Security and Authentication

To protect data from unauthorized access, BigQuery data stores require all connections to be authenticated using the OAuth 2.0 protocol and encrypted using TLS 1.2 with one-way authentication. The Simba Google BigQuery ODBC Connector protects your data by providing support for these authentication protocols and further obscuring data from unwanted access by fetching it in a non-text format. The data is compressed using zlib and encrypted using TLS.

The connector provides mechanisms that allow you to complete an OAuth 2.0 authentication flow using a Google user account or a Google service account. The connector retrieves a token based on the account credentials specified in your DSN or connection string, and then uses the token to authenticate the connection to BigQuery. For detailed configuration instructions, see Configuring AuthenticationConfiguring Authentication.

Additionally, the connector automatically encrypts all connections with TLS. TLS encryption protects data and credentials when they are transferred over the network, and provides stronger security than authentication alone. By default, the connector uses the trusted CA certificates file that is included during installation, but you can configure the connector to use a different file by setting the Trusted Certificates option (the TrustedCerts property). On Windows machines, you can configure the connector to use the system trust store by setting the Use System Trust Store option (the UseSystemTrustStore property). For detailed configuration instructions, see Creating a Data Source NameCreating a Data Source Name.

Related topics

• Features
• Configuring Authentication
• Creating a Data Source Name
• Configuring Authentication
• Creating a Data Source Name