5 Security of the database

I. DBA: Database administrator, highest privilege owner

The first layer: Database system Operation Security: hardware, environment, disaster, design and other aspects

Second layer: Information Security of database system: legal level, user identification, user access control, data access, access, audit trail, data encryption

II. Basic Security mechanisms

1. User authentication: Password Authentication: User account and password is the core of password authentication

Strengthen certification: In combination with some more in-depth technical safeguards in the field of information security to enhance the identification of user identities:

Specific to the PKI user certificate, smart card. Support for the combination of fingerprint recognition and other technologies

One-way authentication process

2. User Roles

Database Logon Permission Class

Resource Management permission Classes

Database administrator Permissions

3. Data authorization

Database-level

Table-Level

Row level

Property-level

The DBMS has the following two basic principles for accessing access control for users

Principle of control of isolation principle

Authorization: Grant Insert,update,delete on authors to Mary, Jhon;

Right to receive: REVOKE creat TABLE, creat DEFAULT from Mary, Jhon;

4. Database encryption

5. System security Policy

6. Data Security Policy

7. User Security Policy: General user, end user, database administrator

8. Security Policies for application development

9. Security level of the data: Class four, Level 7 D, C (C1, C2), B (B1, B2, B3), A

D: Minimum protection

C: Custom protection: C1: Unconditional Security

C2: Controlled Access Protection

B: Mandatory protection: B1: Tag Security

B2: Structural Security

B3: Secure Domain security

A: Verifiable protection

At present, the DBMS generally uses the requirements above the C2 level

5 Security of the database