chapter  11
14 Pages

Database Security

This chapter begins with a database primer followed by a discussion of various database security vulnerabilities and countermeasures. Two key parts of a database management system are the user defined data and the operations defined to manipulate the data. Manipulation of the data tables is accomplished with operations that add new data, update existing data, delete existing data, and list data with certain attributes. Multi-leveled database management systems (DBMS) attempt to control access to the system with the use of relative security classifications. DBMSs may suffer from any of four different types of vulnerabilities: inference, aggregation, data integrity, and Trojan Horses. The chapter discusses that two types of aggregation are: inference aggregation, and cardinal aggregation. While the two types of aggregation are similar in nature, they each require different means of prevention. Grouping related DBMS privileges into a single representation allows system administrators to better control and represent the activities permissible by a user.