Description
Q1. Discuss three tier Client-Server DBMS architecture in relation with the functionality of each
layer. How does it improve the security of a database?
2. Respond to two other classmates’ postings by critically reviewing your classmate’s answer
and stating which points you agree or disagree with.
*An example of unacceptable replies: “I agree with you”, “good post I like it”, “I think your post
it good” or any similar are not acceptable replies.
Respond to two other classmates:
1. Maryam Almarzoog:
Three tier Client-Server DBMS architecture and their functionality of each layer:
Presentation tier:
The application’s user interface and communication layer, or presentation tier, is where users
interact with the program. Information presentation and data collection from the user are its
primary goals. This top layer can be used with a graphical user interface (GUI), a desktop
program, or a web browser.
Application tier:
Is the application’s key component. This layer uses business logic, or a particular set of business
rules, to handle data that was gathered in the presentation tier. This processing may involve
comparing the obtained data to other data from the data tier.
Data tier:
A database and a software for controlling read and write access to a database make up the data
tier. This layer, which can be hosted in the cloud or on-premises, is also known as the storage
tier.
It’s Security:
It is possible to apply several security tiers at different levels. Additionally, this reduces possible
attack surfaces by isolating the logic layer from the sensitive data layer. As an example, the logic
Confidential – مقيد
layer may be used to cleanse incoming data and impose field-level validation on a form. Due to
the ability to do two checks on the data, security flaws like SQL injection are avoided.
2. SAHAR ALFARAJ:
The three-tier client-server architecture is a systematic framework in database management
systems (DBMS) that improves the functionality and security of the system by partitioning the
application into three separate layers: the display layer, the business logic layer, and the data
network. The presentation layer functions as the user interface, enabling users to engage with
the program by entering data and obtaining output, usually delivered through online forms or
graphical interfaces. The business logic layer serves as an intermediate component, handling
user requests, implementing business rules, and doing essential validations prior to any data
connection. This layer serves to encapsulate the fundamental functionality of the program,
therefore guaranteeing that actions such as computations and data manipulations strictly
conform to predetermined business logic. Ultimately, the data layer has the responsibility of
overseeing all interactions with the database, running queries, and managing the storage and
retrieval of data. The use of this architectural separation greatly enhances database security in
several aspects. Firstly, it facilitates a distinct separation of duties, thereby enabling
autonomous security policies for each layer. For example, confidential database activities might
be limited to the data layer, while user interactions are handled in the presentation layer.
Furthermore, it is possible to incorporate access control techniques at the business logic layer in
order to enforce authentication and permission prior to any request reaching the data layer.
This guarantees that only those with proper authority are able to access privileged information.
Furthermore, the fact that clients do not directly engage with the database server, but rather
through the business logic layer, serves to minimize vulnerability to possible attacks like SQL
injection. Further limiting risks connected with harmful data, the business logic layer also plays a
critical role in verifying user input before it is processed or saved in the database. In summary,
this three-tier design improves both scalability and maintainability, while also providing a strong
foundation for protecting sensitive data and implementing rigorous access controls across the
program.
REFERENCES
Fong, J., & Hui, R. (1999). Application of middleware in the three tier client/server database
design methodology. Journal of the Brazilian Computer Society, 6, 50-64.
Confidential – مقيد
Pudichery, J. (2000). 3-Tier Client/Server System In Web-based E-Business Applications.
BUSINESS AND BEHAVIORAL SCIENCES TRACK SECTION OF COMPUTER INFORMATION SYSTEMS
AND MANAGEMENT INFORMATION SYSTEMS, 7(5), 84.
Answer 1:
Respond:
1.
2.
Confidential – مقيد
layer. How does it improve the security of a database?
2. Respond to two other classmates’ postings by critically reviewing your classmate’s answer
and stating which points you agree or disagree with.
*An example of unacceptable replies: “I agree with you”, “good post I like it”, “I think your post
it good” or any similar are not acceptable replies.
Respond to two other classmates:
1. Maryam Almarzoog:
Three tier Client-Server DBMS architecture and their functionality of each layer:
Presentation tier:
The application’s user interface and communication layer, or presentation tier, is where users
interact with the program. Information presentation and data collection from the user are its
primary goals. This top layer can be used with a graphical user interface (GUI), a desktop
program, or a web browser.
Application tier:
Is the application’s key component. This layer uses business logic, or a particular set of business
rules, to handle data that was gathered in the presentation tier. This processing may involve
comparing the obtained data to other data from the data tier.
Data tier:
A database and a software for controlling read and write access to a database make up the data
tier. This layer, which can be hosted in the cloud or on-premises, is also known as the storage
tier.
It’s Security:
It is possible to apply several security tiers at different levels. Additionally, this reduces possible
attack surfaces by isolating the logic layer from the sensitive data layer. As an example, the logic
Confidential – مقيد
layer may be used to cleanse incoming data and impose field-level validation on a form. Due to
the ability to do two checks on the data, security flaws like SQL injection are avoided.
2. SAHAR ALFARAJ:
The three-tier client-server architecture is a systematic framework in database management
systems (DBMS) that improves the functionality and security of the system by partitioning the
application into three separate layers: the display layer, the business logic layer, and the data
network. The presentation layer functions as the user interface, enabling users to engage with
the program by entering data and obtaining output, usually delivered through online forms or
graphical interfaces. The business logic layer serves as an intermediate component, handling
user requests, implementing business rules, and doing essential validations prior to any data
connection. This layer serves to encapsulate the fundamental functionality of the program,
therefore guaranteeing that actions such as computations and data manipulations strictly
conform to predetermined business logic. Ultimately, the data layer has the responsibility of
overseeing all interactions with the database, running queries, and managing the storage and
retrieval of data. The use of this architectural separation greatly enhances database security in
several aspects. Firstly, it facilitates a distinct separation of duties, thereby enabling
autonomous security policies for each layer. For example, confidential database activities might
be limited to the data layer, while user interactions are handled in the presentation layer.
Furthermore, it is possible to incorporate access control techniques at the business logic layer in
order to enforce authentication and permission prior to any request reaching the data layer.
This guarantees that only those with proper authority are able to access privileged information.
Furthermore, the fact that clients do not directly engage with the database server, but rather
through the business logic layer, serves to minimize vulnerability to possible attacks like SQL
injection. Further limiting risks connected with harmful data, the business logic layer also plays a
critical role in verifying user input before it is processed or saved in the database. In summary,
this three-tier design improves both scalability and maintainability, while also providing a strong
foundation for protecting sensitive data and implementing rigorous access controls across the
program.
REFERENCES
Fong, J., & Hui, R. (1999). Application of middleware in the three tier client/server database
design methodology. Journal of the Brazilian Computer Society, 6, 50-64.
Confidential – مقيد
Pudichery, J. (2000). 3-Tier Client/Server System In Web-based E-Business Applications.
BUSINESS AND BEHAVIORAL SCIENCES TRACK SECTION OF COMPUTER INFORMATION SYSTEMS
AND MANAGEMENT INFORMATION SYSTEMS, 7(5), 84.
Answer 1:
Respond:
1.
2.
Confidential – مقيد
Purchase answer to see full
attachment
