Skip navigation.
Вхідна сторінка
Авторський сайт

On Restricted Set of DML Operations in an ERP System’s Database

Zhezhnych P., Tarasov D. (2019) On Restricted Set of DMLi Operations in an ERP System’s Database. In: Shakhovska N., Medykovskyy M. (eds) Advances in Intelligent Systems and Computing III. CSIT 2018. Advances in Intelligent Systems and Computing, vol 871. Springer, Cham

Abstract
Information securityi is very important and critical indicator of reliability and efficiency of modern information systems. Violation of information integrity and availability usually causes to financial and reputational losses and incorrect decision making for owners of information. This paper proposes some approaches to avoid these information threads with the restricted set of DML operations that are available to users of an ERP system. These approaches are based on an analysis of semantics of data modification operations in terms of ERP-systemi developers and ERP security system violators that results special rules of applying certain DML operations during data processing. The analysis allowed identifying potential losses that may be caused by unauthorized usage of DML operations like inserting incorrect and redundant information, erasing necessary information, information faking, erasing the traces of previous interventions into the ERP system, blocking databasei data objects etc. The proposed approach to adapting the database schema to store the whole history of data records processing as regular data provides elimination of these losses because of disallowing the UPDATE operation and controlling the ability to use the DELETE operation for different types of ERP-system users.

Keywords
Information system; Database; DML; Database schema; Information security; ERP system; SQLi

URL: https://link.springer.com/chapter/10.1007/978-3-030-01069-0_19

Додати новий коментар

Ця інформація зберігається приватно і не буде оприлюднена.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Рядки та параграфи відокремлюються автоматично.
  • Glossary terms will be automatically marked with links to their descriptions. If there are certain phrases or sections of text that should be excluded from glossary marking and linking, use the special markup, [no-glossary] ... [/no-glossary]. Additionally, these HTML elements will not be scanned: a, abbr, acronym, code, pre.

Детальніше про опції форматування