Database Reference
In-Depth Information
 Individuals or competitors may be interested in whatever they can obtain that has eco-
nomic value.
 The emotionally unbalanced, and just plain evil people.
 Employees of an organization commit frauds some times. In this case internal security to
database is must.
 Honest mistakes by authorized users can cause security exposures, loss of data, and pro-
cessing errors.
 Hackers are interested in a sense of notoriety from penetrating organization systems.
6.2 Access control
Access control is the ability to permit or deny the use of a particular resource by a particular
entity. Access control mechanisms can be used in managing physical resources. Every or-
ganization prescribes the security policies and procedures that must be followed. We ex-
plore these layers in the sections that follow.
 Access control  Auditing
 Authentication  Encryption
 Physical Security  Network Security
 System-Level Security
Evaluation of a person, organization, process, project, system, or product is known as an
audit. Audits are performed to ascertain the validity and reliability of information. It also
provide us an assessment of a system's internal control. The main motive of an audit is to
give an opinion on the person / organization/system , under evaluation based on work done
on a test basis.
Authentication involve confirming the identity of a user, the origins of an artifact,
or assuring that a computer program is a trusted one.
encryption is a process in which information, using an algorithm is presented
in such a form that it is useful of a user and useless for others. To make it readable for a
user special arraganment is made with keys. The result of the process is encrypted
information (in cryptography, referred to as ciphertext). the word encryption also
implicitly refers to the reverse process, decryption to make the encrypted information
Search WWH ::

Custom Search