Databases Reference
In-Depth Information
Chapter 56
Understanding
Relational Databases
and Assessing
Their Security
Sean D. Doyle
T
R
D
M
HE
EARLY
DEVELOPMENT
OF
ELATIONAL
ATABASE
ANAGEMENT
S
(RDBMS
)
YSTEMS
S
FOCUSED
PRIMARILY
ON
BASIC
SYSTEM
FUNCTIONS
;
.
AND
In recent years,
however, several factors have led to the development of improved security
controls. As organizations began to use relational technologies to build
mission-critical applications, they became increasingly concerned about
the potential legal and financial consequences of poorly managed systems.
As a result, the market demanded that software developers provide effec-
tive protection mechanisms. As the relational database industry matured,
it became better positioned to provide the needed solutions.
PERFORMANCE
SECURITY
WAS
NOT
A
HIGH
PRIORITY
This chapter describes contemporary challenges in managing data and
describes how new relational database technologies help meet those chal-
lenges. Discretionary access controls and related security and audit capa-
bilities of new relational database products are discussed. The chapter
also addresses such emerging technologies as multilevel secure (MLS)
database systems. Practical tips on how to evaluate these technologies are
provided. Although the issues discussed are applicable to most relational
database products, specific security capabilities are illustrated using the
Oracle Relational Database Management System, Version 7.0 and the Multi-
Level Secure Oracle Relational Database Management System, Version 1.0.
CHALLENGES IN RELATIONAL DATABASE SECURITY
Relational systems have been designed to provide increased ease of use
and availability of data. These characteristics can create unique challenges
Search WWH ::
Custom Search