In a shared database environment access control risks include corruption, theft, misuse and destruction of data. Several database control features are as follows:
(1) User View: It is a subset of the total database that defines the user’s data domain and provides access to the database. Although user views can restrict user access to a limited set of data, they do not define task privileges such as read, delete or write.
(2) Database Authorization table: This contains rules that limits the actions a user can take. This is similar to access list used in operating system. Each user is granted certain privileges that are coded in the authority table, which is used to verify the user’s action requests.
(3) User Defined Procedures: This allows the user to create a personal security program to provide more positive user identification than a single password can e.g. a series of personal questions which only the legitimate user knows.
(4) Data Encryption: Highly sensitive data like product formulas, password files etc. are protected by this. It uses an algorithm to scramble selected data and makes it unreadable to others. Also it protects data that are transmitted through networks.
(5) Biometric Devices: This measures various personal characteristics such as fingerprints, voice prints, signature etc. which are digitized and stored permanently in a database security file or on an identification card of the user.