+ Security Concerns Chapter 10.1
Dec 13, 2015
+
Security Concerns
Chapter 10.1
+Security types
Physical security
Access security
Database security
+Physical security
+Data security – Backup Strategies
+Backup strategies
Transactions and commits – recovery from failure – next class – inside the DBMS
Mirroring of hard drives – avoid loss of data if a drive fails (pretty common practice)
Periodic backups of data (change vs full)
Off site backup of data (disaster recovery)
+Access security
Require network users to authenticate to reach network resources
JMU has secure VPN access…must authenticate to reach JMU network resources (some)
+Database security
Who makes the decisions?
What features in the db support security?
What mysql statements address security?
+Application security
Log on ?
Secure entry information
include statements
+Database security
Security subsystem
Access control Views Audit trail Triggers Encryption of database
+MySQL – Support for security
Users CREATE USER abc IDENTIFIED BY PASSWORD(‘somepass’); GRANT ALL PRIVILEGES ON X.* to abc; GRANT GRANT ON X.* to abc;
Creates a user, giving them access to everything in database X including the right to provide access to other users.
Privileges
+
mysql_real_escape_string()
+Next time
Transactions in SQL
Spend 5 min / team reporting on project status Can show screens if present What is going well? What is challenging? Do you need any help?
+Tuesday Overview of some front ends that make database
management easier
A look at a couple of other Relational DBMS
A brief overview of XML
Thursday Project demonstrations