Authentication refers to the task of verifying the identity of aperson/softwareconnecting to an application. The simplest form of authenticationconsists of asecret password that must be presented when a user connects to theapplication.Unfortunately, passwords are easily compromised, for example, byguessing, orby sniffing of packets on the network if the passwords are notsent encrypted.More robust schemes are needed for critical applications, such asonline bankaccounts.
Encryption is the basis for more robust authenticationschemes.Many applications use two-factor authentication, where two independentfactors (that is, pieces of information or processes) are used to identifya user. Thetwo factors should not share acommon vulnerability; for example, if a systemmerelyrequired two passwords, both could be vulnerable to leakage in the samemanner.While biometrics such as fingerprints or iris scanners can be used insituationswhere a user is physically present at the point of authentication, theyarenot very meaningful across a network. Passwords are used as the first factor inmost such two-factor authentication schemes. Smart cards or other encryptiondevices connected through the USBinterface,which can be used for authentication based on encryption techniques are widelyused as second factors. We may want to differentiate among the users as far as thetype of access they are permitted on various data values in thedatabase. Thesedifferentiations are expressed in terms of authorization, the most commonbeing: read authorization, which allows reading, but not modification, ofdata; insert authorization, which allows insertion of new data, but notmodificationof existing data; update authorization, which allows modification,but not deletion, of data; and delete authorization, which allows deletion ofdata.
We may assign the user all, none, or a combination of thesetypes ofauthorization. The DDL, just like any other programming language, gets asinput someinstructions (statements) and generates some output. The output ofthe DDL isplaced in the datadictionary,which contains metadata—that is, data about data.The data dictionary is considered to be a special type of tablethat can only beaccessed and updated by the database system itself (not a regularuser). Thedatabase system consults the data dictionary before reading or modifyingactualdata.
Encryptionrefers to the process of transforming data into a form that is unreadable,unlessthe reverse process of decryption is applied. Encryption algorithmsusean encryption key to perform encryption, and require a decryption key (whichcouldbe the same as the encryption key depending on the encryption algorithmused)to perform decryption.Theoldest uses of encryption were for transmitting messages, encryptedusinga secret key known only to the sender and the intended receiver.
Even ifthemessageis intercepted by an enemy, the enemy, not knowing the key, will notbeable to decrypt and understand the message. Encryption is widely used todayforprotecting data in transit in a variety of applications such as data transferontheInternet, and on cellular phone networks. Encryption is also used to carry outothertasks, such as authentication