Security and integrity, Database Management System

Assignment Help:

Security And Integrity

After Reading the concepts of database recovery in the last section, let us now deal with a vital concept that helps in minimizing consistency errors in database systems. These are the concepts of database integrity and security.

Information security is the protection of information against unauthorised disclosure, destruction or alteration.  Database security is the protection of information that is keeps in a database.  It deals with ensuring only the "right people" get the right to access the "right data".  By right people we mean those people who have the right to update / access the data that they are requesting to update / access with the database.

This should also make sure the confidentiality of the data.  For instance, in an educational institution, information about a student's grades should be made available only to that student, while only the university authorities should be able to update that information. Likewise, personal information of the employees should be accessible only to the authorities concerned and not to everyone.  Another instance can be the medical records of patients in a hospital. These should be available only to health care officials.

Therefore, one of the concepts of database security is primarily a specification of access rules about who has what type of access to what information. This is also called as the problem of Authorisation.  These access rules are defined at the time database is described.  The person who writes access rules is known as the authoriser.  The process of guaranteed that information and other protected objects are accessed only in authorised ways is known as access control. There may be other forms of security relating to operating system, physical, communication aspects of databases. Though, in this unit, we will confine ourselves mainly to authorisation and access control using easy commands.

The term integrity is also applied to data and to the mechanism that helps to make sure its consistency.  Integrity shows to the avoidance of accidental loss of consistency. Protection of database contents from unauthorised access contains legal and ethical issues, organization policies and database management policies.  To protect database various levels of security measures are maintained:

 1)  Physical:  The site or sites having the computer system must be physically secured against illegal entry of unauthorised persons.

2)  Human: An approval is given to a user to decrease the chance of any information leakage and unwanted manipulations.

3)  Operating System: Even though foolproof security methods are taken to secure database systems, weakness in the operating system security might serve as a means of unauthorised access to the database.

4)  Network:  Since databases permit distributed or remote access by terminals or network, software level security within the network software is a main issue.

5)  Database system: The data items in a database require a fine level of access control. For instance, a user may only be permitted to read a data item and is permitted to issue queries but would not be permitted to deliberately change the data. It is the responsibility of the database system to make sure that these access restrictions are not violated.

To make sure database security needs implementation of security at all the levels as above. The Database Administrator (DBA) is responsible for executing the database security policies in a database system. The organisation or data owners make these policies. DBA makes or cancels the user accounts assigning appropriate security rights to user accounts as well as power of granting and revoking certain privileges further to other users.


Related Discussions:- Security and integrity

Php optimization on iis 8, Project Description: We have purchased facebo...

Project Description: We have purchased facebook style chat software which we are using with our site. It is prepared in PHP but the rest of the site is developed asp.net. Iss

Define the normalisation form, Define in which normalisation form if an att...

Define in which normalisation form if an attribute of a composite key is dependent on an attribute of other composite key. Ans: 3NF A relation is in 3 NF if an attribute of

What are the two types of serializability, What are the two types of serial...

What are the two types of serializability? The two types of serializability is a)      Conflict serializability b)      View serializability

Intersection, If R1 and R2 are two union compatible relations or functions,...

If R1 and R2 are two union compatible relations or functions, then the result of R3 = R1 ∩R2 is the relation that contains all tuples that are in both the relations In other words,

What is difference among mysql_connect and mysql_pconnect, What is differen...

What is difference among mysql_connect and mysql_pconnect? Mysql_connect() opens a new connection to the database while mysql_pconnect() opens persistent connection to the data

Explain query execution plan, Explain query execution plan? - Optimizer...

Explain query execution plan? - Optimizer available in SQL Server optimizes code to be effectively executed. - A query execution plan demonstrates how this optimizer would r

Fire department, The State of Newyork certifies firefighters throughout sta...

The State of Newyork certifies firefighters throughout state keep track all of them, as well as the state’s of fire departments. Each fire department has unique department number

Dealing with constraints violation, If the deletion violates referential in...

If the deletion violates referential integrity constraint, then three alternatives are available: Default option: - refuse the deletion. It is the job of the DBMS to describ

Define deferred update technique of recovery, Discuss deferred update techn...

Discuss deferred update technique of recovery.  What are the advantages?  Ans:  The deferred update methods do not physically update the database on disk till after a transact

Write query to list the staff who work within the branch, Consider the foll...

Consider the following relations: BRANCH( bno, street, area, city, pcode, Tel_no, Fax_no) STAFF( Sno, Fname, Lname, address, position , salary, bno) Express the subsequent qu

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd