lec12.366

lec12.366 - . . Winter 2008 CPE/CSC 366: Database Modeling,...

Info iconThis preview shows pages 1–3. Sign up to view the full content.

View Full Document Right Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: . . Winter 2008 CPE/CSC 366: Database Modeling, Design and Implementation Alexander Dekhtyar . . Database Security: Data Access Control Overview Q: Who is responsible for security of database applications? Variant 1: Database software developers, in software layer. Variant 2: Variant 1 is not always feasible. In such cases, access control is facilitated inside the DBMS. Security in Databases Secrecy: information should not be disclosed to unauthorized users. Integrity: only authorized users should be allowed to modify data. Availability: authorized users should not be denied services. Access Control in Databases Discretionary Access Control : a system of data access permissions initiated and controlled by DBMS users. Mandatory Access Control : a system of universal data access rules obeyed by DBMS. Discretionary Access Control Privileges: data access rights possessed by DBMS users. Types of privileges : SELECT : the right to view stored data. INSERT : the right to insert data. DELETE : the right to delete data. UPDATE : the right to modify existing data. 1 REFERENCES : the right to create tables with foreign keys to the data....
View Full Document

This note was uploaded on 05/19/2008 for the course CSC 365 taught by Professor Dekhtyar during the Spring '08 term at Cal Poly.

Page1 / 3

lec12.366 - . . Winter 2008 CPE/CSC 366: Database Modeling,...

This preview shows document pages 1 - 3. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online