Database security denotes the system, processes, and procedures that protect a database from unintended activity.
Security is usually enforced through access control, auditing, and encryption.
- Access control ensures and restricts who can connect and what can be done to the database.
- Auditing logs what action or change has been performed, when and by whom.
- Encryption: Since security has become a major issue in recent years, many commercial database vendors provide built-in encryption mechanisms. Data is encoded natively into the tables and deciphered "on the fly" when a query comes in. Connections can also be secured and encrypted if required using DSA, MD5, SSL or legacy encryption standard.
Enforcing security is one of the major tasks of the DBA.
In the United Kingdom, legislation protecting the public from unauthorized disclosure of personal information held on databases falls under the Office of the Information Commissioner. United Kingdom based organizations holding personal data in electronic format (databases for example) are required to register with the Data Commissioner.
No comments:
Post a Comment