logo

Security Measures in Database Principles

Design a centralised database for Crazy Cat Public Houses that allows web interface access for employees, keeping records of sales, stock control, and employee shifts.

9 Pages1927 Words298 Views
   

Added on  2023-04-07

About This Document

This document discusses various security measures in database principles, including encryption, access control, user authentication, and more. It also explores the threats and countermeasures to protect the database. Additionally, it explains the 3-tier client-server architecture and its relationship to the ANSI-SPARC conceptual model.

Security Measures in Database Principles

Design a centralised database for Crazy Cat Public Houses that allows web interface access for employees, keeping records of sales, stock control, and employee shifts.

   Added on 2023-04-07

ShareRelated Documents
DATABASE PRINCIPLES.
By
Name ----------------------------------------------------------------------------------------
Lecturer
Name -------------------------------------------------------
March, 2019.
Security Measures in Database Principles_1
Security measures.
Encryption.
According to Jelling wood (2015) explained that encryption is a method of changing data in a
format it cannot be read or understandable by anyone apart from those who have keys for that
data to unhide it.
The main administrator (manager) and should be able to login using a user name and
password. He should also be able to perform the following tasks, Create and manage accounts
for the sales venues. There can only be 60 venue at a time each operating only at a locations. The
details of the sales persons include (first name, last name, user name, phone number, password,
address, employee shift, time of shift).
Access control.
Access control allows only principles who have authority to access database. Reading and
writing actions are prohibited from unauthorized principles. Access controls ensure information
flow in database conforms to organization principles. Access control help in minimizing
situation which may rise to harm a database and affects security of database. Example when a
principle which is not authorized to access a database deletes or Modifies tables vital information
can be lost.
Access Control measures includes:
Permissions of file.
Creating, reading, editing or deleting files in database. Sales person should be able to delete,
stock control and keeps record of foods and drinks on the accounts.
Permissions of software.
Rights of executing a software database application.
Rights of Data. Give rights of retrieving and updating data in a database to specific principles.
Crazy Cat database system will used for capturing sales of all items.
Identification.
User Identification Knowing principle who uses database is very important and it a good
practice of security need.it is good to know database users before giving them permissions and
rights of access this makes auditing ease. Identification involves identity of principal, user of
system, host of system and service of system. The user of this database system are Crazy cat,
employee of crazy cat and Customer. All details of customer, employees and crazy cat are being
captured in the database system for easy identification. Identification helps to know customers
who frequent the venue, comparing sales of different venues and planning for employees.
User Authentication.
Before your start using database it is advised to authenticate database.
Authentication of database involves what user know they include locks, pattern, password and
pin numbers, what users possess cards and what user is includes biometrics. .Employee to access
the user interface of database system they should be registered and their details captured for
example username and password
Security Measures in Database Principles_2
Accountability and auditing.
. To monitor and record configuration of way database works for database users it is called
Auditing. Users and non-database users. Integrity is ensured through accounting .All actions on
database most be accounted for. Payment is only through smart card and cash to access services.
Capturing sales is made through electronic tills.
Backup and recovery.
Backup it is reserving details of database and file logs to storage devices .Backup is a security
measure which data is safe. Recovery is the process of bring back database into normal use.
The Crazy Cat system should be able to auto-logout after 2 minutes of inactivity.
Threats and Countermeasures.
Excessive privileges.
Excessive privileges are harmful and causes risks which are not wanted. Most attack on
company information are usually done by company workers because they have full permissions
and access control on the system.
Countermeasures.
Access Control policy
Restrict privileges of employees by creating levels. Do not grant unnecessary privileges to
the use
SQL Injections.
According to Almutairi and Alruwaili (2016) explained that Malicious code are inserted in
database
Countermeasures.
Installing firewalls.
Malware.
According to According to Goud (2017) explained that malware is a software that propagates
itself and affects a system.
Countermeasures of Malware Enable firewall protection and Install Antivirus.
According to Schneier (2016) explained that firewall is a software that restrict access of
service from external user on a network. You can restrict or control access of database according
groups for example public service, private and internal services.
Denial of Service Denial of Service.
This means a user cannot access some functionality of database.
Countermeasures of Denial of Service.
Intrusion Detection System it detects and responses to the cause of denial of service.
Weak authentication.
It means some can use creditatials of legal databases users and access it.
Counter measures.
Use of two-way factor authentication is allowed and use of strong passwords. These SSH
Keys are cryptograph and helps in authentication of SSH Database as another option of using
password and username for login. It uses private and public keys .Private key is safe and no one
knows it while public keys it is known to everyone and available anytime for anyone who want
to access database.
Security Measures in Database Principles_3

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
Threat Categories for Information Security: Prevention and Detection Techniques
|13
|1796
|257

Implementation of CIA
|4
|768
|382

Information Security: CIA Triad, ATM Security, Biometric Authentication, Caesar Cipher
|13
|2577
|292

Assignment on Application Security
|7
|1406
|60

Risk Assessment And Asset Security
|14
|3685
|22

Security Measures That Future plus Should Take to Prevent Its Staff Members, Including Casual Staff From Handling Information Unethically
|2
|765
|18