+

Security Concerns

Chapter 10.1

+Security types

Physical security

Access security

Database security

+Physical security

+Data security – Backup Strategies

+Backup strategies

Transactions and commits – recovery from failure – next class – inside the DBMS

Mirroring of hard drives – avoid loss of data if a drive fails (pretty common practice)

Periodic backups of data (change vs full)

Off site backup of data (disaster recovery)

+Access security

Require network users to authenticate to reach network resources

JMU has secure VPN access…must authenticate to reach JMU network resources (some)

+Database security

Who makes the decisions?

What features in the db support security?

What mysql statements address security?

+Application security

Log on ?

Secure entry information

include statements

+Database security

Security subsystem

Access control Views Audit trail Triggers Encryption of database

+MySQL – Support for security

Users CREATE USER abc IDENTIFIED BY PASSWORD(‘somepass’); GRANT ALL PRIVILEGES ON X.* to abc; GRANT GRANT ON X.* to abc;

Creates a user, giving them access to everything in database X including the right to provide access to other users.

Privileges

+

mysql_real_escape_string()

+Next time

Transactions in SQL

Spend 5 min / team reporting on project status Can show screens if present What is going well? What is challenging? Do you need any help?

+Tuesday Overview of some front ends that make database

management easier

A look at a couple of other Relational DBMS

A brief overview of XML

Thursday Project demonstrations