passwords of the SAS data sets named in the FROM clause. If you are running SAS
in batch or noninteractive mode, you receive an error message.
SAS/ACCESS Views
SAS/ACCESS software enables you to edit View descriptors and, in some interfaces, the
underlying data. To prevent someone from editing or reading (browsing) the View
descriptor, assign Alter protection to the view. To prevent someone from updating the
underlying data, assign Write protection to the view. For more information, see the
SAS/ACCESS documentation for your DBMS.
DATA Step Views
When you create a DATA step view using a password-protected SAS data set, specify
the password in the View definition. In this way, when you use the view, you can access
the underlying data without respecifying the password.
The following statements create a DATA step view using a password-protected SAS data
set, and drop a sensitive variable:
data mylib.emp / view=mylib.emp;
set mylib.employee(pw=orange drop=salary);
run;
Note that you can use the SAS view without a password, but access to the underlying
data requires a password. This is one way to protect a particular column of data. In the
above example, proc print data=mylib.emp; executes, but proc print
data=mylib.employee;
fails without the password.
SAS Data File Encryption
About Encryption on SAS Data Files
SAS passwords and metadata-bound data sets restrict access to SAS data sets within
SAS. But neither can prevent SAS data sets from being viewed at the operating
environment system level or from being read by an external program. Encryption
provides security of your SAS data outside of SAS by writing to disk the encrypted data
that represents the SAS data. The data is decrypted by the SAS system as it is read from
the disk, but is not decrypted when read at the operating system level or by external
programs.
Encryption does not affect file access. However, SAS honors all host security
mechanisms that control file access and can extend host security mechanisms by binding
the data sets to metadata. You can use encryption and those security mechanisms
together.
There are two types of algorithms that SAS uses for encrypting data files:
• SAS Proprietary Encryption on page 732 is implemented with the
ENCRYPT=YES data set option.
• AES (Advanced Encryption Standard) encryption on page 733 is implemented with
the ENCRYPT=AES data set option.
SAS Data File Encryption 731