UNCP CSC 3800 - Database Security (26 pages)

Previewing pages 1, 2, 3, 24, 25, 26 of 26 page document View the full content.
View Full Document

Database Security



Previewing pages 1, 2, 3, 24, 25, 26 of actual document.

View the full content.
View Full Document
View Full Document

Database Security

114 views


Pages:
26
School:
University of North Carolina at Pembroke
Course:
Csc 3800 - Database Management Systems

Unformatted text preview:

CSC 3800 Database Management Systems Fall 2009 Time 1 30 to 2 20 Meeting Days MWF Location Oxendine 1237B Textbook Databases Illuminated Author Catherine M Ricardo 2004 Jones Bartlett Publishers Chapter 9 Database Security Dr Chuck Lillie Privacy and Security Database security protecting the database from unauthorized access modification or destruction Privacy the right of individuals to have some control over information about themselves protected by law in many countries Right to privacy can be protected by database security Accidental Security Threats User errors User unintentionally requests object or operation for which he she should not be authorized Communications system errors User sent a message that should be sent to another user system connects a user to a session that belongs to another user with different access privileges OS errors Accidentally overwrites files and destroys part of database Fetches the wrong files and sends them to the user Fails to erase files that should be erased Deliberate Security ThreatsSources User intentionally gains unauthorized access and or performs unauthorized operations on the database Disgruntled employee who is familiar with the organization s computer system seeks revenge Industrial spies seek information for competitors Deliberate Security Threatsmethods Wiretapping of communication lines Electronic eavesdropping picking up electronic signals Reading display screens or printouts left unsupervised Impersonating authorized users or users with greater access Writing programs to bypass the DBMS and access database data directly Writing applications programs that perform unauthorized operations Deriving information about hidden data by clever querying Removing physical storage devices from the computer facility Making copies of stored files without going through the DBMS Bribing blackmailing or influencing authorized users to obtain information or damage the database Security Plan Should begin with physical security



View Full Document

Access the best Study Guides, Lecture Notes and Practice Exams

Loading Unlocking...
Login

Join to view Database Security and access 3M+ class-specific study document.

or
We will never post anything without your permission.
Don't have an account?
Sign Up

Join to view Database Security and access 3M+ class-specific study document.

or

By creating an account you agree to our Privacy Policy and Terms Of Use

Already a member?