Scribd
Upload
94 views

Authorization Rules: BY, Iti Mehrotra (46) M.Haritha

The document discusses database security and authorization rules. It states that a DBA creates authorization rules that define who can access and perform operations on different parts of the database. These rules take into account subjects (users), objects (database units), and actions (operations). The rules are enforced by authenticating users and ensuring the rules are not violated when users access the database. Common authorization mechanisms include authorization matrices, views, and classification levels for data objects.

Uploaded by

Haritha Mudumba
Copyright
© Attribution Non-Commercial (BY-NC)
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
94 views

Authorization Rules: BY, Iti Mehrotra (46) M.Haritha

The document discusses database security and authorization rules. It states that a DBA creates authorization rules that define who can access and perform operations on different parts of the database. These rules take into account subjects (users), objects (database units), and actions (operations). The rules are enforced by authenticating users and ensuring the rules are not violated when users access the database. Common authorization mechanisms include authorization matrices, views, and classification levels for data objects.

Uploaded by

Haritha Mudumba
Copyright
© Attribution Non-Commercial (BY-NC)
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 13

AUTHORIZATION RULES

BY,
ITI MEHROTRA(46)
M.HARITHA (47)
DATABASE SECURITY

 Security in a database involves


mechanisms to protect the data and
ensure that it is not accessed, altered, or
deleted without proper authorization.
Need for DATABASE SECURITY

 In case of shared data, multiple users try to access


the data at the same time. In order to maintain the
consistency of the data in the database, database
security is needed.
 Due to advancement of internet, data are
accessed through World Wide Web, to protect the
data against hackers, database security is needed.
 The plastic money is more popular. The money
transaction has to be safe. More specialized
software both to enter the system illegally, extract
data is available.
DBA

 A database administrator (DBA) is a person


responsible for the design, implementation,
maintenance and repair of an organization's database.

 1. Maintaining database and ensuring its availability to


users
2. Controlling priviledges & permissions to database
users
3. Monitoring database performance
4. Database backup and Recovery
5. Database security
AUTHORIZATION RULES

 DBA’s create authorization rules that define


who can access what parts of database for
what operations.
 Enforcement of these rules involves
authenticating the user and ensuring that these
rules are not violated by access requests.
 DBMS should support creation and storage of
authorization rules and enforcement of
authorization rules when users access a
database.
 Authorization rules take into account a few
main ideas:
– Subjects: Individuals who perform some
activity on the database.
– Objects: Database units that require
authorization in order to manipulate.
– Actions: Any action that might be
performed on an object by a subject.
Constraint: A more specific rule
regarding an aspect of the object and
action.
 These elements are commonly combined
into an authorization table

SUBJECT OBJECT ACTION CONST


RICH EMP INSERT NONE
SALLY PURCHASE MODIFY TOTAL<
ORDER 1000
CLERKS EMP READ NONE
DBA
AUTHORIZATION RULES

DATA BASE
USERS SECURITY
SYSTEM
ACCESS
RIGHTS

database
 The authorization rules define authorized
users, allowable operations, and
accessible parts of a database.
 These rules are controls incorporated in
the data management system that restrict
access to data and also restrict the actions
that people may take when they access
the data.
Two main mechanisms of access control at
DBMS level:
 Discretionary access control
 Mandatory access control
3 authorization mechanisms

 Authorization matrix
 Views
 Classification levels for data objects
Centralized and Decentralized
authorization control

CENTRALIZED DECENTRALIZED
 The system dictionary  An individual or group of
contains all the info and individuals are
data required for the designated as the
authorization mechanism authorizers for one
 Access to dictionary and particular site in the
authorization matrix is network.
restricted to dba and
other security officials.
THAN’Q’…!

You might also like