MySQL 数据库系统设计实现与管理第六版课后习题答案Part 5 Review Questions and Exercises.doc

Word可编辑 PAGE PAGE 5 Word可编辑 SOLUTIONS TO REVIEW QUESTIONS AND EXERCISES FOR PART 5 – SELECTED DATABASE ISSUES (CHAPTERS 20 – 23) Solutions to Review Questions and Exercises TOC \o 1-1 \h \z \u Chapter 20 Security and Administration 3 Chapter 21 Professional, Legal, and Ethical Issues in Data Management 1 Chapter 22 Transaction Management 6 Chapter 23 Query Processing 18 Chapter 20 Security and Administration Review Questions 20.1 Explain the purpose and scope of database security. The purpose is clearly concerned with the protection of the data. However, the scope is wider than that of the DBMS alone, and takes into account the database environment. Consequently, it also considers the hardware, software, and users. See also Section 20.1. 20.2 List the main types of threat that could affect a database system and for each describe the controls that you would use to counteract each of them. For threats see Section 20.1.1 and for computer-based countermeasures see Section 20.2. 20.3 Explain the following in terms of providing security for a database: (a) authorization See Section 20.2.1 (b) authentication See Section 20.2.1 (c) access See Section 20.2.2 (d) views See Section 20.2.3 and Section 4.4 (e) backup and recovery See Section 20.2.4 (f) integrity See Section 20.2.5 and Section 4.3 (g) encryption See Section 20.2.6 (h) RAID technology See Section 20.2.7 20.4 Discuss Discretionary Access Control and Mandatory Access Control. Discretionary Access Control (DAC) – a means of restricting access to objects based on the identity of subjects and/or groups to which they belong. Mandatory Access Control (MAC) - based on system-wide policies that cannot be changed by individual users. In this approach each database object is assigned a security class and each user is assigned a clearance for a security class, and rules are imposed on reading and writing of database objects by users. The DBMS determines whether a given user can re