set to 0 (the default), the security
mechanism cannot detect unauthorized attempts to capture and replay
data.
You must specify a value for Sec_Replay_Detection before
connecting to the database in PowerBuilder.
Using third-party security mechanisms
For information about the third-party security mechanisms and
operating system platforms that has been tested with Open Client
security services, see the Open Client documentation.
Applies to
ASE, SYC SAP Adaptive Server Enterprise
Syntax
|
1 |
Sec_Replay_Detection=value |
|
Parameter |
Description |
|---|---|
|
value |
Specifies whether your connection’s security
|
Default value
Sec_Replay_Detection=0
Usage
When to use
In a nonsecure network, unauthorized third parties might capture
the commands sent to a server in order to repeat (replay) these commands
at a later date. For example, if packets are sent from the client to the
server in the order P1, P2, P3 and the server receives the packets in
the order P1, P3, P2, this is considered an attempt to replay the data.
Setting Sec_Replay_Detection to 1 ensures that your security mechanism
can detect and subsequently reject all such unauthorized attempts to
capture and replay data transmitted over the network.
Set Release parameter
For this parameter to take effect, you must also set the Release
parameter to 11 or higher to specify that your application should use
the appropriate version of SAP Sybase Open Client Client-Library
(CT-Lib) behavior. See the description of the Release parameter for more information.
Requirements for use
To use Sec_Replay_Detection or any other parameter supporting Open
Client security services, you must meet certain requirements for using
security services in your PowerBuilder application. For details, see
the section called “Requirements for using Open Client security services” in Connecting to Your Database.
Corresponding CT-Lib connection
property
Specifying a value for Sec_Replay_Detection sets the corresponding
SAP Sybase CT-Lib connection property named CS_SEC_DETECTREPLAY.
Examples
To allow your security mechanism to detect and reject unauthorized
attempts to capture and replay transmitted data:
-
Database profile
Select the Detect Replayed Commands check box on the Security
page in the Database Profile Setup dialog box. -
Application
Type the following in code:
1SQLCA.DBParm="Sec_Replay_Detection=1;Release=12.5"
See also