Database security
Upcoming SlideShare
Loading in...5

Like this? Share it with your network


Database security



Negative database for data security....

Negative database for data security....



Total Views
Views on SlideShare
Embed Views



0 Embeds 0

No embeds



Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
  • Did you have any other references please help me >>>> ??
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment

Database security Presentation Transcript

  • 1. NEGATIVE DATABASE FOR DATA SECURITY Shivnandan Singh Chauhan Mtech (CSE) 1201102021 5/27/2014 1 ShivnandanSingh
  • 2. DATABASE  A database is an organized collection of data. The data is typically organized to model relevant aspects of reality in a way that supports processes requiring this information. 5/27/2014 2 ShivnandanSingh
  • 3. NEGATIVE DATABASE  A negative database can be defined as a database that contains huge amount of data which consists of counterfeit data along with the actual data.  A few approaches that describe this concept have been proposed but have not yet been implemented to work for real world databases. 5/27/2014 3 ShivnandanSingh
  • 4. DATABASE SECURITY IMPORTANCE  Database Security has become an important issue in today’s world. Organizations have become highly dependent on the database for their daily operations.  The objective of database security is to prevent undesired information disclosure and modification of data while ensuring the availability of the necessary service. With the increase in the use of World Wide Web in recent years emphasize the web database security. 5/27/2014 4 ShivnandanSingh
  • 5. CLASSIFICATION SCHEME In best of my knowledge database security are classified based on the type of information security and models.  Encryption  Negative Database  Web-based Database Security  Authentication and Access Control  Timeliness and Security in Real-time Database Systems  Testing Schemes for SQL Injections 5/27/2014 5 ShivnandanSingh
  • 6. ENCRYPTION  This is the process of transforming plain text information using encryption algorithms (called cipher) to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key.  The traditional database systems using plain text have many threats of data corruption and collapse of database. To avoid these threats, the data is stored in encrypted form in the database. 5/27/2014 6 ShivnandanSingh
  • 7. WEB-BASED DATABASE SECURITY  Some Methods are proposed to establish security of Web database against illegitimate intrusion.  The data transmission from server to the client should be in a secured way (use Secure Socket Layer).  Host identity of an end system should be authenticated. 5/27/2014 7 ShivnandanSingh
  • 8. TESTING SCHEMES FOR SQL INJECTIONS  SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an application. 5/27/2014 8 ShivnandanSingh
  • 9. TESTING SCHEME TO STOP SQL INJECTIONS IN THE BEGINNING  Database Security Testing Scheme to detect potential input points of SQL injection, automatically generate test cases and find vulnerability of databases by running these test cases to make a simulation attack to an application. 5/27/2014 9 ShivnandanSingh
  • 10. CONCEPT OF NEGATIVE DATABASE TO HELP PREVENT DATA THEFT A framework which manipulates the original data and stores it in a database. This framework mainly consists of four modules  Database catching  Virtual database encryption  Database Encryption algorithm  Negative Database conversion algorithm. 5/27/2014 10 ShivnandanSingh
  • 11. ARCHITECTURE 5/27/2014 11 ShivnandanSingh
  • 12. DATABASE CACHING  In our framework we are using system-derived timestamps as keys. Thus the complexity of the database caching algorithm O(n), when the whole database needs to be searched for a particular tuple. 5/27/2014 12 ShivnandanSingh
  • 13. VIRTUAL DATABASE ENCRYPTION  This layer depends on the timestamp generation and the conversion of the data into ASCII values. Thus the computation time is O(n) where n is the length of the used password. 5/27/2014 13 ShivnandanSingh
  • 14. AUTHENTICATION AND ACCESS CONTROL  Authentication is used to check properly the identity of the user and Access Control controls the user actions or operations. Access Control gives different privileges to different authenticated users. 5/27/2014 14 ShivnandanSingh
  • 15. Questions or Comments? 5/27/2014 15 ShivnandanSingh