Database Security: Application Access Assessment
Most users do not access a database by directly logging into the database system.
Instead they access the database through an application program.
A simple tool, known as a security (or CRUD) matrix can be used to explicitly identify the required access rights needed by an application program.
Specifically, the security matrix provides a visual depiction of the correlation between the operations or authorizations needed for database objects and input/output sources such as forms and reports.
Operations depicted in a security matrix include Select, Create (insert), Update,and Delete.
The top row of the matrix lists database table objects.
Application programs are listed in the left-most column.
The letters C, R, U, D are placed in intersecting cells to identify the type of access required by a particular program.
Any given cell may contain any combination of these letters or none at all.
An empty cell denotes that a program does not need access to the intersecting table.
Conversely, a cell with all four letters, CRUD, needs full access to the table.