Chapter 7

This chapter is from the Software Development and Open Source Approach, and it discusses Database modules. The chapter suggests that database tables should be designed in a way that facilitates concurrent access by many clients and ensures database security; Strategies for effective design and refactoring are guided by the principle of database normalization.

Database security can be pretty simple if the developer knows which holes exist in the architecture and how to close them. Some known vulnerabilities are SQL injections and leaks due to unauthorized access to the database where the unauthorized agent has all the privileges needed to do damage. Some goals that the books suggests could help securing the database are: i) prevent unauthorized or accidental disclosure, alteration, or destruction of data, ii) prevents unauthorized or accidental access to data considered confidential to the organization or individual who owns the data, and iii) ensures data integrity, so that the data stored in the database are always valid and accurate.

In databases there are ways to prevent privilege escalation by preventing access to certain levels of the database and setting permissions for access of the database by only allowing groups that the developer has permitted. There are four levels of access that can be controlled, from the most important to least, i) Server level: where the user has access to all of the databases and its tables, ii) Database level: where the user only has access to the database compromised, iii) Table level: where the user only has access to a table in database, and lastly iv) Column level: where the user only has access to a column in a table in a database on a server.



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s