can be deployed in a number of ways and in a number of different environments, ranging from a single-user deployment for small-scale development and testing to a multi-user deployment of a large database. For all but the smallest deployments, however, it is essential to make the system secure.

To secure a database or databases, take the following steps.

1. Understand the basic tasks involved in configuring security in a client-server environment or an embedded environment.

   See for details.

2. Encrypt your databases.

   provides ways to encrypt data stored on disk.

   For more information about encryption, see .

3. Sign any jar files that you use in your databases.

   validates certificates for classes loaded from signed jar files.

   For more information about using signed jar files, see .

4. Encrypt network traffic with SSL/TLS.

   SSL/TLS certificate authentication is also supported. See for details.

5. Understand the concept of identity in .

   See for details.

6. Configure authentication by setting up users and passwords.

   Authentication determines whether someone is a legal user. It establishes a user's identity. verifies user names and passwords before permitting access to the system.

   For more information about authentication, see .

7. Configure user authorization for the system.

   Authorization determines what operations can be performed by a user's identity. Authorization grants users or roles permission to read a database or to write to a database.

   For more information about authorization, see .

8. If necessary, restrict database file access to the operating system account that started the JVM.

   For details, see .

See the for information about many security-related properties and system procedures, as well as such statements as GRANT, REVOKE, CREATE ROLE, DROP ROLE, CREATE PROCEDURE, and CREATE FUNCTION.