Databases Reference
In-Depth Information
12.3.3 Managing Security and Privacy Issues
An Internet database environment is one in which all of the traditional data secu-
rity concerns are present, but in addition, the information system is exposed to
the whole world through its Web site! This is not an exaggeration. In the e-com-
merce environment the company wants as many people as possible to visit its
Web site and buy its products. This also opens a door to hackers, data thieves,
virus writers, and anyone else with mischief on their minds. Your Web site is an
openly published entry point into your company's information system. Obvi-
ously, this openness requires security measures such as the following:
Separating the different parts of the information system so that they run
on different computers. The Web server and the database server should be
different computers. Furthermore, these servers should be separated from
the rest of the company's information system by being on a separate LAN.
▲
Making use of firewalls
. Firewalls
provide a layer of protection between
your network and the Internet. Firewalls can be hardware-based, software-
based or both. They can provide different types of protection such as
limiting open data paths or checking incoming messages for viruses and
other suspicious code. Firewalls can be dedicated hardware devices
designed specifically for that purpose or can also be implemented
through specialized server software. Hardware firewalls are usually more
efficient and a better choice in high volume environments. Software-
based firewalls are often more cost-effective and can frequently be
deployed on multi-purposed servers.
▲
Take a look at Figure 12-9. This is a basic multi-tier, Web-based application,
but also includes a firewall. Additional firewalls can be placed between the Web
server and the database server to catch any malicious code that gets through the
initial firewall. Firewalls can also be placed between the Web server and the rest
of the company's information systems.
Understanding Data Privacy Issues
Closely related to the issue of security is the issue of privacy. Companies have
long held personal data about their customers in their databases. What is dif-
ferent in the Internet database environment is, first, that the companies are com-
municating digitally with their customers through their Web sites, including
passing their personal data, over the Internet. This requires the use of encryp-
tion so that the data cannot be intercepted and read while in transit over the
Internet. Second, the collected personal data in the company's database makes a
tempting target for someone out to steal such data. And, again, the database is
potentially accessible through the company's public Web site, which brings us
back to the discussion about firewalls and other security devices.
