Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
INTRODUCTION
In a database system management, each DBMS must have its own way management whether using other software or database itself. To make sure data integrity and security in a database, each database must have access protection, user account and also database audits.
4/22/12
Enables an authority to control access to areas and resources. Select the access level, user type, and access level privileges for each user or group in a database. In access protection have identification and authentication.
4/22/12
Separation of duties
No single individual should be allowed to perform high-value or sensitive tasks on their own
Financial transactions User account creation / changes
4/22/12
Least privilege
Persons
should have access to only the functions or data that they require to perform their stated duties File Servers
Don't give access to others' files
on
Workstations
4/22/12
Defense in depth
Use
Heterogeneous
If one type fails, the other remains If one type is attacked, the other remains
4/22/12
Types of Protection
Technical
Authentication,
Physical
Key
Administrative
Policy,
procedures, standards
4/22/12
Allows a user toauthenticate to system services and be grantedauthorizationtoaccess them. Resource owners have classified data according to its need for protective controls, entities should develop procedures to identify all functions of user management.
4/22/12
The everyday users of a database need to be able access & manipulate various database objects in a safe and controlled manner. The DBA creates a USER ACCOUNT for each user by following these basic steps:
Create a username/password protected account and assign the
table space
4/22/12
4/22/12
4/22/12
DROP USER username CASCADE; The cascade option drops all objects in the users schema before dropping the user. If the user owns objects you must specify this parameter to drop the user.
4/22/12
Observing a database so as to be aware of the actions of database users. It can be based on individual actions, such as the type of SQL statement executed, or on combinations of factors that can include user name, application, time, and so on.
4/22/12
Evaluate your purpose for auditing. Audit knowledgeably. Audit only pertinent actions. Archive audit records and purge the audit trail.
4/22/12
Types of Auditing
Statement Auditing
The selective auditing of related groups of statements regarding a particular type of database structure or schema object. Have two categories:-
4/22/12
Privilege Auditing
Use a system privilege, such asSELECTANYTABLE Privilege auditing can audit the activities of all database users or of only a specified list.
Can audit allSELECTand DML statements permitted by schema object privileges, such asSELECTorDELETEstatements on a given table.
4/22/12
Summary
The conclusion is all these 3 methods or topics are important in DBMS. Access protection useful for database security and only authorized person can access the database. User account is needed for every user to access data in database. It also important for a database to identify authorized user. Database auditing is needed to figure out all the actions that happened in database.
4/22/12