Securing SAS installations--some recent papers


Reading Jan Bigalke’s SAS Global Forum paper on “Hardening a SAS® Installation on a multi tier installation on Linux" reminded me of baking apple stack cake with my mother.  Neither is a simple project.  Both are time-consuming, and their success depends on how skillfully you handle each layer.

Data security is a global concern, and configuring SAS in a distributed computing environment with enhanced security and regulatory controls is a challenge SAS administrators must face more frequently. To meet today’s more stringent requirements, SAS administrators must understand the different technologies available for securing individual components of the architectural stack—options for all SAS components as well as options for any third-party components and tools.  In his most recent paper, Bigalke offers these suggestions and documents his approach for securing a multi-tier installation of SAS software in a Linux environment:

  •  Understand the explicit security needs of the organization and the options available for meeting those needs.  Bigalke based his configuration on meeting FIPS 140-2 requirements of the US government computer security standard.  
  • Use single sign-on to minimize the need for providing user credentials. SAS Web applications and clients generally require users to enter credentials. 
  • Protect the Web components using reverse proxy and TLS/SSL signed certificates.  Web components are generally the most exposed, and these techniques will not only secure the connection but also be more convenient to the end-user.
  • Configure SAS clients, SAS metadata, Base SAS and third-party data sources using appropriate authentication options.  SAS 9.3 components that use WIP Services to connect to the SAS System offer direct LDAP authentication.  You may also want to explore JAVA-based versus standard SAS-based functions for securing connections using TSL/SSL protocols.  

 Other SAS Global Forum 2013 papers that cover security topics include:

For the more information on security and configuration options, here’s a handful of recently published SAS configuration guides:


Image provided by by creative commons


About Author

Christina Harvey

Principal Marketing Specialist

Christina Harvey is an editor for SAS External Communications. She has more than 20 years experience as a technical writer and communications specialist for SAS.

Leave A Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Back to Top