According to the GDPR, personal data shall be processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing. SAS Federation Server security services ensure that both the server and its data are protected against unauthorized access. SAS Federation Server supports configurable authorization processes and other security features, including encryption.
Authentication
SAS Federation Server works with SAS Metadata Server to perform authentication for users and groups. When a user connects to SAS Federation Server to access data, the user’s authenticating credentials are passed to the SAS Metadata Server for validation. Once the credentials are validated, the SAS Metadata Server will identify the user based on the submitted credentials and get information including logins and group memberships.
If a user is authenticated but cannot be identified in the SAS Metadata Server, that user becomes a member of the PUBLIC group.
Authorization
Authorization determines what privileges a user or group has to access the data sources. Authorization can happen at two distinct locations:
Privileges/permissions are the list of actions a user can be authorized/denied to perform, including in that case SELECT, INSERT, ALTER, DROP, etc.
Privileges/permissions can be assigned at different layers: server, data service, DSN, catalog, schema, table, etc. up to the column level. For example, a user/group can be granted SELECT permissions on a data service, but denied SELECT on specific tables or columns on a table.
Row-level security (RLS) for SAS Federation Server provides additional security on tables and views by restricting data access on a row-by-row basis.
Server encryption
SAS Federation Server supports two methods of encryption strength: SAS Proprietary Encryption and encryption with DataFlux Secure. The SAS Proprietary Encryption algorithm provides a medium level of security, it is strong enough to protect your data from casual viewing.
With DataFlux Secure, you have a high level of security, it provides three high-assurance features:
SAS Innovate 2025 is scheduled for May 6-9 in Orlando, FL. Sign up to be first to learn about the agenda and registration!
Data Literacy is for all, even absolute beginners. Jump on board with this free e-learning and boost your career prospects.