Derby can be deployed in a number of ways and in a number of different environments. The security needs of the Derby system are also diverse.
Derby supplies or supports the following optional security mechanisms:
Derby verifies user names and passwords before permitting them access to the Derby system.
A means of granting specific users permission to read a database or to write to a database.
A means of encrypting Derby data stored on disk.
In a Java 2 environment, Derby validates certificates for classes loaded from signed jar files.