Data Base Security - an Introduction

sponsored links

Friends, in our previous posts we have discussed some basic topics of Data Base Management Systems. Today we shall discuss about another important topic, Data Base Security. What is the necessity of this Security by the way ? As we all know, the Data Base Management Systems is nothing but to save our data (or database if you talking about huge amount of data). If we are saving some data, that means its important to us. So we have to make sure that the privacy and the access of the data must not be revealed to all. We have to prevent certain people / groups from accessing the data for various reasons. Here we need the Data Base Security.

Lets try to understand this with a small example. The cashier / clerk of the bank can access your account and tell you the details of your account. But it doesn't mean that he can make transactions using your account. That means, he can access the data at a certain extent. This is called data base security.

Data Base Security contains policies and mechanisms to protect the data and ensure that it is not accessed, altered, or deleted without proper authorization. Database security methods focus on preventing unauthorized users from accessing the database. Because DBMS features that make the database easy to access and manipulate also open doors to intruders. Most DBMSs include security features that allow only authorized persons or programs to access data and then restrict the types of processing that can be accomplished once access is made.

There are three main objectives to consider while designing a secure database application :

1.  Security : Information should not be disclosed to unauthorized users. For example, a student should not be examine other student's grades or shouldn't allowed to access the server information of his university. 
2. Integrity : Only authorized users should be allowed to modify data. For example, Students may be allowed to see their grades, yet not allowed to modify them.
3. Availability : Authorized users should not be denied access. For example, an instructor who wishes to change a grade should be allowed to do so.

To achieve the above mentioned objectives, a clear and consistent security policy should be developed to describe what security measures must be enforced.

That's all for now friends. In our next post we shall discuss about various approaches to control the access of data. Happy Reading :)

Hareesh Reddy. K

sponsored links