Menu

Database security Questions

0 Comment

In addition, the moment we think to offer security to our database framework with the intention that no illegal person or user is able to use it. However, the unplanned harms could be minimized by offering guidance to the employees and enforcing fines on violation of the business policies for instance moving away from workplace even though the system is open for working. In this scenario, a company user must be permitted access only relevant data, and diverse business users should be controlled through diverse methods of access for instance interpretation and modification to business critical data. Thus, business strategies at user administration level are able to help make new rules for prohibiting illegal or legal user access issues (Kumar, 2011. Cawley, 2008). Q. 2 Trigger The below given code is taken from (Pattani, 2010. Oracle , 2010. Czuprynski, 2006) CREATE TABLE CUSTOMER_SECTION ( Cst_SectNo sectno_dom, Cst_Name section_dom, Cst_HeadSSN ssn_dom, Cst_Budget budget_dom, CONSTRAINT customer_section_PK PRIMARY KEY (cst_SectNo), CONSTRAINT c_section_FK FOREIGN KEY (cst_HeadSSN) REFERENCES tab_LIBRARIAN (SSN), CONSTRAINT customer_section_budget_TX2 CHECK ((cst_Budget gt.= 0) AND (cst_Budget IS NOT NULL)), CONSTRAINT customer_section_budget_TX2 CHECK (NOT EXISTS (SELECT * FROM customer_SECTION s WHERE cst_budget lt. (SELECT SUM (Salary) FROM tab_LIBRARIAN WHERE tab_LIBRARIAN.customer_SECTION = s.cst_SectNo))) ). In the above given code, the customer_section_budget_TX1 constraint states that the cst_Budget column should not be negative by value and it must not hold a Null value. In this scenario, the customer_section_budget_TX2 constraint is an instance of a type of constraint which engages some extra table. It implies that the budget in customer_SECTION must not be below the total of the library workers salaries who effort inside that segment. Additionally, together this as well as customer_section_budget_TX1 will be assessed while a transaction that is updating the budget, or adding/inserting a fresh row in Customer_SECTION, tries to commit the transaction. In this scenario, a trigger is indicated through the command DEFINE TRIGGER, and it comprises 2 segments a specified condition and the undertaken action. However, we can also specify the similar constraint which we employed before a trigger: the library workers salary should not be larger than the salary of his library head (Pattani, 2010. Oracle , 2010. Czuprynski, 2006). DEFINE TRIGGER tab_librarian_salary_trigger after UPDATE of Salary ON tab_LIBRARIAN WHEN (EXISTS (SELECT * FROM Tab_LIBRARIAN L, tab_LIBRARIAN H, customer_SECTION S WHERE Lib.Salary gt. Head.Salary AND Lib.Section = S.cst_SectNo AND S.Lib_HeadSSN = Head.SSN and Lib.SSN Head.SSN)) inform_director (Lib.SSN,Lib_HeadSSN). In the above given code we supposed that inform_director() is a process which has already been stored inside the database in addition it could be used by the DBMS (Pattani, 2010). Q: 3 Following are advantages of VPD: (Pattani, 2010. Oracle , 2010. Czuprynski, 2006) VPD offers dynamic security mechanism means that businesses need not to uphold complicated roles and considering grants aspects. By using VPD one can apply over individual rule on every database object Database users are not able to circumvent safety mechanism inserted inside applications, since