{[ promptMessage ]}

Bookmark it

{[ promptMessage ]}

Advanced Reporting and Database Security Week 5

Advanced Reporting and Database Security Week 5 - Advanced...

Info iconThis preview shows pages 1–2. Sign up to view the full content.

View Full Document Right Arrow Icon
Advanced Reporting and Database Security Database Security | The Database Administrator | Groups in a Report | Adding Groups | Adding Drilldown | Including Totals We have looked at how to use aggregate functions in SQL SELECT statements to produce totals. This week, we will use our reporting software to produce totals in the reports. The advantage of using aggregate functions in the reporting software rather than in the SQL is that we are able to display both the totals and the detail rows to the user. Including detail rows in the report can make the report cumbersome, so we will hide the detail rows and only display them when the user selects to drill down through the group to see the details. However, before we begin exploring the use of aggregate data in reports, let's address the important topic of database security. Think of all the personal data about you that is stored in various databases – both private and government databases. Do you want anyone to be able to access that data? I don't think so! You are going to want your data to be kept private and secure. Database security is an extremely important topic and must be carefully planned, implemented, and monitored. Database Security Unfortunately it is becoming all too common these days to hear of a company's database being hacked and customer information stolen. This has very serious consequences for a company, not only as it pertains to loss of revenue but, perhaps more importantly, to loss of trust on the part of customers. The information in a company's databases is a valuable resource and must be protected. Database security needs to be designed as part of the overall security policies of the corporation and covers such things as confidentiality, integrity, and availability. Confidentiality is concerned with who has access to the data and whether the data is being used appropriately. For example, are Social Security numbers being displayed in reports that are left lying around for anyone to see? Integrity pertains to the accuracy of the data contained in the database. If the data cannot be relied on as being accurate, then it becomes totally useless to the company. Ensuring the integrity of the data begins with the database design process and the inclusion of validation rules. Any data put into the database must go through a validation process. Availability means that the database is accessible to users at all times. This topic is part of a discussion on the availability of the entire network infrastructure of the company. A company that supports Internet access to its databases cannot afford to suffer an interruption in service for any reason. In this lecture, we are going to look at the confidentiality aspect of security. Database security is implemented at two levels. Users first must be allowed access to the database server; this is called authentication. Users must then be granted permissions to perform any actions against the objects in the databases themselves; this is termed authorization. You are authenticated by SQL Server every time you try to log
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Image of page 2
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}