|
Term |
Definition |
|
Access |
To store data
on and retrieve data from a database |
|
Access Control |
The management
of admission to database system. The first part of access control
is authenticating the user, which proves the identity of the user
or client machine attempting to log on. The second part is
granting the authenticated user access to specific information
(table/column/rows in a database for example) based on company
policies and the permission level assigned to the user. |
|
ACL |
A set of data
associated with a Database, file, directory or other network
resource that defines the permissions that users, groups,
processes or devices have for accessing it |
|
AIAC |
Application
Independent Access Control: Access Control that is not specific to
any application roles, rules or groups and therefore enforceable
independent of the application. |
|
Application Level Access Control |
Access
Controls mechanism that is build in an application and becomes
effective on database access only for the user of that specific
application. |
|
ARC |
Access Rights
Control: Trademark of Age Tak Inc. This term is also used to name
the technology underlying Age Tak's software products |
|
ARC Dashboard |
ARC dash
board provides real time view of the security status and access
controls of the database that is being monitored by ARC. |
|
ARC Data Server (DS |
ARC software
component that sits on the Database server as a proxy server to
the native database. |
|
ARC Governor |
ARC software
component that is installed on a Unix or Windows server and used
to govern the policy (storing policies and enforcing policies). It
directs ARC DS to enforce the policy. |
|
ARC Load Balancer |
In large
concurrent user environment, distribution of processing
responsibility of incoming transactions is spread among multiple
ARC Virtual Data Servers. ARC Load Balancer is an ARC component
that acts as the first point of contact for a user connection to
the database and directs it to the least busy ARC Virtual Data
Port. |
|
ARC Mux |
A component
of ARC VDS that manages the execution of a single query in
distributed environment including the enforcement of security
policy. |
|
ARC Studio Mapper |
ARC
administrator GUI tool used for mapping the multiple schemas into
one virtual schema |
|
ARC Studio Standard |
ARC
administrator GUI tool used for creating the policies |
|
ARC VDP |
ARC Virtual
data port: A component of ARC VDS that act as the database proxy
for virtual schema |
|
ARC VDS |
ARC Virtual
Data Server: Age Tak's products that enables federation of
databases (see Federated database) and manages the security
centrally in distributed environment. |
|
ARC Schema Element |
A unique
value derived from the combination of
database.schema.table.column used to address a specific data
element while defining the ARC policies. This is used in ARC logic
to define the finest granularity. |
|
ARC Scope |
A conditional
expression or an object returning logical value used for
restricting the rows being accessed by a user based on certain
condition. |
|
Audit |
Formal and
methodical examination of an organization's security situation |
|
Audit Trail |
A record of a
sequence of events (as actions performed by a computer) from which
a history may be reconstructed |
|
Authentication |
Verifying the
identity of a user logging onto a network. Passwords, digital
certificates, smart cards and biometrics can be used to prove the
identity of the client to the network. Passwords and digital
certificates can also be used to identify the network to the
client. The latter is important in wireless networks to ensure
that the desired network is being accessed |
|
Authorization |
The right or
permission to use a database system; the process of granting such
access |
|
Availability |
Relates to
information being available when required by the business process
now and in the future. It also concerns the safeguarding of
necessary resources and associated capabilities |
|
Confidentiality |
Concerns the
protection of sensitive information from unauthorized disclosure. |
|
Control |
The policies,
procedures, practices and organizational structures designed to
provide reasonable assurance that business objectives will be
achieved and that undesired events will be prevented or detected
and corrected. |
|
Control Objective |
A statement
of the desired result or purpose to be achieved by implementing
control procedures in a particular IT activity |
|
Encryption |
The
reversible transformation of data from the original (the
plaintext) to a difficult-to-interpret format (the ciphertext) as
a mechanism for protecting its confidentiality, integrity and
sometimes its authenticity. Encryption uses an encryption
algorithm and one or more encryption keys |
|
Entrance |
In ARC
Governor, an Entrance is a named logical collection of ARC Schema
elements grouped together and treated uniquely from security
standpoint while defining ARC policies. |
|
Federated Database |
A collection
of databases that are treated as one entity and accessed by
database clients as a single database thru one virtual schema. See
also Virtual Database |
| Firewall |
The primary
method for keeping a computer secure from intruders. A firewall
allows or blocks traffic into and out of a private network or the
user's computer. Firewalls are widely used to give users secure
access to the Internet as well as to separate a company's public
Web server from its internal network. Firewalls are also used to
keep internal network segments secure; for example, the accounting
network might be vulnerable to snooping from within the enterprise |
|
Integrity |
Relates to
the accuracy and completeness of information as well as to its
validity in accordance with business values and expectations |
|
JDBC |
(Java
Database Connectivity) A programming interface that lets Java
applications access a database via the SQL language. Since Java
interpreters (Java Virtual Machines) are available for all major
client platforms, this allows a platform-independent database
application to be written. In 1996, JDBC was the first extension
to the Java platform. JDBC is the Java counterpart of Microsoft's
ODBC |
|
ODBC |
(Open
Database Connectivity) A database programming interface from
Microsoft that provides a common language for Windows applications
to access databases on a network. ODBC is made up of the function
calls programmers write into their applications and the ODBC
drivers themselves.
For client/server database systems such as Oracle and SQL Server,
the ODBC driver provides links to their database engines to access
the database. For desktop database systems such as Access and
FoxPro, the ODBC drivers actually manipulate the data. ODBC
supports SQL and non-SQL databases. Although the application
always uses SQL to communicate with ODBC, ODBC will communicate
with non-SQL databases in its native language. |
|
On the Fly |
Something
that is done simultaneously with another task during the normal
operation without halting or interrupting the operation |
|
Permit |
In ARC
products, a permit is a collection of Entrances with four types of
access permissions (Allow, Deny, conditional allow, conditional
deny) associated with them that can be assigned to roles or users. |
|
Policy |
The rules and
regulations set by the organization. Policy determines the type of
internal and external information resources employees can access |
|
Privacy |
Freedom from
unauthorized intrusion. Privacy is the right of individual to
determine for themselves when, how and what extent of information
about them is communicated to others. |
|
Rights |
The power or
privilege to access the data to which a user is justly entitled |
|
Rule |
Policy
configured in ARC Governor for enforcement purpose |
|
Security |
Security
Management comes under the umbrella of Information Security, which
aims to ensure the safety of information. Safety refers to not
being vulnerable to known risks, and avoiding unknown risks where
possible. The tool to provide this is security. The aim is to
protect the value of the information. This value depends on
confidentiality, integrity and availability. This depends on the
continuity provided by the information processing systems.
Secondary aspects include privacy (confidentiality and integrity
of information relating to individuals), anonymity, and
verifiability (being able to verify that the information is used
correctly and that the security measures are effective). |
| SQL Firewall |
Firewall
function applied on SQL commands directed to a database server |
|
TDS |
Protocol
under which Microsoft SQL Servers and its clients communicate with
each other. |
|
TNS |
Protocol
under which Oracle Servers and its clients communicate with each
other. |
|
UDB |
(DB2
Universal Database) An enhanced and very popular version of DB2
that combines relational and object database technology as well as
various query optimization techniques for parallel processing.
Also geared for electronic commerce, DB2 UDB provides graphical
administration, Java and JDBC support. DB2 UDB runs on mainframes,
Windows NT/2000 and various versions of Unix. |
| Virtual
Database |
A single view
into multiple databases as if they were one |
