What concerns would you have if you accept a job as a database administrator and discover that the database users enter one common password to log on to the database each morning when they arrive for work? You also learn that they leave their workstations connected to the database all day, even when they are away from their machines for extended periods of time.
The Solution to the Problem
The database administrator (DBA)
A database is a collection of records that are shared among a variety of users. So, it's necessary to ensure that the authorized persons or the authorized users can access the data stored within the database.
Process of the database administrator
The database administrator is the one who is responsible for providing access to users according to their levels. This is because; all the information isn't needed by all the users. So, for the safety of the data, the database is divided into multiple levels. The various users can access the data only for which the user is permitted.
Data security
For the safety of the data, the data is encrypted and decrypted. Encryption is the scheme proposed to permit a hierarchical organization of keys for encryption and decryption of data in the database. A secret key is issued to each user to decrypt the data and verify the user.
The two concerns for Database Administrator are as follows:
Privacy loss
Privacy loss of a database leads to misuse of the database.
Fraud and theft
In these activities, unauthorized users can access the database to modify the data. The user who has a higher level of clearance can read the data of the lower level. The user with a lower level of clearance may request a higher level of data, but the user clearance is required. The main purpose of encryption in multilevel secure DBMS (Data Base Management System) is to encrypt the data for the data's security. In a multilevel database, the data is stored on different levels.
For example, when a user enters a user name and password to access the email, then these are stored in the database after encryption. This is done because any other person cannot access the email. When the user requests to access the email account, the user name and password are decrypted, and the account is opened.
See Also: MDM Chapter 11 Problem and Excercise 9
Post a Comment