0% found this document useful (0 votes)
66 views39 pages

DBMS Research 1

The document discusses security features of different database management systems that could be used by the Friend-in-Need Foundation to better manage their data. It compares MySQL, Oracle, and Microsoft Access in terms of security accounts and levels of security, types of permissions, controlling the look and feel of the database, securing a replicated database, and creating and updating passwords. The DBMSs also provide additional security features to protect the foundation's sensitive client information as it grows.

Uploaded by

Myrene Calimag
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
66 views39 pages

DBMS Research 1

The document discusses security features of different database management systems that could be used by the Friend-in-Need Foundation to better manage their data. It compares MySQL, Oracle, and Microsoft Access in terms of security accounts and levels of security, types of permissions, controlling the look and feel of the database, securing a replicated database, and creating and updating passwords. The DBMSs also provide additional security features to protect the foundation's sensitive client information as it grows.

Uploaded by

Myrene Calimag
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 39

1

Chapter 1
INTRODUCTION

Database Management System

Database Management System


- This is simply a system that allows you to define, manipulate, retrieve, and
manage data in a database.
- It mostly manipulates the data itself, as well as the data format, field names,
record structure, and file structure, as well as defining rules to validate and
manipulate the data.

Application of DBMS

Sector Use of DBMS


Banking For customer information, account
activities, payments, deposits, loans, etc.
For reservations and schedule
Airlines
information.
Universities For student information, course
registrations, colleges, and grades.
Telecommunication
It helps to keep call records, monthly bills,
maintain balances,
etc.
2

Finance For storing information about stock, sales,


and purchases of financial instruments
like stocks and bonds.
Sales
Use for storing customer, product &
sales
information.

Manufacturing It is used for the management of the


supply chain and for tracking the
production of items.
Inventories status in warehouses.

HR Management For information about employees,


salaries, payroll, deduction, generation of
paychecks, etc
3

Chapter 2
DISCUSSION OF THE COMPONENTS

Components of DBMS

1. Software
- a set of instructions, data, or programs used to control computers and
perform certain activities is referred to as software. It’s the polar opposite
of hardware, which refers to a computer’s physical components,
Applications, scripts, and programs that operate on a device are all
referred to as software.
- It can be compared to the movable component of a computer, whereas the
immovable part is the hardware.

2. Hardware
- When we say Hardware, we mean computers, hard disks, I/O channels for
data, and any other physical component involved before any data is
successfully stored into the memory that offers the interface between
computers and real-world systems. - When we run Oracle or MySQL on
our personal computer, then our computer’s Hard Disk, our Keyboard
using which we type in all the commands, our computer’s RAM, ROM all
become a part of the DBMS hardware.
- Hardware components are Motherboard, CPU, RAM memory, IO system,
power supply, video display controller, Bus, and hard disk drive. But the
most important hardware component is the Motherboard it holds all the
important components of a computer including CPU, memory, and
various connectors for input/output devices.
- Some of the input devices like keyboard, mouse, microphone, modem,
joystick, USB devices, joystick, and many more are connected for better
functioning.

3. Procedures
- The procedure is the instructions and rules that assist in how to use the
DBMS, and in designing and running the database, using documented
procedures, to guide the users that operate from instructions to setup and
install, login and logout, manage the day-to-day operations, take backups
of data, and generate reports.

4. Data
- Data in a database management system is an essential component. The
primary function of a database management system (DBMS) is to process
4

data. Databases are used to store, retrieve, and update data in and out of
them.
- Data is defined as a collection of unprocessed and unorganized facts and
figures that are required to be processed to make it meaningful.
- In the context of databases, data refers to all of the individual things that
are saved in a database, either individually or as a group. The majority of
data in a database is saved in database tables, which are structured into
columns that specify the data types that can be stored. So, if the
“Customers” database has a column titled “Telephone Number” with a
data type of “Number,” that column can only contain numerals.
- Generally, data comprises facts, observations, perceptions, numbers,
characters, symbols, images, etc.

5. Language
- Generally, data comprises facts, observations, perceptions, numbers,
characters, symbols, images, etc.
- A user can write commands in the Database Access Language and submit
it to the DBMS for execution, which is then translated and executed by the
DBMS.
- Users can create new databases, and tables, insert data, fetch stored data,
update data and delete the data using the access language.
- Database Languages are the set of statements, that are used to define and
manipulate a database. A Database language has Data Definition
Language (DDL), which is used to construct a database & it has Data
Manipulation Language (DML), which is used to access a database. DDL
implements database schema at the physical, logical, and external levels.
While, the DML provides the statements to retrieve, modify, insert and
delete the data from the database.

6. Users
- The users are the people who control and manage the databases and
perform different types of operations on the databases in the database
management system.

Three types of users:

1. Application Programmers
- The users who write the application programs in
programming languages (such as Java, C++, or Visual
Basic) to interact with databases are called Application
Programmers.
5

2. Database Administrators (DBA)


- A person who manages the overall DBMS is called a
database administrator or simply DBA.
3. End-Users
- The end-users are those who interact with the database
management system to perform different operations by
using the different database commands such as insert,
update, retrieve, and delete the data, etc.
6

Chapter 3
SECURITY SETTINGS

Case Study: Comparing Security Features at Friend-in-Need Foundation

Several years ago, Ricardo Juarez established the privately funded Friend-in-Need
Foundation. The primary purpose of this organization is to provide donations, assistance,
and counseling to families or individuals that can demonstrate need based on several
criteria. As the foundation continues to grow, so do its data management problems, Since
the foundation is small, many of its records are kept in notebooks, file folders, and locked
cabinets. This record-keeping method presents many problems, especially in the area of
control.

Every Friend-in-Need Foundation employee has access to all the foundation’s


data, thus creating security, ethical, and general concerns for the foundation’s
management. Ricardo realizes that a database management system may help alleviate
many of his data management and control problems. He asks you to investigate, on the
Web, three database management systems and prepare a written report, comparing the
strengths and weaknesses of each database management system’s security features, he
would like you to specially address the following areas:

● Security accounts and levels of security


● Types of permissions
● Controlling the look and feel of the database
● Securing a replicated database
● Creating and updating passwords
7

In addition to the area mentioned above, what additional security features do the
database management systems provide? Summarize your findings in a written report and
use a presentation software package a prepare a presentation based on these findings.

Introduction
There are three DBMS to be discussed to help Mr. Ricardo Juarez in managing

the foundation’s data: MySQL, Oracle, and Microsoft Access.

Microsoft Access is a database management system (DBMS) from Microsoft that

combines the relational Access Database Engine (ACE) with a graphical user interface

and software development tools. It is a member of the Microsoft 365 suite of

applications, in the Professional and higher editions or sold separately. Microsoft Access

stores data in its own format based on the Access Database Engine (formerly Jet

Database Engine). It can also import or link directly to data stored in other applications

and databases. Oracle is a multi-model relational database management system, mainly

designed for enterprise grid computing and data warehousing. It is one of the first choices

for enterprises for cost-effective solutions for their applications and data management. It

supports SQL as a query language to interact with the database. MySQL database is a

structured collection of data. It may be anything from a simple shopping list to a picture

gallery or the vast amounts of information in a corporate network. To add, access, and

process data stored in a computer database, you need a database management system

such as MySQL Server. Since computers are very good at handling large amounts of

data, database management systems play a central role in computing, as standalone

utilities, or as parts of other applications.


8

At the end of this research, Mr. Ricardo Juarez can choose the best database

which is secured and easy to use for his foundation’s data by presenting the comparison

and contrast of the three DBMS on their security accounts and levels of security,

type of permissions, controlling the look and feel of the database, securing a replicated

database, and creating and updating passwords.

Security Accounts and Level of Security

The given data below are about the security accounts and level of security of the

three databases that have been picked to choose which of them have the most secured

databases. It is important to consider the security features of the database because it is

confidential and holds important information about businesses which makes it a number

one target of cyberattacks.

1. Microsoft Access

User-level security:

User-level security features are not available in Access web apps, web databases,
or databases that use one of the new file formats (.accdb, .accde, .accdc, .accdr).
You can continue to manage user-level security in Access desktop database files
that use an earlier Access file format (such as a .mdb or .ade file). We recommend
this only if you already have a user-level security solution in place that you want
to keep using.

How to manage User-level security?


1. Open the database that has user-level security settings that you want to
manage.
2. On the Database Tools tab, in the Administer group, click Users and
Permissions.
3. Click one of the following commands:

● User and Group Permissions- Use this to grant or revoke user or group
permissions, or to change the owner of database objects.
9

● User and Group Accounts- Use this to create or delete a user or a group, to
change the password or the group membership of a user, or to change the
database Logon password.

● User-level Security Wizard- Use this to start the Security Wizard, which
makes an unsecured backup copy of your database and guides you through
the process of implementing user-level security features.

Steps to Securing an Access Database by Using User-level Security:

A workgroup information file is a file about the users in a workgroup.


Microsoft Access read this file at startup. It contains information about account
names, passwords, group membership, and preferences. Preference information is
specified in the Options dialog box.

A workgroup information file is initially created by the setup program


when Microsoft Access is installed. The file is identified by the name and
organization information that is supplied during the setup process of Microsoft
Access.
A WID can have between four and twenty characters and is case-sensitive. The
WID guarantees that the workgroup file can't be recreated by another user by
simply guessing the name and company. It also makes the Admins group unique
to this workgroup file.

1. Exit Access
2. Using the Windows Explorer, open the folder C:\Program Files\
Microsoft Office\Office. This folder is where the System.mdw is located
with a fresh installation of Microsoft Office 2000
3. Copy the file SYSTEM.MDW to the root of your computer’s hard
drive (don't move the file) to make a backup copy of the file.
4. In the Microsoft Office folder, double-click on MS Access
Workgroup
Administrator.

This is a shortcut to the Wrkgadm.exe program that, when executed, runs


the Workgroup Administrator.
● In the first dialog box is the name, company and workgroup to which you
are joined.
10

● Click Create to open the Workgroup Owner Information dialog box,


which you can use to create a new workgroup information file.

● In the Name text box, type in your name.


● In the Organisation text box, type in your organisation name.
● In the Workgroup ID text box, type in mywid.

● Click OK to accept this information and open the Workgroup Information


File dialog box.
● Using the default path, change the database filename to
MySystem.mdw.

● Click OK to accept the default path and new name for the new workgroup
information file, C:\Program Files\Microsoft Office\Office\
MySystem.mdw
● In the Confirm Workgroup Information dialog box, verify that the
information you typed is correct.
11

● Click OK. You must confirm your entries for the new workgroup
information file.
● In the message box indicating that you have successfully created the
workgroup information file, click OK.

● Look at the changes in the Workgroup Administrator dialog box.


There's the information that you entered for the new workgroup
information file. This workgroup information file is used the next time that
you start up Microsoft Access,
so there is no need to join the workgroup now.

● Click Exit to close the Workgroup Administrator and display the contents
of the Office folder in Windows Explorer. Notice that the new file,
MySystem.mdw, isn't displayed. You may need to refresh the view to see
it.
12

● Choose View, Refresh. Scroll to see MySystem.mdw and System.mdw.


Both workgroup information files are saved in the same folder.
● Before you close Windows Explorer, make a shortcut to the
MSAccess.exe on the desktop. You'll be exiting and starting Microsoft
Access several times during this tutorial and a desktop shortcut makes
restarting Microsoft Access more convenient.
● Close Windows Explorer.

2. Oracle

The Oracle database provides security in the form of authentication,

authorization, and auditing.

Authentication ensures that only legitimate users gain access to the system. The

authorization ensures that those users only have access to resources they are permitted to

access.

To learn the fundamentals of securing an Oracle database, follow these steps:


1. Secure your Oracle Database installation and configuration.
2. Secure user accounts for your site.
13

3. Understand how privileges work.


4. Secure data as it travels across the network.
5. Control access to data.

Oracle Database 19c provides multi-layered security including controls to evaluate


risks, prevent unauthorized data disclosure, detect and report on database activities and
enforce data access controls in the database with data-driven security. Capabilities such
as on-line and offline tablespace migration options provide flexibility while deploying
encryption, while database privilege analysis helps reduce an application's attack surface.

Using Oracle Linux with Oracle Ksplice zero-downtime updates, critical operating
system bugs and security vulnerabilities can be patched without incurring database
outages, keeping your data available and secure from any threats. Combined with Oracle
Key Vault and Oracle Audit Vault and Database Firewall, Oracle Database 19c provides
unprecedented defense-in-depth capabilities to help organizations address existing and
emerging security and compliance requirements.

Oracle Security Capabilities

● Advanced Security - including Transparent Data Encryption.


● Key Vault - Key Management for TDE.
● Database Auditing.
● Audit Vault and Database Firewall.
● Database Security Assessment Tool.
● Database Vault - Privileged User Controls.
● Label Security - Mandatory Access Control.
3. MySQL

MySQL enables the creation of accounts that permit client users to connect to the
server and access data managed by the server. The primary function of the MySQL
privilege system is to authenticate a user who connects from a given host and to
associate that user with privileges on a database such as SELECT, INSERT, UPDATE,
and DELETE. Additional functionality includes the ability to grant privileges for
administrative operations.
To control which users can connect, each account can be assigned authentication
credentials such as a password. The user interface to MySQL accounts consists of SQL
statements such as CREATE USER, GRANT, and REVOKE. See Account Management
Statements.
The MySQL privilege system ensures that all users may perform only the
operations permitted to them. As a user, when you connect to a MySQL server, your
identity is determined by the host from which you connect and the user name you
14

specify. When you issue requests after connecting, the system grants privileges according
to your identity and what you want to do.
MySQL considers both your hostname and user name in identifying you because
there is no reason to assume that a given user name belongs to the same person on all
hosts. For example, the user joe who connects from office.example.com need not be the
same person as the user joe who connects from home.example.com. MySQL handles this
by enabling you to distinguish users on different hosts that happen to have the same
name: You can grant one set of privileges for connections by joe from
office.example.com, and a different set of privileges for connections by joe from
home.example.com. To see what privileges a given account has, use the SHOW
GRANTS statement. For example
SHOW GRANTS FOR 'joe'@'office.example.com';
SHOW GRANTS FOR 'joe'@'office.example.com';
SHOW GRANTS FOR 'joe'@'home.example.com';

Internally, the server stores privilege information in the grant tables of the
mysql system database.
The MySQL server reads the contents of these tables into memory when it starts and
bases access-control decisions on the in-memory copies of the grant tables.
MySQL access control involves two stages when you run a client program that
connects to the server:
Stage 1: The server accepts or rejects the connection based on your identity and whether
you can verify your identity by supplying the correct password.
Stage 2: Assuming that you can connect, the server checks each statement you issue to
determine whether you have sufficient privileges to perform it. For example, if you try
to select rows from a table in a database or drop a table from the database, the server
verifies that you have the SELECT privilege for the table or the DROP privilege for the
database.
For a more detailed description of what happens during each stage, see Section 4.6,
“Access Control, Stage 1: Connection Verification”, and Section 4.7, “Access Control,
Stage 2: Request Verification”. For help in diagnosing privilege-related problems, see
Section 4.22, “Troubleshooting Problems Connecting to MySQL”.
If your privileges are changed (either by yourself or someone else) while you are
connected, those changes do not necessarily take effect immediately for the next
statement that you issue. For details about the conditions under which the server reloads
the grant tables, see Section 4.13, “When Privilege Changes Take Effect”.
There are some things that you cannot do with the MySQL privilege system:
15

● You cannot explicitly specify that a given user should be denied access. That is,
you cannot explicitly match a user and then refuse the connection.
● You cannot specify that a user has privileges to create or drop tables in a database
but not to create or drop the database itself.
● A password applies globally to an account. You cannot associate a password with
a specific object such as a database, table, or routine.

Types of Permission

The given data below is the types of permissions of Microsoft access, Oracle, and
My SQL. It is important to know the types of permission of databases because
permissions in the Database Engine are managed at the server level assigned to logins
and server roles, and at the database level assigned to database users and database roles.
Permissions are a method for assigning access rights to specific user accounts and user
groups. Through the use of permissions, Windows defines which user accounts and user
groups can access which files and folders, and what they can do with them.

To put it simply, permissions are the operating system’s way of telling you what you can
or cannot do with a file or folder.

1. Microsoft Access
Each user has access to nine types of permission for data or objects in a database.
The following table describes the nine types of permission, and what each type enables a
user to do. To read more about these permissions, search Microsoft Access Help for
permissions, display the topic Work With Permissions and select Types Of Permissions.

Permission Allows a user to Objects involved


Open/Run Open a database, form, or report. Run a macro. Databases, forms,
reports, and macros.
Open Open a database on a network, while ensuring Tables, queries, forms,
Exclusive that others cannot open the database while the reports, macros, and
first user has it open. modules.
Read Design View the design of objects. No changes to the Tables, queries, forms,
design are allowed. reports, macros, and
modules.
16

Modify Change the design of objects and delete objects. Tables, queries, forms,
Design reports, macros, and
modules.
Administer Set database passwords, replicate databases, and Databases, tables,
change startup properties. Have full access to queries, forms, reports,
objects and data, and assign permissions for macros, and modules.
objects.
Read Data View data, but not table designs or query Tables and queries.
designs.
Update View and edit data, but not insert or delete data. Tables and queries.
Data
Insert Data View and insert data, but not change or delete Tables and queries.
data.
Delete Data View and delete data, but not change or insert Tables and queries.
data.

2. Oracle
Oracle database defines the following system privileges for object types:
● CREATE TYPE enables you to create object types in your own schema
● CREATE ANY TYPE enables you to create object types in any schema
● ALTER ANY TYPE enables you to alter object types in any schema
● DROP ANY TYPE enables you to drop named types in any schema
● EXECUTE ANY TYPE enables you to use and reference named types in
any schema
● UNDER ANY TYPE enables you to create subtypes under any non-final
object types
● UNDER ANY VIEW enables you to create sub-views under any object
view

The following roles are helpful:


● The RESOURCE role includes the CREATE TYPE system privilege.
● The DBA role includes all of these privileges.
Schema Object Privileges
Two schema object privileges apply to object types:
● EXECUTE enables you to use the type to:
● Define a table.
17

● Define a column in a relational table.


● Declare a variable or parameter of the named type.
EXECUTE lets you invoke the methods of a type, including the
constructor.
Method execution and the associated permissions are the same as for
stored PL/SQL
procedures.
● UNDER enables you to create a subtype or subview under the type of
view on
which the privilege is granted.
Only a grantor with the UNDER privilege WITH GRANT OPTION
on the direct
supertype or superview can grant the UNDER privilege on a subtype
or subview.
The phrase WITH HIERARCHY OPTION grants a specified object privilege
on all
subtypes of the object. This option is meaningful only with the SELECT
object privilege
granted on an object view in an object view hierarchy. In this case, the
privilege applies to
all subviews of the view on which the privilege is granted.
3. MySQL
The privileges granted to a MySQL account determines which operations the
account can perform. MySQL privileges differ in the contexts in which they apply and at
different levels of operation:

● Administrative privileges enable users to manage the operation of


the MySQL server. These privileges are global because they are
not specific to a particular database.
● Database privileges apply to a database and to all objects within
it. These privileges can be granted for specific databases, or
globally so that they apply to all databases.
● Privileges for database objects such as tables, indexes, views,
and stored routines can be granted for specific objects within a
database, for all objects of a given type within a database (for
example, all tables in a database), or globally for all objects of a
given type in all databases.
18

Privileges also differ in terms of whether they are static (built into the server) or
dynamic (defined at runtime). Whether a privilege is static or dynamic affects its
availability to be granted to user accounts and roles.

For information about the differences between static and dynamic privileges, see
Static Versus Dynamic Privileges.)

Information about account privileges is stored in the grant tables in the MySQL
system database. For a description of the structure and contents of these tables, see
Section 6.2.3, “Grant Tables”. The MySQL server reads the contents of the grant tables
into memory when it starts and reloads them under the circumstances indicated in Section
6.2.13, “When Privilege Changes Take Effect”. The server bases access-control decisions
on the in-memory copies of the grant tables.

Controlling the Look and Feel of the Database


1. Microsoft Access
Microsoft Access has the look and feel of other Microsoft Office products, including
its layout and navigational aspects. That is where the similarity ends.
Access provides two views that you can use to make changes to your report (1) Layout
view and (2) Design view. Your choice of which view to use depends on what specific
task you are trying to accomplish. You might end up using both views to make your
changes.

● Layout View
Layout view is the most intuitive view to use for report modification, and can be
used for nearly all the changes you would want to make to a report in Access. In
Layout view, the report is actually running, so you can see your data much as it
will appear when printed. However, you can also make changes to the report
design in this view. Because you can see the data while you are modifying the
report, it's a very useful view for setting column widths, add grouping levels, or
performing almost any other task that affects the appearance and readability of the
report.
19

● Design View
Design view gives you a more detailed view of the structure of your report. You can
see the header and footer bands for the report, page, and groups. You can:
● Add a wider variety of controls to your report, such as labels, images, lines, and
rectangles.
● Edit text box control sources in the text boxes themselves, without using the
property sheet.
● Change certain properties that are not available in Layout view.

Customize the settings for table design


The table design view has setting options to create default custom settings for tables, such
as text font type and size, setting for fields name prefixes or suffices, and settings that
make it possible for Access to automatically index fields.
20

Setting Description
Default field type Set or change the default data type for fields in new tables and
fields that you add to existing tables. The default data type is
Text.
Default text field Set the maximum number of characters you can enter for the
size default field type you selected. You cannot exceed the default
maximum of 255 characters.
Default number field Set or change the integer type for fields that are set to the
size Number data type.
AutoIndex on Enter the beginning or ending characters of a field name. When
Import/Create you import fields from an external file or you add fields to a
table, Access automatically indexes any fields with names that
match the characters entered here. Use a semicolon to separate
character strings. For example, if you type unit;name, Access
indexes fields named "UnitPrice" and "CompanyName."
Show Property When selected, shows the Property Update Options button. This
Update Options button appears when you change a property of a field in a table
buttons and asks if you want to update the related properties in queries,
forms and reports whenever you change certain field properties
in a table design.

Changing the background color of a form in Microsoft Access


You can change the background color of a form by using the Back Color of the Property
Sheet.
The following steps change the Detail Section of a form.
● Open the form in layout view. In the left navigation pane, right click on the form
and select the layout view.
● Select the Detail Section of the Form. Click somewhere in the form's Detail
Section to select it. An orange border will appear around the section once it's
selected. Be sure to click away from the other elements, otherwise you could
select them instead.
21

● Open the Property Sheet. Click on Property Sheet in the Ribbon (from the
Design tab).
● Change the Color. Use the Property Sheet to change the color of the section.
Specifically, use the Back Color property to change the background color. You
can use one of the themes, or select a custom color with the color picker.

2. Oracle
The Direct API Configuration feature lets you control the user interface "look and
feel" using the Oracle CPQ Configuration API.

You can use the Direct API Configuration feature to control the user interface "look and
feel" using the Oracle CPQ Configuration API. This ability lets you do things like the
following:

● Apply a site-specific "Look and Feel" product customization to the user interface
experience.
● Apply site-specific user interface components for a custom user interface
experience.
● Add a new UI component to the configuration flow.
● Remove tabs from the product customization user interface experience.
● Apply a product type-specific set of user interface components to the
configuration flow.
Before you can accomplish these tasks, you must first make sure that the API
driven configuration feature has been implemented (described in the previous topic).
Also, it is assumed that the Commerce and Oracle CPQ Integration has already been
configured and enabled.
In the sections that follow, you are provided with details for using this feature to
carry out these customization tasks.
Apply a site-specific "Look and Feel" product customization to the user interface
experience

Consider this situation. Say a customer wants a new custom user interface look and feel
for their site. The customer's in-house design and brand management team have provided
specifications as to:

● Color Schemes
● Style Header and Footer
● Navigation
22

● Buttons, input fields, checkboxes, Multi-select Lists, single select


Lists, date pickers, pick lists
● Component Sizes
● Component Styles
● Component Colors
● Component Fonts

Securing a Replicated Database

1. Microsoft Access
To secure a replicated database, you can set user permissions on replicated
database objects. These permissions will not interfere with the synchronization of
the database. However, you can't use a password to protect your replicated
database. A
password-protected database can't be made replicable, nor can a password be
assigned to a replicated database.

You can also keep a replica in an unshared directory and use indirect
synchronization (through Microsoft Replication Manager). If direct
synchronization is required, set the permissions on the share where the replicas
reside so that only specific users can access them. Do not put replicas in read-only
shares, because synchronizations with other replica set members will not occur.
Replicate the database, and then replicate the appropriate security file.
There are two file formats for iBase security files:
● Microsoft Access (which cannot be replicated)
● Microsoft SQL Server (a more secure format that can be replicated)
Replicating the security data enables your organization to implement a global
security system whereby the following are identical:
1. Security policy

2. User groups

3. User accounts

4. Access rights derived from membership of the user groups


The advantages of replicating the security data are:
23

● Reduced administration for the security administrator as replication


synchronizes the security data at the different sites.

● Any security administrator at any site can maintain the security data. You
control access to the local copies of the security file in the usual way.

● Usernames and contact details are always consistent and up-to-date, which
assists analysts who use the audit log, record properties, or owner details
in iBase.
2. Oracle
Defends against threats with machine learning
Automate database security, including critical patches. Save time and minimize human
error.

Integrated solutions for better performance


Oracle Transparent Data Encryption and Oracle Database Vault operate directly from the
database kernel, meaning they’re faster and easier to maintain.

Mitigate risks from users, data, and configurations


Get security assessments, activity auditing, sensitive data discovery, and data masking
with
Oracle Data Safe, a unified database security cloud service.

Automated, always-on, and architected-in security


Oracle Autonomous Database enhances security while reducing the risk of human error by
including features like always-on encryption, automated patching, and preconfigured
separation of duties.

Opportunity to Try Data Safe Cloud Security for Free


Oracle Data Safe is now available for securing databases running on-
premises or in the cloud. Data Safe is easy to deploy and simple to use and
Oracle now offers a completely free tenancy and 30-day trial for the
innovative database security cloud service. Learn how to use Data Safe's
features, including security assessments, user risk assessments, sensitive
data discovery, data masking, and activity auditing through our LiveLabs
program. Read the blog post to learn about all the risk-free resources
available for trying Data Safe.
24

Creating and Updating Passwords

1. Microsoft access

One of the most important ways to ensure that your online accounts are safe and
secure is to protect your passwords. Follow this advice to help keep your accounts
out of the wrong hands.

Create strong passwords

Password security starts with creating a strong password. A strong password is:
▪ At least 12 characters long but 14 or more is better.
▪ A combination of uppercase letters, lowercase letters, numbers, and symbols.
▪ Not a word that can be found in a dictionary or the name of a person,
character, product, or organization.
▪ Significantly different from your previous passwords.
▪ Easy for you to remember but difficult for others to guess. Consider using a
memorable phrase like "6MonkeysRLooking^".

● Exit Access.
● Start Access. Don't open a database.
● Choose Tools, Security, User, And Group Accounts. The Logon dialog box
opens.
● Log on by using your name (as you typed it in when you created your own user
account) and no password. There's no password assigned to your name yet. After
you click OK, the User And Group Accounts dialog box open.
● Select the Change Logon Password tab.
● In the New Password and Verify text boxes, type the password. Remember,
the password is case-sensitive.

● Click Apply to accept the change and leave the dialog box open.
● On the Users page, select the User Name Admin.

● From the Member Of list, select Admins.


25

● Click Remove to remove the Admin user from the Admins group. The Admin
user remains a member of the Users group only.

● Click OK to accept the change and close the User And Group Accounts dialog
box.

Secure your passwords

Once you’ve created a strong password, follow these guidelines to keep it secure:
● Don’t share a password with anyone. Not even a friend or family member.
● Never send a password by email, instant message, or any other means of
communication that is not reliably secure.
● Use a unique password for each website. If crooks steal your account information
from one site, they'll try to use those credentials on hundreds of other well-known
websites, such as banking, social media, or online shopping, hoping you've reused
the password elsewhere. That's called a "Credential stuffing attack" and it's
extremely common.
● If you don’t want to memorize multiple passwords, consider using a password
manager. The best password managers will automatically update stored
passwords, keep them encrypted, and require multi-factor authentication for
access. Microsoft Edge can remember your passwords for you and automatically
fill them in for you when needed. See Save or forget passwords in Microsoft
Edge.
● It's ok to write your passwords down, as long as you keep them secure. Don't
write them on sticky notes or cards that you keep near the thing the password
protects, even if you think they're well-hidden.
● Change passwords immediately on accounts you suspect
may have been compromised.
● Enable multifactor authentication (MFA) whenever available.
2. Oracle
26

Oracle - How do you change your Oracle database password?

Here are several methods for changing or resetting the password for an
Oracle database. You will need to know the existing password.

● Method 1: Using SQL*Plus (command line tool)


● Method 2: Using the TOAD GUI
● Method 3: Using the TOAD command line
● Method 4: Using SQL Developer
27

3. MySQL

SET PASSWORD [FOR user] auth_option


[REPLACEcurrent_auth_string' ]
'
[RETAIN CURRENT
PASSWORD]
auth_option:
{
= auth_string
' '
| TO RANDOM}
The SET PASSWORD statement assigns a password to a MySQL user account. The
password may be either explicitly specified in the statement or randomly generated
by MySQL. The statement may also include a password-verification clause that
specifies the account current password to be replaced, and a clause that manages
whether an account has a secondary password. 'auth_string' and 'current_auth_string'
each represent a cleartext (unencrypted) password.
28

The REPLACE 'current_auth_string' clause performs password verification and is


available as of MySQL 8.0.13. If given:
● REPLACE specifies the account current password to be replaced, as a
cleartext
(unencrypted) string.
● The clause must be given if password changes for the account are required to
specify the current password, as verification that the user attempting to make
the change actually knows the current password.
● The clause is optional if password changes for the account may but need not
specify the current password.
● The statement fails if the clause is given but does not match the current
password, even if the clause is optional.
● REPLACE can be specified only when changing the account password for the
current user.

The RETAIN CURRENT PASSWORD clause implements dual-password capability


and is available as of MySQL 8.0.14. If given:

● RETAIN CURRENT PASSWORD retains an account current password as its


secondary password, replacing any existing secondary password. The new
password becomes the primary password, but clients can use the account to
connect to the server using either the primary or secondary password.
(Exception: If the new password specified by the SET PASSWORD statement
29

is empty, the secondary password becomes empty as well, even if RETAIN


CURRENT PASSWORD is given.)
● If you specify RETAIN CURRENT PASSWORD for an account that has an
empty primary password, the statement fails.
● If an account has a secondary password and you change its primary password
without specifying RETAIN CURRENT PASSWORD, the secondary
password remains unchanged.
SET PASSWORD permits these auth_option syntaxes:

● = 'auth_string'
Assigns the account the given literal password.

● TO RANDOM

Assigns the account a password randomly generated by MySQL. The statement


also returns the cleartext password in a result set to make it available to the user or
application executing the statement.

For details about the result set and characteristics of randomly generated
passwords, see Random Password Generation.
Random password generation is available as of MySQL 8.0.18.
30

The host name part of the account name, if omitted, defaults to '%'.

SET PASSWORD interprets the string as a cleartext string, passes it to the


authentication plugin associated with the account, and stores the result returned by
the plugin in the account row in the mysql.user system table. (The plugin is given the
opportunity to hash the value into the encryption format it expects. The plugin may
use the value as specified, in which case no hashing occurs.)

Setting the password for a named account (with a FOR clause) requires the UPDATE
privilege for the mysql system schema. Setting the password for yourself (for a
nonanonymous account with no FOR clause) requires no special privileges.

Statements that modify secondary passwords require these privileges:

● The APPLICATION_PASSWORD_ADMIN privilege is required to use the


RETAIN
CURRENT PASSWORD clause for SET PASSWORD statements that apply to your
own account. The privilege is required to manipulate your own secondary
password because most users require only one password.

● If an account is to be permitted to manipulate secondary passwords for all


accounts, it should be granted the CREATE USER privilege rather than
APPLICATION_PASSWORD_ADMIN.

● When the read only system variable is enabled, SET PASSWORD requires the
CONNECTION_ADMIN privilege (or the deprecated SUPER privilege), in
addition to any other required privileges.
31

Chapter 4

CONCLUSION

Security Accounts and Level of Security

Microsoft Access is not a good choice in terms of its security because it was

expanded from its original purposes where it became fragile and unreliable. Access does

not support user-level security for databases that are created in the new file format

(.accdb and .accde files). Morries (2020) stated in his article that the team of Mimecast

discovered a flaw in the Microsoft Access database application that if it is left unpatched,

could impact an estimated 85,00 businesses in the United States.


32

Oracle security is just more powerful in every way because oracle has had years

of experience, and has responded to changing security needs, unlike MySQL database

which is still evolving in terms of its security. According to the article by Wolfe (2021),

MySQL needs to be identified with its username and passwords for the users to have

access to the database but in Oracle, a profile is also needed along with the username and

passwords. That means if the profile is not set up in Oracle, then the user cannot access it.

That also helps to define the user's role.

In conclusion, Oracle shows the best security settings among the three because its

features provide security in the form of authentication, authorization, and auditing.

Authentication ensures that only legitimate users gain access to the system. Authorization

to ensure that those users only have access to resources they are permitted to.

Types of Permission

There are two types of privileges in Oracle which are the system and user

privileges.

Oracle knows for its extensive security that when it has been passed to the wrong hands,

it can ruin some of the data that is present in the database which is why they are granted

very responsibly and only when absolutely necessary. In MySQL database, a user can

give an account complete control over a specific database without having any

permissions on other databases. While in Microsoft Access, it is allowed to change the

owner of the database which is not a good feature for the security of the database.
33

Oracle and MySQL have a similarity in terms of the privileges they can grant the

privilege or role to another user or role globally. But their only difference is that Oracle

can choose whether it needs an admin option to protect the database while in MySQL,

they can grant without it.

In conclusion, MySQL privilege must be granted separately because MySQL has

no such thing as a role while in Oracle, users can create and assign roles that incorporate

different privileges together.

Controlling the Look and Feel of the Database

In conclusion, Oracle, MySQL, and Microsoft Access have almost the same in

terms of their look and feel features but Microsoft Access has already templates like the

other Microsoft application which makes them ahead of the other two databases because

it can help a new user to change their layout.

Securing a Replicated Database

The Oracle and MySQL database has different ways of replicating their database

because replicating works on their corresponding binary logging format in my.cnf

configuration file. In the year 2022, replications are not already existed in Microsoft

Access.

The Oracle database has a data guard which allows the user to replicate their

database in the most secure way. According to the article by Oles (2019), the data guard
34

maintains standby databases as copies of the production database. Data Guard can switch

any standby to the production role, thus downtime. Data guard can be used for backup,

restoration, and cluster techniques to provide a high level of data protection and data

availability.

Creating and Updating a Password

In the MySQL database, there is a feature where the password expires for the

users to change it periodically but in Oracle, it supports a single password that can be

changed to the various targets where passwords are required.

In conclusion, MySQL is good when it comes to securing the password because

aside from the self-expiring password, they are also strict when changing passwords. The

MySQL database does not allow the user to repeat its old password.

Summary

Oracle and MySQL are the best choices for Mr. because they have almost the

same features but Microsoft Access does not have enough security like Oracle and

MySQL.

In overall conclusion, Oracle is for those large businesses and for users who have money

because it is a commercial database while MySQL is open-source and can be afforded by

everyone.
35

Chapter 5

RECOMMENDATION

1. The researcher recommends that the DBMS should require both external and

internal storage space in order for it to perform quickly and efficiently.


36

2. In terms of cost-effectiveness. The need to get the right software is quite

expensive like Oracle.

Chapter 6

REFERENCES

Security in MySQL.
37

https://dev.mysql.com/doc/mysql-security-excerpt/8.0/en/password-

management.html#:~:text=MySQL%20supports%20these%20password

%2Dmanagement,current%20password%20to%20be%20replaced.

MySQL vs. Oracle: Core differences and similarities

https://www.flexmonster.com/blog/mysql-vs-oracle-core-differences-and-similarities/

MySQL vs. Oracle: Comparing two Oracle-owned Relational Database Management

Systems

https://towardsdatascience.com/mysql-vs-oracle-sql-a97a7659f992

Wolfe, M. (2021). MySQL vs. Access: An open-source vs. a proprietary clash

https://towardsdatascience.com/mysql-vs-access-5db036bcdf4d

Oracle Security vs. MySQL security

https://www.club-oracle.com/threads/oracle-security-versus-mysql-security.16056/

Oracle vs. MySQL compared

https://docs.oracle.com/cd/E39885_01/doc.40/e18461/

oracle_mysql_compared.htm#RPTMS119

Joydip Kanjilal (2008). Microsoft Access Database Security-Security Permission.

http://www.databasedev.co.uk/permissions.html

Access 2003 User-level security. https://support.microsoft.com/en-us/office/set-or-

change-access-2003-user-level-security-in-current-access-versions-0c6a10e7-966f-44f4-

864e-5d2ef79439fa

Joydip Kanjilal (2008). Microsoft Access Database Security.

https://www.databasedev.co.uk/change_password.html
38

User-level Security. https://support.microsoft.com/en-us/office/what-happened-to-user-

level-security-69b362cd-503f-4e8a-a735-fb923ffb9fa3

Security Windows 10 Windows 8.1 Windows 7 Microsoft account dashboard.

https://support.microsoft.com/en-us/windows/create-and-use-strong-passwords-

c5cebb49-8c53-4f5e-2bc4-fe357ca048eb

Andrew Gould(2007). Changing Form Appearance in Access 2007.

https://www.wiseowl.co.uk/blog/s168/how_to_change_form_appearance_in_access.htm

Object-Relational Developer’s Guide

https://docs.oracle.com/en/database/oracle/oracle-database/21/adobj/index.html

Chapter 7
39

EVIDENCES OF THE ZOOM OF THE MEMBERS

You might also like