Scribd Logo
Carica

Benvenuto in Scribd!

  • Database Security Assignment

    Caricato da

    Aamir Raza
    2K visualizzazioni7 pagine
    MBA-08-012 University of Sargodha

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Formati disponibili

    PDF o leggi online da Scribd

    Hai trovato utile questo documento?

    Questo contenuto è inappropriato?

    Segnala questo documento
    MBA-08-012 University of Sargodha

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Scarica in formato PDF o leggi online su Scribd
    Segnala contenuti inappropriati
    2K visualizzazioni7 pagine

    Database Security Assignment

    Caricato da

    Aamir Raza
    MBA-08-012 University of Sargodha

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Scarica in formato PDF o leggi online su Scribd
    Segnala contenuti inappropriati
    di 7

    DATABASE SECURITY

    THREATS OF DATABASE

     Accidental loss
     Theft & fraud
     Loss of privacy or confidentiality
     Loss of data integrity
     Loss of availability

    1. Accidental loss

    Loss occurs due to human error. It is usually by chance loss of data.

    These losses can be minimized.

    By,

     User authorization
     Uniform software installation procedure
     Hardware maintenance schedule

    2. Theft & fraud

    Theft “steal of data” by an unauthorized user.

    Fraud “ intentially ” spoiling the data.

    These two activities are performed usually electronic means.

    Example,

    Someone may being away the data on his flash.


    This can be avoided by,

     Maintaining physical security


     Fire wall

    3. Loss of privacy

    Privacy means:

    Protection relating to individual data.

    Confidently means:

    Protection of data of organization.

     Failure to these protection causes.


     Black mail
     Bribery
     Public embarrassment
     State of federal laws govern by protection of data.

    Otherwise this security may cause financial & reputation loss.

    4. Loss of data integrity


    “Integrity” means soundness of data and extent of validity of data.

    If data is not secured then this can be hampered someone may. Alter the data due
    to which it becomes invalid. So recovery and backup procedures should be used.

    Invalid data may cause “wrong decisions”.

    5. Loss of availability
    Destructive hardware , networks, applications may cause the data to
    become unavailable.

    Virus may cause this problem.

    ESTABLISHING DATA SECURITY

     Server Security
     Network security
     Web security
     Web privacy
    1. Server security

    Multiple users, including database servers, need to be protected.


    Each should be located in a secure are, accessible only to authorized
    administrator and supervisor. Logical access controls, including server and
    administrator and passwords, provide layers of protection against
    intrusion. Password management utilities should be included as part of the
    network and operating systems.

    Reliance on operating system authentication should not be encouraged.

    2. Network security

    Securing client/server systems includes securing the network


    between client and server. The encryption of data so that attackers cannot
    read a data packet being transmitted is obviously an important part of
    network security. For example, authentication of the client workstation
    that is attempting to access the server also helps to enforce network
    security and application system.

    3. Web security

    If an organization wishes only to make static HTML pages


    available, protection must be established for the HTML files stored on
    web pages.

    Sensitive files may be kept on another server accessible through an


    organization s intranet. Security measures for dynamic web page
    generation are different.

    Web security include ways to restrict access to web servers.

     Restrict the number of users on the web server as much as


    possible.
     Restrict access to the web server, keeping a minimum number of
    ports open.
     Remove any unneeded programs that load automatically when
    setting up the server.

    4. Web privacy

    Protection of individual privacy when using the internet has become an


    important issue. E-mail, E-commerce and marketing and other online resources
    have created new computer mediated communication paths.

    Application that return individualized responses require that information


    be collected about the individual but at the same time proper respect for the
    privacy and dignity of employee.
    MEASURES

    Subset of database that is presented to one or more users view is a virtual table.

    A view is created by queering one or more of the base tables.

     View present only that data which is required by user.

    So, user cannot view other private, confidential data.


    Example:
    Worker of production dept. views data relating to material type, query
    relating to material & access.

    INTEGRITY CONTROLS

    Integrity control protect data from unauthorized use and update.

    These controls include,

     Limit the value in field


     Limit actions that can perform on date
     Limit execution process
     Domail “ domain is the way to user-define data”

    Once a domain is defined any field can be assigned that domain as its data.

    Authorization rules
    Authorization rules are controlled incorporated in the data management
    system. That restrict access to data and also restrict the actions that people
    may take when they access data. For example, a person who can supply a
    particular password may be authorized to read any record in a database but
    cannot necessarily modify any of those records.

    Authorization table for salespersons

    Customer Order
    record record
    Read Y Y
    Insert Y Y
    Modify Y N
    Delete N N

    ENCRYPTION

    Data encryption can be used to protect highly sensitive data such as


    customer credit card numbers or account balances. Encryption in the
    coding or scrambling of data so that humans cannot read them. Some
    DBMS products include encryption routines that automatically encode
    sensitive data when are stored or transmitted over communication
    channels. For example, encryption is commonly used in electronic fund
    transfer (EFT) systems. Other DBMS products provide exits that allow
    users to code heir own encryption routines.

    AUTHENTICATION SCHEMES
    In an electronic environment, a user can provide his or her identity
    by supplying one or more of the fallowing factors.

     Something the user knows, usually a password or personal


    identification number (PIN)
     Something the user possesses, such as a smart card or token.
     Some unique personal characteristic, such as fingerprint or retinal
    scan

    Authentication schemes are called one-factor, two-factor or three factor


    authentication, depending on how many of these factors are employed.
    Authentication becomes stronger in proportion to the number of factors that are
    used.

    SECURITY POLICY & PROCEDURES

     Personal controls
     Physical controls
     Maintenance controls
     Data privacy controls

    USER-DEFINES PROCEDURES

    Some DBMS products provide user exists (or interface ) that allow
    system designers or users to create their own user-defined procedures for
    security, in addition to the authorization rules we have just described. For
    example, a user procedure might be designed to provide positive user
    identification. In attempting to log on to the computer, the user might be
    required to supply a procedure name are supplied, the systems then calls the
    procedure, which ask the user a series of questions whose answers should be
    known only to that password holder.

    Potrebbero piacerti anche