Database Security Flashcards
Define database security…
The implementation of security mechanisms onto a database that will preserve the CIA triad of the database.
Who has most control in enforcing the database security?
The Database Administrator. They can elevate privileges, revoke privileges, remove users, modify access control etc.
What are the 2 types of access control that can be put in place?
Discretionary Access Control : DBA assigns permissions to specific users of the database.
Mandatory Access Control : The system defines what permissions users have. This is done by assigning database objects to a security class, and then giving users clearance to certain security classes. The Bell-Lapedula model is an example of this. Security classes are hierarchical (TS > S > C > UC).
What are the 3 types of integrity that a database needs to have?
Entity integrity : Relates to the PK.
Referential Integrity : Relates to the FK. The FK should always be a none null PK attribute of its home relation.
Domain Constraints : Domain values should adhere to their constraints.
What is an audit conducted on the database?
All transactions are logged, and an audit is an inspection of these logs to check security.
What is meant by RAID?
Redundant Array of Independent Disks : This is a logical unit of data that is stored in a non-contiguous way across multiple disks. This improves read and write efficiency.
What is Data Stripping?
The partition of data into equal sizers which is then distributed into non-contiguous storage across multiple disks. This is how RAID is implemented.
