This section describes the security features provided by the .NET Data Provider for Teradata.

Confidentiality

In order to enhance network security during the logon process,  the .NET Data Provider for Teradata encrypts logon strings to ensure the confidentiality of passwords transmitted between client applications and the Teradata Gateway.  Client applications cannot enable or disable encryption of the logon string.  See Connection Overview for more information about the logon process.

Data Integrity

The DataIntegrity option allows the application to specify that validation checking should occur for all messages that are transmitted between client and server.  The message contents are not encrypted and all messages are compared to what was sent to ensure that data has not been corrupted during transmission.  This provides the application with assurance that data corruption has not occurred without incurring the overhead of full data encryption.

Note

For the TD2 authentication mechanism, this option is only supported with Teradata Database 12.0 and above.  Specifying DataIntegrity with earlier versions of the Teradata Database will result in a TdException of the form [.NET Data Provider for Teradata] [115027] Session initialization error: unable to execute HELP SESSION. with an InnerException of [Teradata Database] [8028] The LAN message Authentication is invalid.

Data Encryption

The DataEncryption option allows the application to specify that all messages should be encrypted prior to being transmitted between client and server. Although security provided by the encryption of transmitted data is desirable, you should not use this feature indiscriminately. Depending on the application you use and the type of session being run, encrypting data may significantly reduce system performance. Users should not encrypt a session unless the value of the security outweighs the potential performance losses.