what is security of database system
how we can handle database security
how database security can be check
what are the countermeasures of database security
2. Introduction
Database:
It is a collection Of information stored in a Computer.
What is Security ?
It is being free from danger.
Database security
It is mechanism that protect the database
against intentional or accidental threats.
3. Why need of database Security?
If there is no security to database What Happens ???
Data will be easily corrupted
It is important to restrict access to the database from
authorized users to protect sensitive data.
4.
5. Main aspects of database security
Theft and Fraud
Loss of confidentiality
Loss of privacy
Loss of integrity
Loss of availability
6. Threats
Threat is
any intentional or accidental event that may
adversely affect the system
Examples of threats:
- Using another person’s log-in name to
access data
- Unauthorized copying data
- Program/Data alteration
- Illegal entry by hacker
-Viruses
7. There are two kinds of threat
Non-fraudulent threat:
Natural or accidental disasters
Error or bugs in hardware or software.
Human errors
Fraudulent threat.
Authorized Users
Those who abuse their authority.
Hostile agents
Those improper users(outsider or insiders).
Who attack the software and hardware system, or read or write data in a database.
8. Loss of confidentiality
It is protecting data from unauthorized users.
Ensures that the users are allowed to do things they
are trying to do.
Encryption is a technique or a process by which the
data is encoded in such a way that only that
authorized users are able to read data.
9. Loss of integrity
It is protecting data from unauthorized users.
Ensures that what users are trying to do is
correct.
For example
An employee should be able to modify his or her own information
10. Loss of availability
Database must have not unplanned downtime.
To ensure this following steps should be taken.
Restrict the amount of the storage space given to each user in
the database.
Limit the number of concurrent sessions made available to
each database user.
Back up the data at periodic intervals to ensure data recovery
in case of application users.
12. Authorization
The granting of a privilege that enable a user to have
a legitimate
access to a system.
They are sometimes referred as access controls.
The process of authorization involves authenticating
the user
requesting access to objects.
14. Closed Vs Open Systems
Closed Systems:
Some DBMS required authorization for authorized DBMS users
to access specific objects.
Open Systems:
Allow users to have complete access to all objects within the
database.
15. Views
The view mechanism provides a powerful and flexible security
mechanism by hiding parts of the database from certain
users.
The user is not aware of the existence of any
attributes or rows
that are missing from the view
16. Backup & Recovery
Is the process of periodically taking a
copy of the database and log
file on to offline storage media.
DBMS should provide backup facilities to
assist with the recovery
of a database failure.
18. Encryption
The encoding of data by a special
algorithm that renders the data
unreadable by any program without the
decryption key.
It also protects the data transmitted over
communication lines.
19. RAID
Redundant Array of Independent Disks
The hardware that the DBMS is running on must be fault-tolerant,
meaning that the DBMS should continue to operate even if one
of the hardware components fails.
One solution is the use of RAID technology.
RAID works on having a large disk array comprising an
arrangement of several independent disks that are organized to
improve reliability and at the same time increase performance.
