Question

In: Computer Science

Consider a multi-user system running a database server, with a role-based access control (RBAC) system. One...

Consider a multi-user system running a database server, with a role-based access control (RBAC) system. One role in this system is Database Developer, for those responsible for creating and populating new databases and database applications. A second role is Database Administrator, responsible for managing the configuration of the database server and database user accounts. Make two lists, one for each of these two roles, with names of permissions that might be assigned to each role. Be as specific as possible. How many permissions do the two roles have in common? How many are different?

Solutions

Expert Solution

DATABASE DEVELOPER PERMISSIONS DATABASE ADMINISTRATOR PERMISSIONS
ALTER ANY APPLICATION CREATE SCHEMA
SELECT CONNECT
ALTER ANY ASSEMBLY ALTER ANY ROLE
SHOWPLAN CREATE ROLE
ALTER ANY DATABASE DDL TRIGGER ALTER ANY APPLICATION ROLE
UPDATE VIEW DEFINATION
ALTER ANY DATASPACE BACKUP DATABASE
ALTER ANY MESSAGE TYPE BACKUP LOG
ALTER ANY SCHEMA CHECKPOINT
CREATE AGGREGATE ALTER ANY ASSEMBLY
CREATE ASSEMBLY ALTER ANY KEY
CREATE DEFAULT ALTER ANY CERTIFICATE
CREATE FULLTEXT CATALOG ALTER ANY CONTRACT
CREATE TYPE ALTER ANY USER
CREATE FUNCTION ALTER ANY DATABASE DDL TRIGGER
CREATE VIEW ALTER ANY DATABASE EVENT NOTIFICATION
CREATE PROCEDURE CREATE FULLTEXT CATALOG
CREATE ROLE ALTER ANY DATASPACE
DELETE ALTER ANY MESSAGE TYPE
CREATE RULE ALTER ANY ROUTE
CREATE SCHEMA ALTER ANY SCHEMA
EXECUTE ALTER ANY SERVICE
CREATE SERVICE REFERENCES
INSERT CHECKPOINT
CREATE SYNONYM CREATE AGGREGATE
REFERENCES CREATE DEFAULT
CREATE TABLE CREATE FUNCTION
CREATE DATABASE DDL EVENT NOTIFICATION CREATE PROCEDURE
CREATE XML SCHEMA COLLECTION CREATE QUEUE
CREATE XML SCHEMA COLLECTION
UPDATE
CREATE TABLE
CREATE TYPE
CREATE VIEW
SELECT
GRANT READ, WRITE PERMISSIONS TO USERS

Total 25 permissions are similar.

Database Developer have 4 different permissions.

Database Administrator have 11 different permissions.


Related Solutions

Role-based access control (RBAC), an accepted model for access control in enterprise environments, may provide the...
Role-based access control (RBAC), an accepted model for access control in enterprise environments, may provide the means for conditions effectively restrict access based on rules and prerequisite conditions. However, there may be weaknesses in this approach. Provide strengths and weaknesses of role-based access control use in any size organization of your choice.
Design a role-based access control system. Thank you. Will leave a great rating A course registration...
Design a role-based access control system. Thank you. Will leave a great rating A course registration system is a computer system used by the university's administration to plan courses, for students to register for courses, and for faculty to grade them. Students and faculty can only enroll or teach a class if they have been recorded in the registration system. Students are entered into the system by and Admissions representatives; faculty members by a Human Resources employee. For all persons,...
How can a system for multi-level access control be implemented for government and military applications? What might access rules look like for such a system?
How can a system for multi-level access control be implemented for government and military applications? What might access rules look like for such a system?  
a) You have installed the DNS server role on a computer running Windows Server 2016 and...
a) You have installed the DNS server role on a computer running Windows Server 2016 and in the process of configuring forward/reverse lookups. Explain the difference between “ping www.google.com” and “ping the IP address of Google server at 172.217.167.68”. You may want to try both and observe any differences. Your answer should include your explanation, as well as screenshots. [5 Marks] b) Network administrators warn against configuring a file server to use DHCP. Explain what would happen if a file...
a) You have installed the DNS server role on a computer running Windows Server 2016 and...
a) You have installed the DNS server role on a computer running Windows Server 2016 and in the process of configuring forward/reverse lookups. Explain the difference between “ping www.google.com” and “ping the IP address of Google server at 172.217.167.68”. You may want to try both and observe any differences. Your answer should include your explanation, as well as screenshots. b) Network administrators warn against configuring a file server to use DHCP. Explain what would happen if a file server was...
a) You have installed the DNS server role on a computer running Windows Server 2016 and...
a) You have installed the DNS server role on a computer running Windows Server 2016 and in the process of configuring forward/reverse lookups. Explain the difference between “ping www.google.com” and “ping the IP address of Google server at 172.217.167.68”. You may want to try both and observe any differences. Your answer should include your explanation, as well as screenshots.
Q22: Which one of the following statements is a correct in Access Control? 1. A user...
Q22: Which one of the following statements is a correct in Access Control? 1. A user who is given permission to read a file is called an object. 2. A custodian of a data file configures who can have a read access to the file. 3. A data file created by owner is called a subject. 4. End users of files review the security settings of data files. 5. Discretionary Access Control (DAC) is most restrictive model.
a) What are the most important differences between MS Access and as Server database like SQL...
a) What are the most important differences between MS Access and as Server database like SQL Server? b) Does Access have any advantages over SQL Server? c) Describe one or more scenarios where you would recommend upgrading an existing MS Access application to SQL Server. Not the use of SQL Server Express edition.
HIPAA security , physical safeguard give examples of the following : 1) user-based access control 2)...
HIPAA security , physical safeguard give examples of the following : 1) user-based access control 2) role-based access control 3) context-based access control
List the elements of the Docker container system. What is a multi-tenant database?
List the elements of the Docker container system. What is a multi-tenant database?
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT