Sunday, June 23, 2019
Application Development and Databases Essay Example | Topics and Well Written Essays - 4250 words
Application Development and Databases - Essay ExamplePermissions and overcome of users or processes are defined according to the policies of the business. An access control policy fundamentally specifies a set of rules that describe the methods in which a client can access a server. nark control Matrix An access control matrix is a simple method for the storage of access control information. It is a table in which each row represents a subject (user), each column represents an object (the object can be a file or a record etc.) and each entry is the set of access rights for that subject to that object. In general the access control matrix will be sparse, because most users will not have access rights to most objects. Every subject will, however, be mapped with every object (subject, object, rights).This approach can provide very fine grained security system control. The problem is the more fine grained the control becomes the more entries are mandatory in the table. In a big syst em the table can quickly become very big and difficult to manage and slow to search.Access control listen A different approach is to use capabilities and access control lists. The first method is to specify only the objects that a user may access. This approach is called a capability. It can be seen as a token giving the possessor certain rights to an object. The capability can be stored with the subject.A second method is to create a list that specifies which subjects can... The first method is to specify only the objects that a user may access. This approach is called a capability. It can be seen as a token giving the possessor certain rights to an object. The capability can be stored with the subject. A second method is to create a list that specifies which subjects can access an object, including their access rights. This approach is called an access control list (ACL). The ACL can be stored with the object or the resource. View based security Currently, authorization mechani sms in SQL permit access control at the level of complete tables or columns, or on views. It is also possible to create views for specific users, confine access to data by granting rights only to certain views & tables for each user. These allow those users access to only selected tuples of a table. However, mazy role based access control conditions are difficult to implement. In some cases view security can be bypassed (if users have access to base tables).Also, management of security policy becomes complex by views. When a security policy is added, changed, or removed, its difficult to determine what exactly to do with each view. An administrator cannot tell whether, by changing security policies through altering or dropping a view, he/she is breaking an application.Enforcing Access control privilegesi. Discretionary privileges It is usually based on the granting and revoking of privileges. It is further separate into two classifications 1. The Account level At this level, the DBA specifies the particular privileges that each account holds independently of the relations in the database.Example As the PMS is based on a centralized Oracle server, it must implement all the
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.