Implementing Database Security - Assignment Example

Fourth, the 2014 MS SQL server also has SQL Server Data Files in Windows Azure facilitating the integral compatibility for SQL Server database files stored as Windows Azure Blobs. With these features, users of the 2014 MS SQL server will be able to form a database in an SQL Server operating on-premises or in a computer-generated device in Windows Azure with a developing storage site and the users’ information in Windows Azure Blob Storage. Each of these features works well in contrast to the former SQL Server by Microsoft (Natan, p. 74).

I can ensure that the DBMS operates in a consistent overall secure environment by first checking whether the DBMS setting on which it is operating is at maximum capacity and output. Assuring optimal capacity enables me to store the file and its sensitivity degree in the database (Natan, p. 223). As a result, the DBMS makes sure that only authorized users can read or edit the file. Second, I can make the DBMS multi-level so that it can with similar authorization ranges. Afterward, I can store the file at any location because it is presumed that the location can process the information that agrees upon. Third, the DBMS is at a multi-level, I can make it handle the authorization ranges differently. This way, the file stored at a given location can be authorized to read or edit the degree of the file (Natan, p. 223).

An example of how buffer overflows can make databases susceptible is a program composed in a language that tolerates or even facilitates buffer overflows (Natan, p. 24). Occasionally, such a program can depend on another program composed in a language that facilitates buffer overflows. Such a program will replicate information from a single stream on the stack to another without initially testing their sizes (Natan, p. 24). This program does not employ methods like canary values or non-applicable stacks to stop buffer overflows. At this point, is very possible that the database accommodating this program is susceptible to external intrusion. Programs regularly distribute memory buffers to store various kinds of information. For instance, the program requests entry input and distributes a buffer to accommodate provided input (Natan, p. 25).

C2 Security is a federal evaluation for security wearing the network has been qualified for flexible resource security and auditing abilities. For instance, the SQL Server has a C2 accreditation. However, this accreditation is just binding for a given assessed configuration (Natan, p. 33). C2 Auditing the tracing of audit incidents and data and storing them in a file in a default directory. If this file grows to a size cap of 200 MB, C2 Auditing begins a new file, saves and shut down the previous one, and it all the newly audited information in the new file. C2 Security is important because it must be fixed in the SQL Server in line with the assessed configuration or the user will fail to confirm that he or she is operating a C2-level system (Natan, p. 33). C2 Auditing is important because users cannot toggle the system-admin functionality without it. Read More