Database Reference
In-Depth Information
Physical Security
In the case of physically security database servers should be kept in a locked
room where only authorized personnel have access. Depending on the sensitivity and
value of the data in the database, the following additional measures might be needed: In
an organization, there should be proper video surveillance system. DBA can take help
from “Token” security devices. For example cards or keys that must be inserted into the
server in order to gain access where a pin code must be required to obtain a password.
Administrators can take help biometric devices, like a user must pass a fingerprint or ret-
inal scan to obtain database access.
As a policy matter, user's entry should be restricted into server room.As a policy matter
the removal of any hardware, such as tapes and disks should be strictly prohibited.
Network Security
Physical security is not enough when the database server is accessible via a
network. Intruders can manage to obtain a network connection to the database server.
Holistic approach should be required to provide network security beside it must be
ensured that every computer system attached to that network is equally secure.
System-Level Security
After providing network security to a system, the next area of focus is the system
that will run the DBMS. A poorly secured database server can create problems for an
organization. Following are some measures to secure database:
Operating system software should be minimal: To get work done quickly, install only the
minimal software components. While installing operating system use the “custom” install-
ation option to choose only the required components. Operating system services should
be minimal: Software/ services those are not required at start up make them disable.
Installing of DBMS software should be minimal: Install DBMS software with fewer fea-
tures with custom installation option. It leads to less problems such as buffer overflow vul-
nerabilities.
Security patches: To keep system updated and secure security alerts are reviewed as they
are announced. Security patches must be applied in a timely manner. For example changing
all default passwords.
FUNCTIONAL DEPENDENCY
Functional dependency is a relationship between two attributes such that the value of
one attribute finds the value in the other. Functional dependency is extremely useful
tool for thinking about data structures. Given any tuple T, with two sets of attributes
{X
1……….
...X
n
} and {Y
1
............Y
n
} , then set Y is functionally dependent on set X if, for
any legal value of X, there is only one legal value for Y.
