Databases in a DBS environment

In a cloud-based DBS environment, business data from different clients are stored in different databases, which are isolated from each other. A database in a DBS environment can be considered as a logical grouping of a user catalog, users, and other system resources such as data volumes, Safeguard, and MXCS. The system resources such as data volumes specific to a database are exclusive for its use and are not shared with other databases.

A database in a DBS environment has the following initial characteristics:

  • Exactly one SQL/MX catalog with an initial schema.

  • An initial database user with the ability to create additional database objects.

  • A privilege group for database users. The privilege group is database_name_USERS.

  • Three implicit privilege groups for user access to the database. The database implicit privilege groups for user access to the database are used to extend access rights to the database users. The following table lists the implicit privilege groups to extend access rights to users:
    Implicit privilege groups

    Privilege group name

    Description

    DBdatabase_uid_READ Privilege group for READ access
    DBdatabase_uid_WRITE Privilege group for WRITE access
    DBdatabase_uid_CREATE Privilege group for CREATE access
    Where,

    database_uid is the unique ID of the database. The catalog UID is considered as the database UID.

  • An exclusive set of audited volumes to store database objects and their metadata.

  • An MXCS datasource for application access to the database.

  • A Safeguard file-sharing group to allow access to data volumes for only users associated with the database.

  • An OSS directory to store files such as Stored Procedures for Java (SPJ) class and jar files, Save DDL drop files on the NonStop server.

Applications can connect to a database using the associated MXCS datasource using ODBC/MX and JDBC Type 4 drivers, which requires user authentication. The Guardian username is in the group.user format. To simplify and make it meaningful, you can associate a Guardian username with a free-format External Username. External Usernames must be used for authentication and for granting or revoking privileges. An External Username is associated with only one Guardian username, and a Guardian username can have only one External Username. An External Username is not related to a Safeguard alias and cannot be used to log on to the NonStop system except for MXCS authentication.

For information on creating and using External Usernames, see SQL/MX 3.5 Release Technical Update.