Hi, need to submit a 2250 words essay on the topic Database security: Authorization and access control.
Authentication is a process through which system identifies the user. After completion of the authentication process, the process of authorization is executed, which permits the user to access required resources through which user could be identified. Authorization determines what type of resources, activities or services a user is permitted to access (Mark, 2008).
Access control refers to the system through which access to the information and services, resources is provided to the authorized entity. In computing, access control is a process which ascertains how users and systems are communicating or interacting with each other (Messaoud, 2006). ‘Entity’ is a term used in access control to start or perform computational tasks. For example, it can be the .end user that invokes the command or the computer program, which sends instructions for performing the task. Programming task can work as a user through the diamond process (Messaoud, 2006).
Confidentiality, Integrity and Availability (CIA) is a model designed to handle policies for the information system in any organization. This model is sometimes called as the CIA triad. (Messaoud, 2006) CIA triad is a well-known mechanism for security model development and is used to develop necessary solutions for information security. CIA provides protection and secrecy of data when needed in database (Messaoud, 2006).
The term confidentiality refers to a set of rules that limit information access in a real and accurate manner. Data secrecy or confidentiality refers to prevention of unauthorized access to data. Confidentiality operation makes sure that data is delivered to the intended persons (Messaoud, 2006).
An example of confidentiality is a bank account number, which assigns an individual identity to every account holder. Data encryption is the best way for ensuring confidentiality of this type of data. Data encryption, which transforms data into code, is applied on