Authentication: the encryption key and require a decryption key


Authentication is a process of verifying the identity of a
person/software connecting to an application. One of the simple form of
authentication contains secret password that must be presented when a user
connects to the DBMS system or application. But, passwords are easily
compromised, so more robust schemes are needed for critical data or
applications such as online bank accounts. Most of the applications use
two-factor authentication, in which two independent factors are used to
identify a user and at the same time two factors should not share a common
vulnerability. In most of the two-factor authentication schemes passwords are
used as the first factor and smart cards or other encryption devices are used
as the second factor. Apart from the two-factor authentication there are many
types of authentication methods like biometric authentication which uses
physical characteristic such as , fingerprint, eye iris, or handprint to
authenticate the user, Token-Bases authentication and certificate based

We Will Write a Custom Essay Specifically
For You For Only $13.90/page!

order now




Encryption is a process
in which data is transmitted in the form which cannot be readable or understood
by the other person until unless the reverse process of decryption is applied.
In order to perform encryption we use an encryption algorithms which will use
the encryption key and require a decryption key to perform decryption.
Previously encryption is used for transmitting messages using a secret key
which is known to sender and the intended receiver even if the message is
hacked/intercepted by an attacker, the attacker without knowing the key will
not be able to decrypt and understand the message which was sent. Encryption is
widely used today for protecting data in transit in a variety of application
such as data transfer. Encryption is also used to carry out other tasks such as



A multiuser database system must permit users to selectively
share data while retaining the ability to restrict data access, there must be a
mechanism to provide protection and security, permitting information to be
accessed only by properly authorized users. Further, when tables or restricted
views of tables are created and destroyed dynamically, the granting, checking,
and revocation of authorization to use them must also be dynamic. In current
database management systems the ability to grant authorization to perform
actions on objects resides with a central “database administrator”