Scribd Logo
Upload

Welcome to Scribd!

  • UNIT 5 Part 3

    Uploaded by

    Aparna Aparna
    5 views3 pages
    Database security refers to controls that ensure confidentiality, integrity, and accessibility of databases. It must safeguard the database itself, database management systems, associated applications, database servers, and computing infrastructure. A data breach compromises data integrity and can damage a business through intellectual property loss, reputational harm, lack of continuity, and fines. Discretionary access control is identity-based and allows owners to determine access, while mandatory access control is imposed by administrators based on identities and clearances. DAC is easier to implement but less secure, while MAC is more difficult but offers tighter security.

    Original Description:

    Original Title

    UNIT 5 part 3

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Database security refers to controls that ensure confidentiality, integrity, and accessibility of databases. It must safeguard the database itself, database management systems, associated applications, database servers, and computing infrastructure. A data breach compromises data integrity and can damage a business through intellectual property loss, reputational harm, lack of continuity, and fines. Discretionary access control is identity-based and allows owners to determine access, while mandatory access control is imposed by administrators based on identities and clearances. DAC is easier to implement but less secure, while MAC is more difficult but offers tighter security.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    5 views3 pages

    UNIT 5 Part 3

    Uploaded by

    Aparna Aparna
    Database security refers to controls that ensure confidentiality, integrity, and accessibility of databases. It must safeguard the database itself, database management systems, associated applications, database servers, and computing infrastructure. A data breach compromises data integrity and can damage a business through intellectual property loss, reputational harm, lack of continuity, and fines. Discretionary access control is identity-based and allows owners to determine access, while mandatory access control is imposed by administrators based on identities and clearances. DAC is easier to implement but less secure, while MAC is more difficult but offers tighter security.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 3

    DATABASE SECURITY

    Security of databases refers to the array of controls, tools, and procedures designed to ensure and
    safeguard confidentiality, integrity, and accessibility.

    Security for databases must cover and safeguard the following aspects:

    o The database containing data.


    o Database management systems (DBMS)
    o Any applications that are associated with it.
    o Physical database servers or the database server virtual, and the hardware that runs it.
    o The infrastructure for computing or network that is used to connect to the database.

    Why Database Security is Important?


    According to the definition, a data breach refers to a breach of data integrity in databases. The
    amount of damage an incident like a data breach can cause our business is contingent on various
    consequences or elements.

    o Intellectual property that is compromised


    o The damage to our brand's reputation
    o The concept of business continuity (or lack of it)
    o Penalties or fines to be paid for not complying
    o Costs for repairing breaches and notifying consumers about them.

    Discretionary Access Control

    DAC is identity-based access control. DAC mechanisms will be controlled by user identification
    such as username and password. DAC is discretionary because the owners can transfer objects or
    any authenticated information to other users. In simple words, the owner can determine the
    access privileges.

    Attributes of DAC –
    1. Users can transfer their object ownership to another user.
    2. The access type of other users can be determined by the user.
    3. Authorization failure can restrict the user access after several failed attempts.
    4. Unauthorized users will be blind to object characteristics called file size, directory path,
    and file name.

    Examples- Permitting the Linux file operating system is an example of DAC.


    Mandatory Access Control

    The operating system in MAC will provide access to the user based on their identities and data.
    For gaining access, the user has to submit their personal information. It is very secure because
    the rules and restrictions are imposed by the admin and will be strictly followed. MAC settings
    and policy management will be established in a secure network and are limited to system
    administrators.

    Attributes of MAC –
    1. MAC policies can help to reduce system errors.
    2. It has tighter security because only the administrator can access or alter controls.
    3. MAC has an enforced operating system that can label and delineate incoming application data.
    4. Maintenance will be difficult because only the administrator can have access to the database.

    Examples- Access level of windows for ordinary users, admins, and guests are some of the
    examples of MAC.

    Differences between DAC and MAC

    DAC MAC

    DAC stands for Discretionary Access MAC stands for Mandatory Access
    Control. Control.

    DAC is easier to implement. MAC is difficult to implement.

    DAC is less secure to use. MAC is more secure to use.

    In DAC, the owner can determine the In MAC, the system only determines the
    access and privileges and can restrict access and the resources will be
    the resources based on the identity of restricted based on the clearance of the
    the users. subjects.

    DAC has extra labor-intensive


    MAC has no labor-intensive property.
    properties.

    Users will be provided access based on Users will be restricted based on their
    DAC MAC

    their identity and not using levels. power and level of hierarchy.

    DAC has high flexibility with no rules MAC is not flexible as it contains lots of
    and regulations. strict rules and regulations.

    DAC has complete trust in users. MAC has trust only in administrators.

    Decisions will be based only on user ID Decisions will be based on objects and
    and ownership. tasks, and they can have their own ids.

    Information flow is impossible to Information flow can be easily


    control. controlled.

    DAC is supported by commercial MAC is not supported by commercial


    DBMSs. DBMSs.

    MAC can be applied in the military,


    DAC can be applied in all domains.
    government, and intelligence.

    MAC prevents virus flow from a higher


    DAC is vulnerable to trojan horses.
    level to a lower level.

    You might also like