Security Levels

To protect the database, we must take security measures at several levels:

• Physical: The sites containing the computer systems must be secured against armed or surreptitious entry by intruders.

• Human: Users must be authorized carefully to reduce the chance of any such user giving access to an intruder in exchange for a bribe or other favors .

•Operating System: No matter how secure the database system is, weakness in operating system security may serve as a means of unauthorized access to the database.

• Network: Since almost all database systems allow remote access through terminals or networks, software-level security within the network software is as important as physical security, both on the Internet and in networks private to an enterprise.

• Database System: Some database-system users may be authorized to access only a limited portion of the database. Other users may be allowed to issue queries, but may be forbidden to modify the data. It is responsibility of the database system to ensure that these authorization restrictions are not violated.

Security at all these levels must be maintained if database security is to be ensured. A weakness at a low level of security (physical or human) allows circumvention of strict high level (database) security measures.