Unanswered: Daffodil DB: Secured solutions for all enterprise needs
The security aspect has always been a matter of prime concern for the enterprises. While designing Daffodil DB these concerns have been optimally addressed. Daffodil DB provides comprehensive security measures to ensure security and consistency for the client applications. A brief list of security measures can be described as follows
Daffodil DB supports the provision of creating separate user accounts for different users. This helps in providing conditional access based upon the type of the user, usage requirements, and security provisions of the enterprise.
A role is a collection of privileges grouped under a single name. Instead of granting privileges to individual users, the Database Owner grants them a role. This role, in turn, is granted to the users that need the corresponding privileges.
3.Using Views to Manage Privileges
Rather than granting users privileges on a particular table, you can give them access to a view of the table. With the help of Daffodil DB Database owners can create views containing particular fields of a table and assign them to particular users. In this way the users can get a view of the data contained in a particular table but the data is secured as the users cannot change it.
4.Object Privileges for the users and roles
Daffodil DB permits users and roles to allow specific privileges to different users for restricting or providing the access to different database tables or objects. A user or role may access an object once it has been granted the necessary privilege. If it tries to perform an action for which it does not have the necessary privilege, Daffodil DB generates an error. These measures can be used conditionally to ensure security and consistency.
5.Using Stored Procedures to Manage Privileges
Through stored procedures you can restrict the database operations that users can perform. You can allow them to access data only through procedures that execute with the definer's privileges. For example, you can allow users to access a procedure that updates a table, but not grant them access to the table itself. When a user invokes the procedure, the procedure executes with the privileges of the procedure's owner. Users who have only the privilege to execute the procedure (but not the privileges to query, update, or delete from the underlying tables) can invoke the procedure, but they cannot manipulate table data in any other way.
Daffodil DB allows users and roles to provide execution rights to other users and roles. This feature helps the users and roles to share procedures with others. Without proper rights no user or role will be able to execute a procedure. This feature is directed towards encouraging sharing security.
A secure database environment would not be complete without consideration of encryption technology. The term encryption refers to the practice of obscuring the meaning of a piece of information by encoding it in such a way that it can only be decoded. To ensure a tight leashed security, Daffodil DB supports various encryption algorithms. The users can encrypt the data before storing them in a table with the help of a particular algorithm. Daffodil DB uses the following encryption algorithms to secure the data i.e. Blowfish, aes, tea, des, two fish, des3, and idea. Users can specify any of these algorithms for encryption while creating the database
All these measures should be used collectively to provide an effective security mechanism for a Daffodil DB database.