数据库安全性实验报告.docx

SQLServer身份验证的登录名,登录名称自定。CREATE LOGIN Z_2011013199WITH PASSWORD='2011013199'CREATE LOGIN ZX_2011013199WITH PASSWORD='2011013199'CREATE LOGIN ZXJ_2011013199WITH PASSWORD='2011013199'“gongcheng”数据库映射三个数据库用户,数据库用户名为Tom,Mary和John,使这三个登录名可以访问“gongcheng”数据库。USEgongchengGOCREATE USERTomFORLOGIN Z_2011013199--DROPUSERTomUSEgongchengGOCREATE USERMary FORLOGIN ZX_2011013199--DROPUSERMaryUSEgongchengGOCREATE USERJhon FORLOGIN ZXJ_2011013199--。GRANTCREATE TABLETOJhonGRANTCREATE VIEWTOJhon连接后:验证代码:GOCREATE SCHEMAtest_schemaAUTHORIZATION :(1)把对表S的INSERT权力授予用户 Tom,并允许他再将此权限授予其他用户 。GRANTINSERTONSTOTomWITH GRANTOPTION检验如下:2)用户Mary对S,P,J三个表有SELECT和INSERT权力GOGRANTSELECT,INSERTONSTOMaryGRANTSELECT,INSERTONPTOMaryGRANTSELECT,INSERTONJTOMaryGO检验如下:3)用户Tom对SPJ表有DELETE权力,对QTY字段具有UPDATE权力。GOGRANTDELETE,update (QTY)ONSPJTOTomGO检验如下:架构的创建:检验代码:USEgongchengUPDATE SPJSET QTY=QTY+2000DELETEFROMSPJWHERESno='S3' ORSno='S4'(4)把对用户Tom授予的所有权力收回GOREVOKEDELETE,update (QTY)ONSPJFROMTomREVOKEINSERTONSFROMTOMGO5)对用户Mary增加SPJ表的SELECT权力。GOGRANTSELECTONSPJTOMaryGO6)拒绝Mary对表P的INSERT权限。,将查询和更新SC表的权限授予角