Database Reference
In-Depth Information
DATABASE
Authorized
Unauthorized
Figure 16-1
Database security system.
Defense from vandalism. Defend the database from the attempts of ingenious,
disgruntled professionals intending to tamper with and vandalize the database.
Provide safety from fraud. Keep the database safe from persons with intentions to
commit fraud or to misuse its contents .
Shelter of privacy. Shelter the privacy of individuals and institutions about whom
data reside in the database.
Identification of users. Be able to positively identify authorized users.
Authorization of users. Guarantee access to authorized users.
Scope of authorization. Be able to authorize individual users for specific portions
of the database as needed.
Levels of authorization. Provide individual users with particular authorization
levels to read, update, add, or delete data.
Monitoring of usage. Be able to monitor access by authorized users to keep audit
trails for tracing actions.
Security Problems
Many aspects of security problems require attention in a database environment.
Legal, social, and ethical aspects are involved. Does the person requesting for parti-
cular information have a legal right to that piece of information? Also, there are policy
questions about who decides on what types of access authorizations must be granted
Search WWH ::




Custom Search