Database Reference
In-Depth Information
Although this approach does simplify the recovery process for the users of the system, it also causes some
problems. First, each of the programs in the system becomes more complicated because of the extra logic
involved in adding records to the special log file. Second, you must write a separate program to update the
database with the information in this log file. Finally, every time a user completes an update, the system has
extra work to do, and this additional processing may slow down the system to an unacceptable level. Thus, in
any application, you must determine whether the ease of recovery provided by this approach is worth the
price you might have to pay for it. The answer will vary from one system to another.
PROVIDE SECURITY SERVICES
246
As discussed in Chapter 4, a DBMS must provide ways to ensure that only authorized users can access the
database. Security is the prevention of unauthorized access, either intentional or accidental, to a database.
The most common security features used by DBMSs are encryption, authentication, authorizations, and views.
Encryption
Encryption converts the data in a database to a format that
s indecipherable by a word processor or another
program and stores it in an encrypted format. When unauthorized users attempt to bypass the DBMS and get
to the data directly, they see only the encrypted version of the data. However, authorized users accessing the
data using the DBMS have no problem viewing and working with the data.
When a user updates data in the database, the DBMS encrypts the data before updating the database.
Before a legitimate user retrieves the data via the DBMS, the data is decrypted, or decoded, and presented to
the user in the normal format. The entire encryption process is transparent to a legitimate user; that is, he or
she is not even aware it is happening.
Access lets you encrypt a database with a password and, after you
'
ve encrypted the database, you can use
Access to decrypt it. Decrypting a database reverses the encryption. If your encrypted database takes longer
to respond to user requests as it gets larger, you might consider decrypting it to improve its responsiveness.
Using Access to encrypt or decrypt a database is a four-step process:
'
1. Start Access, click the File tab on the Ribbon (if necessary) to display Backstage view, and then
click Open in the navigation bar.
2. Navigate to the drive and folder that contains the database in the Open dialog box, click the
database name, click the Open arrow, and then click Open Exclusive.
3. Click the File tab, and then click the Encrypt with Password button. (To decrypt a database,
click the Decrypt Database button.)
4. Type the password in the Password box, type the same password in the Verify box, press the
Enter key, and then click the OK button in the message box. (If you are decrypting the database,
type the password for the database in the Password box, and then press the Enter key.)
Authentication
Authentication refers to techniques for identifying the person who is attempting to access the DBMS. The use
of passwords is the most common authentication technique. A password is a string of characters assigned by
the DBA to a user that the user must enter to access the database. Users also use passwords to access many
operating systems, networks, and other computer and Internet resources. Biometric identification techniques
and the use of smart cards are increasing in use as an alternative to passwords for authentication. Biometrics
identify users by physical characteristics such as fingerprints, voiceprints, handwritten signatures, and facial
characteristics. Smart cards are small plastic cards about the size of a driver
'
s license that have built-in cir-
cuits containing processing logic to identify the card holder.
Unlike individual passwords, a database password is a string of characters that the DBA assigns to a data-
base and that users must enter before they can access the database. As long as the database password is
known only to authorized database users, unauthorized access to the database is prevented. The DBA should
use a database password that is easy for the authorized users to remember but that is not so obvious that
others can easily guess the password. If a DBA encrypts an Access database, the DBA must assign a database
password, as shown in Figure 7-14. To create the database password, the DBA enters the same password twice
to verify that the initial entry is the one that the DBA wants.
Search WWH ::




Custom Search