Annotated Bibliography On Data Security Essay
Data security within the company will consist of the database administrator (DBA) setting up users, roles and schemas. The security model will consist of a set of controls that limit or deny access to unauthorized users. Securables will be set as well as security principals. SQL Server functions will be pared down to reduce surface area. Lastly, authentication will be performed during login and data will be encrypted.
The DBA will configure internal security in the database using data control language (DCL) to limit access to different database objects. This is done by setting up users, roles and schemas that will group together permissions and objects. “The permissions can be assigned and removed using the GRANT and REVOKE statements” (Akkawi, Akkawi, & Schofield, 2014).
The security vulnerabilities will be further reduced by enabling only the SQL Server functions necessary to run the business. A layered security model that involves setting several security controls will be put in place to prevent unauthorized access. The DBA will set securables in the SQL Server instances. Users connecting to the server will require a Windows authentication which uses Kerberos, a network authentication protocol that is a “strong authentication for client/server applications by using secret-key cryptography” (MIT, 2016) and SQL Server login that identifies their permissions that grant only particular actions on securables.