This document discusses various countermeasures for database security including authorization, authentication, backups, journalizing, encryption, RAID technology, user-defined procedures, and checkpoints. It also discusses responses to different types of database failures such as aborted transactions, incorrect data, system failures with the database intact, and total database destruction. The preferred and alternative recovery approaches are outlined for each failure scenario.

1. 2. Countermeasures
♦ Countermeasures - computer based controlsAuthorization
The granting of a right or privilege, which enables a subject to
legitimately have access to a system or a system’s object.
Authentication
A mechanism that determines whether a user is who he or she
claims to be.
View
Dynamic result of one or more relational operations operating on
the base relations to produce another relation.
A virtual relation that does not actually exist in the database, but is
produced upon request by a particular user, at the time of request.

2. 2. Countermeasures
♦ Countermeasures - computer based controlsBackup
Process of periodically taking a copy of the database and log file (and
possibly programs) to offline storage media.
Journalizing
Process of keeping and maintaining a log file (or journal) of all
changes made to database to enable effective recovery in event of
failure.
Integrity
Prevents data from becoming invalid, and hence giving misleading or
incorrect results.

3. 2. Countermeasures
♦ Countermeasures - computer based controlsEncryption
The encoding of the data by a special algorithm that renders the data
unreadable by any program without the decryption key.
Raid (redundant array of independent disks) technology
One solution is to provide a large disk array comprising an
arrangement of several independent disks organized to improve
reliability and increase performance.
- Performance is increased through data striping. Reliability is
improved through storing redundant information across the
disks using a parity scheme or an error-correcting scheme.

4. 2. Countermeasures
♦ Countermeasures - computer based controlsUser-defined procedures
Some DBMSs also provide capabilities for user-defined procedures
to customize the authorization process
Check point
DBMS periodically refuses to accept new transactions
 system is in a quiet state
Database and transaction logs are synchronized.

5. 3. Database Failure Responses
♦ Database Failure Responses
Aborted transactions
Preferred recovery: rollback
Alternative: roll forward to state just prior to abort
Incorrect data
Preferred recovery: rollback
Alternative 1: re-run transactions not including inaccurate data
updates
Alternative 2: compensating transactions

6. 3. Database Failure Responses
♦ Database Failure Responses
System failure (database intact)
Preferred recovery: switch to duplicate database
Alternative 1: rollback
Alternative 2: restart from checkpoint
Database destruction
Preferred recovery: switch to duplicate database
Alternative 1: roll forward
Alternative 2: reprocess transactions