Sign Up Now
Get instant access to over 1 million+ study documents
OR
Already registered? click here to login
By creating your account, you agree to our terms of service, privacy policy and student honor code.
Data Security Policy
There are instances when not all information in a database is open for access to a user. Hence, there is the data security policy that controls the level of access a user has. According to Oracle Corporation Online,
Data security includes the mechanisms that control the access and use of the database at the object level. Your data security policy determines which users have access to a specific schema object, and the specific types of actions allowed for each user on the object.
Generally data security is based on how sensitive information is (Oracle Corp.). Important and confidential information is always necessary to be accessible only to a limited number of users.
User Security Policy
This policy defines how users will be allowed to access a database. The most common user security elements are password security and access privileges of users. To maintain a secured access to database and to lessen illegal database access, the database must feature periodical change of passwords. For instance, users will be asked by the system to change their password every quarter of a year. Encryption of password is another useful user security policy. In cases when there is an unauthorized access to user account information, password data is still secured because what is stored in the database is not the real password but its encoded form.
User security may also involve the definition of specific areas in a database where a user is allowed to access. This privilege management policy is important especially if a database services many users. Database roles can be created to implement this policy.
Auditing Policy
It is common that databases are audited to check the reliability of information it contains. However, there are also activities in a database that must be restricted to auditors. A database administrator must properly set database auditing procedures...
Otherwise, the problem of information misuse will never be solved.
In many business sectors, along with the obligation of maintaining database security policy is the implementation of different hardware and software that can protect databases from unauthorized access. Several of these are the following.
Antivirus Software
Antivirus softwares are typically installed in the computer system and should always be enabled to allow constant protection from viruses. The software and hardware requirements depend on the antivirus product being used.
Network Firewall
Products of this type protect a network from unauthorized database access and any information within the network.
Above all the database security policies and software and hardware protections, the most important procedure to prevent data loss should the database security fails is the process of maintaining a periodic backup of the database. With a backup, it can be said that a database is secured whether in times of database security problems or in times when the database is secured.
Bibliography
Jucan, George. Database Security: Beyond the Password.
Retrieved on June 06, 2005, from Oracle Technology Network. http://www.oracle.com/technology/pub/articles/jucan_security.html
Establishing Security Policies.
Retrieved on June 05, 2005, from Oracle Corporation Online. http://www-rohan.sdsu.edu/doc/oracle/server803/A54641_01/ch19.htm
Bibliography
Jucan, George. Database Security: Beyond the Password.
Retrieved on June 06, 2005, from Oracle Technology Network. http://www.oracle.com/technology/pub/articles/jucan_security.html
Establishing Security Policies.
Retrieved on June 05, 2005, from Oracle Corporation Online. http://www-rohan.sdsu.edu/doc/oracle/server803/A54641_01/ch19.htm
Database Differentiation Description of the data models A detailed description of all the tables that a database consists of is referred to as a data dictionary. A data dictionary will contain all the attribute characteristics and names for every table found within a database system. A data dictionary can also be referred to as a metadata repository. This is because it contains information like relationships with other data, meaning, usage, format, and
Database Administrator for Department Store Scenario The department store has expanded in the local region by opening five more bookstores, and the bookstore has launched a series of marketing campaign to increase sales and attract new customers. The objective of this technical report is to develop a plan to create and maintain an enterprise-wide database system that will assist the bookstore to hold the inventory and sales data. The database design will
Database Concepts Compare and contrast Microsoft Access, Microsoft SQL Server, DB2, and Oracle database programs Providers: Microsoft Corporation provides Microsoft Access and SQL Server, Oracle by Oracle Corporation and DB2 is a product of IBM. Brief about each: MS Access: Microsoft Access is a database, which comes bundled in Microsoft Office Products. Access is fully compatible with Active Server Pages (ASP) scripting. Database programs such as Access (sometimes called Relational Database Management systems or
This would also mean that the shadowing process goes on behind the scenes, and one need not even be aware that the process is in fact going on at any point of time; it can go on without creating any sort of disturbance to the user of the application, at any point of time. (Shadow Files) Another important advantage of using the shadowing of a database is that data would
An architect could also choose a Metamodel, which specify the elements of the model to be stored. 7 Select Modeling Levels to be Stored within the Repository An Architect should select the modeling levels, which include source code, models, runnable code and model instances to be stored in a Metadata Repository, Model Repository or a Model. 8 Select Metadata Types With reference to the Metadata Repository, a Model to be used, an architect could select
IT Acquisition Management for a new Video Shop Individual Project Activities Identification of a problem Organization: Component: Showtime Video Store Business Capture Group The problem is that there is no real information technology security measure employed in the video shop. There is very little awareness of the necessary IT security measures amongst the current management heads which is why they need an effective IT security plan and structure to implement to ensure there is no copyright infringement