CST 363 Week 6

CST 363 Week 6

This week I learned about the basic concepts with regards to database security. I learned that permissions are managed using SQL Data Control Language statements GRANT and REVOKE. User accounts were explored and their relation to groups and objects. One very important aspect of database security is that permissions generally aren't assigned to individual users but are instead assigned to groups.

Next I was able to retain the basics behind DBMS security guidelines. They are as follows:

• Run the DMBS behind a firewall
• Apply the latest operating system and DBMS service packs and fixes
• Limit DBMS functionality to needed features
• Protect the computer that runs the DBMS
• Manage accounts and passwords
• Encryption of sensitive data transmitted across the network
• Encryption of sensitive data stored in databases

In general DBMS security features should be used before application level security.

I learned about database recovery via rollback/ rollforward and how it is the preferred method of recovery. We were able to apply this concept through Assignment 11 in MySQL.

I also learned about how to apply user defined functions and triggers in a DBMS.

It would have been nice to spend  a bit more time exploring these concepts as I felt retention of this would come easier with practice but that is why I bought my own books so I may learn on my own.