I support a system that uses Sybase ASE 15.7 and am trying to get some information in relation to authentication processes for a security review.
When a login is performed, is there a unique ID assigned to the session that expires after logout? This would be for preventing replay attacks on the database. Further, what mechanisms are used (a nonce, challenge-repsonse, etc) to support authentication security?
If you need any further information, please let me know.
Thanks for your time!