These defenses are described in the following table.
defenses
This table lists and describes defenses against threats, including who is responsible for implementing each defense.
Defense
Task Owner
Description
SSL/TLS
System Administrator
The System Administrator can require that SSL/TLS be used to
encrypt network traffic between
clients and servers,
along the way raising an extra authentication hurdle.
Encryption
Database Owner
A Database Owner can require that the data for an application
be encrypted before being stored on disk. This makes it expensive to steal and
corrupt the data.
Authentication
Database Owner
Using usernames and passwords, a Database Owner can restrict
access to an application's data.
Coarse-grained authorization
Database Owner
A Database Owner can divide an application's users into three
groups: those with no privileges, those with read-only privileges, and those
with read-write privileges.
Fine-grained SQL authorization
Database Owner
By using SQL GRANT and REVOKE statements, a Database Owner
can further restrict access to fine-grained pieces of data and code.