Share
Explore BrainMass

Database Security

If you want to create users with different levels of access and capabilities to manipulate the database within an organization, what issues must you keep in mind, based on your reading and knowledge of creating users and roles thus far? Why is user security important to organizations? Discuss database security from a variety of perspectives. Describe how you would manage security and permissions within a database using roles.

Share experiences have you had in terms of user security in past jobs or as a student? Do you feel the user security was effective in those situations? What would you have done differently in light of what you've learned about data security?

Be sure to cite your sources.

Solution Preview

Database security [1] is the system, processes, and procedures that protect a database from unintended activity. Unintended activity can be the result of internal misuse, malicious external attacks or inadvertent internal mistakes.

Issues
----------
Fundamentally, to set an effective approach to authorization the first question that you need to address is "what will we control access to?" An experience [2] is that you can secure access to both data and functionality, such as access to quarterly sales figures and the ability to fire another employee respectively. Your stakeholder's requirements will drive the answer to this question. However, the granularity of access, and your ability to implement it effectively, is a significant constraint. For example, although you may be asked to control access to specific columns of specific rows within a database based on complex business rules you may not be able to implement this in a cost effective manner that also conforms to performance constraints.

The second question that you need to answer is "what rules are applicable?" The answer to this question is also driven by your stakeholder's requirements, although you may need to explore ...

$2.19