【Database Security 】What Students Need to Know

Ref: Database Security What Students Need to Know .pdf

 

While database security incorporates a wide array of security topics, notwithstanding,physical security, network security, encryption and authentication, 物理安全、网络安全、加密和身份验证

this paper focuses on the concepts and mechanisms particular to securing data. 侧重数据安全的概念和机制

 

 

Database security is built upon a framework encompassing three constructs: confidentiality, integrity and availability (Bertino & Sandhu,2005).

• 【Confidentiality 保密性】 or secrecy refers to the protection of data against unauthorized disclosure 透漏
• 【Integrity 完整性】 refers to the prevention of unauthorized and improper data modification
• 【Availability 可用性】 refers to the prevention and recovery from hardware and software errors as well as from malicious data access resulting in the denial of data availability (Bertino, Byun & Kamra, 2007).

 

Mapping to these three constructs, a database security component in any course needs to cover:

• access control 访问控制
• application access 应用程序访问
• vulnerability 脆弱性
• inference 推理
• auditing mechanisms 审计机制