Database Reference
In-Depth Information
6. Name the components of a mandatory access control model.
7. Distinguish between security authorization and authentication.
8. What purposes do statistical databases serve? Name any four types of options
to preserve individual privacy in a statistical database.
9. What are the important characteristics of a good encryption technique?
10. Compare DES with the public key encryption technique and list the
differences.
EXERCISES
1. Indicate whether true or false:
A. Discretionary access control provides better protection than mandatory
access control.
B. Biometric verification is an authentication procedure.
C. Statistical databases have potential data privacy problems.
D. In the DES encryption technique, the encryption key may be made public.
E. In the RSA encryption technique, two encryption keys are used.
F. Simple security restriction relates to discretionary access control.
G. An authorization graph shows the cycle of how access privileges are passed
along.
H. The DROP VIEW command destroys the data represented in the user
view.
I. The DBMS maintains a profile for each user.
2. As a data security consultant for a large department store, prepare a draft
outline of a security policy document.
3. You are the DBA for an airline company. Group the users in your company
by functional roles. Indicate four major database tables for the company.
Prepare a sample authorization matrix showing user groups, database tables,
and access privileges.
4. Explain how user views can be used as security tools. Provide three examples.
5. Choose one of the encryption techniques: DES or RSA. Describe, by means
of a simple example, how data is exchanged by using the technique.
Search WWH ::
Custom Search