preview

Nt1330 Unit 3

Better Essays

1) The response "sensitive value; response suppressed" is itself a disclosure. Suggest a manner in which a database management system could suppress responses that reveal sensitive information without disclosing that the responses to certain queries are sensitive.
It is every company mandatory requirement to make sure sensitive data is protected from public access at all times. In large organization sensitive information such as employee salary and performance should be kept confidential from most of the DBA users. For this DBMS uses database security and authorization subsystems that is responsible for security to the portions of database or to restrict the access to the sensitive information.
Below are some of the methods of database security …show more content…

So, classified or sensitive information can be only access by the people who have that level of security clearance.
- DBA security – Controlling the access on the DB level can also serve as a mechanism to protect sensitive data. In this type, there is always an administrator who controls the process of Account creation, granting access, revoking roles and assigning appropriate security level assignment.
If a user wants to extract data and if it contains sensitive information, the DBMS should mention an user friendly error message like "Cannot have access to this data" so that user will not try to dig the information further.
2) Cite a situation in which the sensitivity of an aggregate is greater than that of its constituent values. Cite a situation in which the sensitivity of an aggregate is less than that of its constituent values. Example where aggregate data is having higher sensitivity can be easily found in the case of financial transaction. An individual transaction may have little importance or significance on its own. However collected history of transactions could reveal underlying pattern, other proprietary information or even illegal

Get Access