Case 1: Developing an Online Database
A new dot-com company has decided to launch an affiliated Web site specifically for individuals interested in database issues. The main mission of the website is to provide a forum for database technical tips, issues, and scripts. The CIO and his technical team held a meeting to draft the requirements for the new Web Site and decided that it should include the following:
– Technical documents
– A forum where members can exchange ideas and share experiences
– Online access so that members can query or try the sites technical examples and scripts.
– A tips section.
– Technical support for error messages
Immediately after the meeting, the newly appointed project manager asks you to implement security for the site. She mentions that the security of a public database is so important that the CIO himself outlined the security requirements, as follows:
– The online database will have 10 public host database accounts that allow multiple sessions.
– The password of a public host account must be reset to its original setting whenever disconnects or logoffs occur.
– The maximum duration for a session is 45 minutes.
– Allocations will be set on memory and CPU usage to make sure the database is not overloaded due to excessive burden caused by badly written queries.
– Storage for each public host account must be limited to 1 MB
– The public host accounts will have privileges to create the most common database objects.
– All newly created objects must be removed before logoff.
– The database must have the default human resources (HR) user account enabled. All other accounts will be removed. All public host accounts must be able to view the data owned by HR, but must not be allowed to modify the data or structure of the database objects.
– When a member logs onto the database, all session information, such as IP address, terminal, and user session information, must be recorded for future analysis.
You may add other security or auditing features, as long as you don’t overlook any of the requirements in this list.