In the peer-reviewed article and research that comprise Security Issues and Features of Database Management Systems (Feeney, 1986) the author creates a taxonomy and framework to support his contention that while a distributed database architecture creates new security problems or challenges, these can be met and overcome through use of three core technologies. The author also provides insights into how the traditional database management systems (DBMS) taxonomies and data structures will also be expanded to support user identification and authorization across entire network-based platforms. The author covers the existing areas of user identification and authorization, incorporating an analysis of how views and assertions in database architecture have the potential to authenticate network-based users globally. While the author only briefly touches on the area of role-based authentication throughout a network, there is significant potential for that area for future research. In addition, the author mentions the area of access rules and grant rights, providing examples of how to they are used in single-instance database deployments. These concepts can potentially be extrapolated to broader, more enterprise-wise security strategy using broader database architectures based on the data provided in this article.
¶ … Security Issues and Features of Database Management Systems (Feeney, 1986) the author creates a taxonomy and framework to support his contention that while a distributed database architecture creates new security problems or challenges, these can be met and overcome through use of three core technologies. The author also provides insights into how the traditional database management systems (DBMS) taxonomies and data structures will also be expanded to support user identification and authorization across entire network-based platforms. The author covers the existing areas of user identification and authorization, incorporating an analysis of how views and assertions in database architecture have the potential to authenticate network-based users globally. While the author only briefly touches on the area of role-based authentication throughout a network, there is significant potential for that area for future research. In addition, the author mentions the area of access rules and grant rights, providing examples of how to they are used in single-instance database deployments. These concepts can potentially be extrapolated to broader, more enterprise-wise security strategy using broader database architectures based on the data provided in this article.
In the article Database Security (Fulkerson, Gonsoulin, Walz, 2002) the authors use the implementation of a Microsoft Access database in a manufacturing environment to provide insights into how database security can be made more effective. The purpose in using a stand-alone database is to show how polices regarding confidentiality can be created by view within a database structure, taking into account authorization and user access management. This article does show graphically hwo to define roles and security properties associated with each in Microsoft Access. For purposes of example it is effective, yet the majority of enterprise systems being used in a role-based and group-based environment are Oracle databases today. The authors also provide an overview of how to define rules and ensure database integrity by role and group within an Access database. This is useful from an instructional standpoint and serves as a foundation for showing how the creation of a security plan is essential for the successful management of an enterprise database. With hands-on examples of how to create a database security options and defining role-based and group-based definitions, this article provides pragmatic insights into database security.
Authors Harris and Sidwell provide insightful analysis of security for distributed database architectures and data models in the article and supporting research in Distributed Database Security. The authors contend that as distributed database architectures migrate from mainframe and legacy-based platforms the complexity and difficulty of database integration often leads to gap in security levels and the need for a more focused series of strategies on securing these heterogeneous, distributed database environments. The authors analyze the implications of integrating to legacy and often proprietary databases using the concepts of distributed role-based, group-based and workflow-specific distributed authentication services. Also included are analyses of network and secured remote database administration, two areas that enterprises are increasingly concerned about given the growth of their virtual workforces. The authors have expertise with Oracle databases and use examples from the enterprise products this software vendor provides to make their point regarding security of highly distributed networks. One of the more valuable aspects of this specific paper is the focus on how to create a multilevel secure environment in an enterprise. The authors have done enterprise-level database security work in their careers and this article and research communicate their expertise clearly.
In the article Data Security: A Security Implementation for Relational Database Management Systems (Nilakanta, 1989) the author contends that information architectures must rely on a stable database management system (DBMS) to scale securely and reliably across an enterprise. The author provides insights into several different security procedures and approaches to defining a secured operating environment for enterprise-wide DBMS implementations and use. There are also guidelines for defining security clearances and recommendations on hwo best to use encryptions for backing up stored, confidential data. The author also contends that given the increasingly easy-to-use interfaces of relational database systems in the enterprise there is a corresponding need for more robust, thorough group- and rules-based applications for better managing this and future generations of databases deliberately designed for widespread adoption and use. The author also provides insights into how the central Database Administrator needs to also define object-based rights and permissions across the entire complex of databases in an enterprise, including the defining of access rights by role, group and workflow that a given employee is involved with.
You’re 82% through this paper. Sign up to read the full paper.
Sign Up Now — Instant Access Already a member? Log inAlways verify citation format against your institution’s current style guide requirements.