Contents

Introduction to DB Security Issues
Database Security and the DBA
The SQL language
Access Protection, User Accounts, and Databases Audits
Mandatory Access Control
Discretionary Access Control (DAC) ............

Introduction to DB Security Issues

January 8, 2020

A good database security management system has to handle the possible database threats.
Threat may be any situation or event, whether intentional or accidental, that may adversely affect a system and consequently the organization
Threats to databases : It may results in degradation of some/all security goals like;
Loss of Integrity
Only authorized users should be allowed to modify data. For example, students may be allowed to see their grades, but not allowed to modify them.
Loss ofAvailability-
if DB is not available for those users/ to which they have a legal right to uses the data Authorized users should not be denied access.
For example, an instructor who wishes to change a grade should be allowed to do so.
Loss of Confidentiality
Information should not be disclosed to unauthorized users. For example, a student should not be allowed to examine other students' grades.

Database Security and the DBA

The database administrator (DBA) is the central authority for managing a database system.
The DBA’s responsibilities include
Account creation
granting privileges to users who need to use the system
Privilege revocation
classifying users and data in accordance with the policy of the organization
Access Protection, User Accounts, and Databases Audits
Whenever a person or group of persons need to access a database system, the individual or group must first apply for a user account. The DBA will then create a new account id and password for the user if he/she believes there is a legitimate need to access the database

Download the Slide Inorder to Access Full Content