Database Security Classification Quiz

Database Security and Administration

• Security classes are assigned to database objects and subjects, with an ordered system of top secret (TS), secret (S), confidential (C), and unclassified (U).
• The Bell–LaPadula model imposes two restrictions on reading and writing database objects: Simple Security Property and *-Property.
• Multilevel relations in a relational DBMS involve assigning security classes to database objects, leading to the concept of a multilevel relation and views as a flexible security mechanism.
• Backup involves periodically copying the database and log file to offline storage media, essential for database recovery following failure.
• Journaling is the process of maintaining a log file of all changes made to the database, enabling effective recovery in case of failure.
• Integrity constraints contribute to maintaining a secure database by preventing invalid data and misleading results.
• Encryption encodes data with a special algorithm, rendering it unreadable without the decryption key, and some DBMSs provide encryption facilities for sensitive data.
• Cryptosystem is required to transmit data securely over insecure networks, and it includes encryption and decryption keys and algorithms.
• The Data Encryption Standard (DES) is a standard encryption algorithm developed by IBM, using a 56-bit key to transform each 64-bit block of plaintext.
• Most working systems are based on user keys shorter than the message, although longer keys are considered more secure.
• Encryption also protects data transmitted over communication lines.
• DES is not universally regarded as very secure, and some authors maintain that a larger key is required for security.

Database Security and Administration

• Backend database can be protected by assigning a password and specifying its location
• Setting a password for the database is available through the Encrypt with Password option in the File/Info section
• Trust Center can be used to trust (enable) the disabled content in a database and set security options for Office Access 2010 databases
• Package-and-Sign feature in Access places the database in an Access Deployment (.accdc) file and signs the package
• Oracle provides system security (user name and password mechanism) and data security (privileges)
• Oracle privileges include system privileges (action on any schema objects) and object privileges (action on specific objects)
• Roles in Oracle can be granted to users or a group of privileges can be granted to a role, which is then assigned to users
• Internet communication relies on TCP/IP, which was not designed with security in mind
• Privacy, integrity, authenticity, and nonrepudiation are key aspects of securing information transmission over the Internet
• Proxy servers in a Web environment intercept requests to determine if they can fulfill them and have two main purposes: improving performance and filtering requests