Session_5_view_notes - Slides 1-4 contain a brief review of...

Info iconThis preview shows pages 1–2. Sign up to view the full content.

View Full Document Right Arrow Icon
Slides 1-4 contain a brief review of concepts. One reason security software came into existence was that security rules are sometimes more complicated that simple access control list can deal with. Another way of saying this is that the granularity of access control list is low and the software can provide much more granular control. Granular in this sense refers to the level at which control takes place. It can take place on logon (once you are logged in you can look at anything) or by database or file (more granular or lower level control, or more control). Indeed it can be at row, or attribute or even at elemental levels (control based on the values of the answer, e.g., If employee name = “James Bond” suppress otherwise reveal. At these more granular levels security is typically augmented at within the database or at the file level. Security can be implemented at either the physical level or at the logical level or at both. It can be static (like access control based on security level, e.g., you can see it if you have Secret level clearance and the object is labeled Secret) or dynamic (the systems has rules to determine your need to know based on job function or what you have previously done). Slide 5
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 2
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 12/23/2009 for the course DBST dbst 668 taught by Professor Yelena - ta during the Spring '09 term at MD University College.

Page1 / 2

Session_5_view_notes - Slides 1-4 contain a brief review of...

This preview shows document pages 1 - 2. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online