This document presents a database security framework developed by the authors to secure a student information database. The framework combines various security mechanisms to enforce confidentiality, integrity, and availability (CIA) of the data. The framework was tested on exam officers who were either granted or denied access based on correct or incorrect login details, demonstrating the effectiveness of the security measures. The framework models the database system using use case and class diagrams and divides it into three layers - the presentation layer, application logic layer, and data/domain layer. The results indicate the framework successfully authenticates authorized users and restricts unauthorized access in line with the CIA principles.
Database Security—Concepts,Approaches, and ChallengesElisaOllieShoresna
Database Security—Concepts,
Approaches, and Challenges
Elisa Bertino, Fellow, IEEE, and Ravi Sandhu, Fellow, IEEE
Abstract—As organizations increase their reliance on, possibly distributed, information systems for daily business, they become more
vulnerable to security breaches even as they gain productivity and efficiency advantages. Though a number of techniques, such as
encryption and electronic signatures, are currently available to protect data when transmitted across sites, a truly comprehensive
approach for data protection must also include mechanisms for enforcing access control policies based on data contents, subject
qualifications and characteristics, and other relevant contextual information, such as time. It is well understood today that the
semantics of data must be taken into account in order to specify effective access control policies. Also, techniques for data integrity
and availability specifically tailored to database systems must be adopted. In this respect, over the years the database security
community has developed a number of different techniques and approaches to assure data confidentiality, integrity, and availability.
However, despite such advances, the database security area faces several new challenges. Factors such as the evolution of security
concerns, the “disintermediation” of access to data, new computing paradigms and applications, such as grid-based computing and on-
demand business, have introduced both new security requirements and new contexts in which to apply and possibly extend current
approaches. In this paper, we first survey the most relevant concepts underlying the notion of database security and summarize the
most well-known techniques. We focus on access control systems, on which a large body of research has been devoted, and describe
the key access control models, namely, the discretionary and mandatory access control models, and the role-based access control
(RBAC) model. We also discuss security for advanced data management systems, and cover topics such as access control for XML.
We then discuss current challenges for database security and some preliminary approaches that address some of these challenges.
Index Terms—Data confindentiality, data privacy, relational and object databases, XML.
�
1 INTRODUCTION
AS organizations increase their adoption of databasesystems as the key data management technology for
day-to-day operations and decision making, the security of
data managed by these systems becomes crucial. Damage
and misuse of data affect not only a single user or
application, but may have disastrous consequences on the
entire organization. The recent rapid proliferation of Web-
based applications and information systems have further
increased the risk exposure of databases and, thus, data
protection is today more crucial than ever. It is also
important to appreciate that data needs to be protected
not only from external threats, but also from insider threats ...
DATABASE SECURITY - ATTACKS AND CONTROL METHODSijistjournal
In today's world, data is generated at a very rapid speed and final destination of such data is database. Data is stored in database for easy and efficient way to manage these data. All the operations of data manipulation and maintenance are done using Database Management System. Considering the importance of data in organization, it is absolutely essential to secure the data present in the database. A secure database is the one which is reciprocated from different possible database attacks. Security models are required to develop for databases. These models are different in many aspects as they are dealing with different issues of the database security. They may different also because of they are taking different assumptions about what constitutes a secure database. So, it becomes very difficult for database security seekers to select appropriate model for securing their database. In this paper, we have discussed some of the attacks that can be possible with its counter measures and its control methods that can be possible. Securing database is important approach for the planning of explicit and directive based database security requirements. Ensuring security for database is very critical issues for the companies. As complexity of database increases, we may tend to have more complex security issues of database.
Running head NETWORK INFRASTRUTCTURE AND SECURITYNETWORK INFR.docxtoltonkendal
Running head: NETWORK INFRASTRUTCTURE AND SECURITY
NETWORK INFRASTRUTCTURE AND SECURITY 11
Project Deliverable 4: Infrastructure and Security
CIS498
June 4, 2017
Introduction
Knight Inc will be growing in the next few years and it will require robust and reliable network infrastructure. The company will need to be sure that it data can be accessed and handled in an environment that is safe and technically sound. The solutions will need to be up to date and be updated regularly. Security is very important and it will be paid the utmost attention to ensure that no bad elements are allowed into the network to cause damage and endanger the company’s data and infrastructure.
Logical and Physical Topographical Layout
Star topology will be used for the physical network. This is where all devices in a network are connected to a central hub. All resources are drawn from this hub including bandwidth that allows access to cloud resources. Star topology simplifies the matter of network management as everything can be deployed from the central hub(Shinde, 2014).
Bus topology will be used for the logical network. It is a topology where a backbone is the anchor on which computers connect to and request data and other resources. The logical network exists on a different subnet and as such can have different topology than the physical network. Computers are identified by IP addresses. Bus topology is good as it provides the computers with capabilities to access data as they need it by simply requesting (Shinde, 2014).
Figure 1 - Physical Layout
Figure 2 - Logical Layout
Network Components
Incorrectly deployed and configured firewalls and intrusion detection systems can be vulnerabilities to their networks. Given that they are meant to monitor traffic coming to and from the network and determine the harmful ones, this will not be accomplished. This makes it easy for malware to access the system. Fixing this requires that the firewall and the intrusion detection system be regularly checked for any signs of vulnerabilities and be fixed accordingly. (Peltier, 2013).
New devices like smartphones and tablets can also cause problems for the network. These are usually used when the company has its operations hosted on a cloud. This then allows for access to data from a variety of devices, which is every device that can access the internet. For companies that allow its employees to use personal devices to access work data, they are especially vulnerable. Viruses could easily be uploaded to the cloud without even the device owner realizing. The fix is to ensure that all mobile devices used to access the cloud are company issued so that they can be assessed and equipped with the necessary security measures (Peltier, 2013).
Old credentials could be used to access the network discreetly without raising suspicions, these could be the credentials of employees that have lef ...
Database Security—Concepts,Approaches, and ChallengesElisaOllieShoresna
Database Security—Concepts,
Approaches, and Challenges
Elisa Bertino, Fellow, IEEE, and Ravi Sandhu, Fellow, IEEE
Abstract—As organizations increase their reliance on, possibly distributed, information systems for daily business, they become more
vulnerable to security breaches even as they gain productivity and efficiency advantages. Though a number of techniques, such as
encryption and electronic signatures, are currently available to protect data when transmitted across sites, a truly comprehensive
approach for data protection must also include mechanisms for enforcing access control policies based on data contents, subject
qualifications and characteristics, and other relevant contextual information, such as time. It is well understood today that the
semantics of data must be taken into account in order to specify effective access control policies. Also, techniques for data integrity
and availability specifically tailored to database systems must be adopted. In this respect, over the years the database security
community has developed a number of different techniques and approaches to assure data confidentiality, integrity, and availability.
However, despite such advances, the database security area faces several new challenges. Factors such as the evolution of security
concerns, the “disintermediation” of access to data, new computing paradigms and applications, such as grid-based computing and on-
demand business, have introduced both new security requirements and new contexts in which to apply and possibly extend current
approaches. In this paper, we first survey the most relevant concepts underlying the notion of database security and summarize the
most well-known techniques. We focus on access control systems, on which a large body of research has been devoted, and describe
the key access control models, namely, the discretionary and mandatory access control models, and the role-based access control
(RBAC) model. We also discuss security for advanced data management systems, and cover topics such as access control for XML.
We then discuss current challenges for database security and some preliminary approaches that address some of these challenges.
Index Terms—Data confindentiality, data privacy, relational and object databases, XML.
�
1 INTRODUCTION
AS organizations increase their adoption of databasesystems as the key data management technology for
day-to-day operations and decision making, the security of
data managed by these systems becomes crucial. Damage
and misuse of data affect not only a single user or
application, but may have disastrous consequences on the
entire organization. The recent rapid proliferation of Web-
based applications and information systems have further
increased the risk exposure of databases and, thus, data
protection is today more crucial than ever. It is also
important to appreciate that data needs to be protected
not only from external threats, but also from insider threats ...
DATABASE SECURITY - ATTACKS AND CONTROL METHODSijistjournal
In today's world, data is generated at a very rapid speed and final destination of such data is database. Data is stored in database for easy and efficient way to manage these data. All the operations of data manipulation and maintenance are done using Database Management System. Considering the importance of data in organization, it is absolutely essential to secure the data present in the database. A secure database is the one which is reciprocated from different possible database attacks. Security models are required to develop for databases. These models are different in many aspects as they are dealing with different issues of the database security. They may different also because of they are taking different assumptions about what constitutes a secure database. So, it becomes very difficult for database security seekers to select appropriate model for securing their database. In this paper, we have discussed some of the attacks that can be possible with its counter measures and its control methods that can be possible. Securing database is important approach for the planning of explicit and directive based database security requirements. Ensuring security for database is very critical issues for the companies. As complexity of database increases, we may tend to have more complex security issues of database.
Running head NETWORK INFRASTRUTCTURE AND SECURITYNETWORK INFR.docxtoltonkendal
Running head: NETWORK INFRASTRUTCTURE AND SECURITY
NETWORK INFRASTRUTCTURE AND SECURITY 11
Project Deliverable 4: Infrastructure and Security
CIS498
June 4, 2017
Introduction
Knight Inc will be growing in the next few years and it will require robust and reliable network infrastructure. The company will need to be sure that it data can be accessed and handled in an environment that is safe and technically sound. The solutions will need to be up to date and be updated regularly. Security is very important and it will be paid the utmost attention to ensure that no bad elements are allowed into the network to cause damage and endanger the company’s data and infrastructure.
Logical and Physical Topographical Layout
Star topology will be used for the physical network. This is where all devices in a network are connected to a central hub. All resources are drawn from this hub including bandwidth that allows access to cloud resources. Star topology simplifies the matter of network management as everything can be deployed from the central hub(Shinde, 2014).
Bus topology will be used for the logical network. It is a topology where a backbone is the anchor on which computers connect to and request data and other resources. The logical network exists on a different subnet and as such can have different topology than the physical network. Computers are identified by IP addresses. Bus topology is good as it provides the computers with capabilities to access data as they need it by simply requesting (Shinde, 2014).
Figure 1 - Physical Layout
Figure 2 - Logical Layout
Network Components
Incorrectly deployed and configured firewalls and intrusion detection systems can be vulnerabilities to their networks. Given that they are meant to monitor traffic coming to and from the network and determine the harmful ones, this will not be accomplished. This makes it easy for malware to access the system. Fixing this requires that the firewall and the intrusion detection system be regularly checked for any signs of vulnerabilities and be fixed accordingly. (Peltier, 2013).
New devices like smartphones and tablets can also cause problems for the network. These are usually used when the company has its operations hosted on a cloud. This then allows for access to data from a variety of devices, which is every device that can access the internet. For companies that allow its employees to use personal devices to access work data, they are especially vulnerable. Viruses could easily be uploaded to the cloud without even the device owner realizing. The fix is to ensure that all mobile devices used to access the cloud are company issued so that they can be assessed and equipped with the necessary security measures (Peltier, 2013).
Old credentials could be used to access the network discreetly without raising suspicions, these could be the credentials of employees that have lef ...
Excel Data Reporting Assignment 3 Data Analysis (Feasibility .docxgitagrimston
Excel Data Reporting: Assignment 3 Data Analysis (Feasibility Study Data
Reporting)
Assignment Checklist:
☐ Am I submitting my Excel workbook AND delivery of strategy (delivery can be
a paper or a podcast)?
☐ Did I place all of my files into a folder and then compress that folder to upload
to the FSO platform?
☐ Did I include messages in my chart titles to persuade my audience?
☐ Did I use projection formulas as well as percent change formulas to analyze
the company's financials?
☐ Did I review the Worksheet Design Guidelines before submitting my Excel
workbook?
☐ Did I use the correct chart types for my data?
☐ Did I properly format my axes so my audience will know how the data is being
measured? (For example: dollar figures include dollar signs, percentages show
the percent symbol)
☐ Do the Excel Data file and delivery form I'm presenting tell a persuasive
story?
☐ Did I include citations and references for all of the sources I used for my
data?
Your introduction to the topic provides background information and prepares the reader for what follows. After discussing the OS vulnerabilities, you describe the threats to your environment. As you say, you can prevent weak password by setting up the security policies to enforce strong policies and this is so easy to implement that you can remove the threat right away. Instead of 'Week', try 'Weak'. You have very good material. The only item missed was the prioritization of the threats to decide which ones to mitigate. Good references and citations. Grade: 05/05 – Document Organization 15/15 – OS for Security 35/35 – OS Security Risks 34/35 – Mitigation Strategy 10/10 – Mechanics 99%
Operating System Security
Operating system security can be defined as the various sets of protection mechanisms or techniques employed by system administrators to prevent information theft and unauthorized resource access. All systems and especially in distributed systems require some measure of security that only allows authorized data manipulation and availability to employees of a company. Jinx will also need to secure its system to prevent both external and internal threats.
Services that are mostly focus on in system security include;
· Authentication: This is the validation of system servers or the identity of users or information/data senders within an organization.
· Availability: Authorized users of a system should be able to access information freely in addition to withholding it from unauthorized access. This also includes shared resources in the system.
· Authorization: This can also be referred to as Access Control. Organizations can limit the number of people access the network resources by simply verifying users when logging into the system. Using passwords and usernames is one way of controlling unauthorized access to computers and the system. However, authentication does not always guarantee a user full access to network resources or da ...
This ppt contains information about definition of computer & information security, types of attacks, services, mechanisms, controls and model for network security
1 hour ago
Srinivas Goud Thadakapally
week 3 discussion
COLLAPSE
Top of Form
Separation in a network is essential, of course. It would be more annoyed with that much knowledgeability and security features if it were only about security. However, it makes this network much more flexible, and in some ways makes it more secure. It reduces the potential for internal and external attacks on the same network and makes it harder for someone to take over the network. Furthermore, this separation keeps our data away from third parties. Separation of access is essential in a network, for example, to ensure that a user cannot access the whole network. It is common for specific applications and software installations on the personal computer to operate in the background. In this regard, it is possible to customize the software operating mode to make the software operation hidden to not be visible to the user. No one server or group of servers is going to have to withstand many other servers. The first line of defense in any IT environment is resource partitioning to enable critical infrastructure to handle all requests without overloading the primary server (Jaeger et al., 2016).
Separation is basically the process of using multiple processes with some type of separation for Process separation of access to objects and data. Separation (or transient segregation) can occur in both physical and logical network segments. The trick with security is to keep it away from the IT infrastructure. For example, a firewall is still strictly considered a technical security tool because it is not supposed to affect business activities. it is possible to separate administrative control, physical systems, and data between those with different roles within the organization. The behavior within the network is like partitioning an IT environment into discrete services, although some elements of this concept have not been adopted in Active Directory–in particular, policies and modules. A system administrator can move control of the administrative control of physical systems or systems within the network to a different server. However, when implementing security controls on deployments, it becomes essential to understand the scale at which the resources need to be distributed. Simply put, separation makes IT more secure (Liu et al., 2019).
References
Jaeger, B., Kraft, R., Luhn, S., Selzer, A., & Waldmann, U. (2016, August). Access Control and Data Separation Metrics in Cloud Infrastructures. In 2016 11th International Conference on Availability, Reliability, and Security (ARES) (pp. 205-210). IEEE.
Liu, W., Zhang, K., Tu, B., & Lin, K. (2019, August). HyperPS: A Hypervisor Monitoring Approach Based on Privilege Separation. In 2019 IEEE 21st International Conference on High-Performance Computing and Communications; IEEE 17th International Conference on Smart City; IEEE 5th International Conference on Data Science and Systems (HPCC/SmartCity/DSS) (pp. 981-988). IEEE.
Bott.
1 hour ago
Srinivas Goud Thadakapally
week 3 discussion
COLLAPSE
Top of Form
Separation in a network is essential, of course. It would be more annoyed with that much knowledgeability and security features if it were only about security. However, it makes this network much more flexible, and in some ways makes it more secure. It reduces the potential for internal and external attacks on the same network and makes it harder for someone to take over the network. Furthermore, this separation keeps our data away from third parties. Separation of access is essential in a network, for example, to ensure that a user cannot access the whole network. It is common for specific applications and software installations on the personal computer to operate in the background. In this regard, it is possible to customize the software operating mode to make the software operation hidden to not be visible to the user. No one server or group of servers is going to have to withstand many other servers. The first line of defense in any IT environment is resource partitioning to enable critical infrastructure to handle all requests without overloading the primary server (Jaeger et al., 2016).
Separation is basically the process of using multiple processes with some type of separation for Process separation of access to objects and data. Separation (or transient segregation) can occur in both physical and logical network segments. The trick with security is to keep it away from the IT infrastructure. For example, a firewall is still strictly considered a technical security tool because it is not supposed to affect business activities. it is possible to separate administrative control, physical systems, and data between those with different roles within the organization. The behavior within the network is like partitioning an IT environment into discrete services, although some elements of this concept have not been adopted in Active Directory–in particular, policies and modules. A system administrator can move control of the administrative control of physical systems or systems within the network to a different server. However, when implementing security controls on deployments, it becomes essential to understand the scale at which the resources need to be distributed. Simply put, separation makes IT more secure (Liu et al., 2019).
References
Jaeger, B., Kraft, R., Luhn, S., Selzer, A., & Waldmann, U. (2016, August). Access Control and Data Separation Metrics in Cloud Infrastructures. In 2016 11th International Conference on Availability, Reliability, and Security (ARES) (pp. 205-210). IEEE.
Liu, W., Zhang, K., Tu, B., & Lin, K. (2019, August). HyperPS: A Hypervisor Monitoring Approach Based on Privilege Separation. In 2019 IEEE 21st International Conference on High-Performance Computing and Communications; IEEE 17th International Conference on Smart City; IEEE 5th International Conference on Data Science and Systems (HPCC/SmartCity/DSS) (pp. 981-988). IEEE.
Bott.
Running head DATA INTEGRITY THREATS TO ORGANIZATIONS1DATA INTE.docxtodd271
Running head: DATA INTEGRITY THREATS TO ORGANIZATIONS1
DATA INTEGRITY THREATS TO ORGANIZATIONS10
Data Integrity Threats To Organizations
Student’s Name
Institutional Affiliation
Abstract
The purpose of this paper is to define data integrity and to explain in detail its importance to any particular organization or enterprise. This paper goes into detail and discusses the main threats to data integrity which include cyber-attacks, transfer errors, human error, compromised hardware and malware.
Solution
s to these threats are also highlighted and the possible recommendations are given. The data collected for the purpose of this research paper came from questionnaires and literature reviews. The paper makes use of the qualitative research methodology based on the data collected from the questionnaires, literatures and interviews. Threats to data integrity are seen to have adverse effects on the productivity and profitability of many organizations.
Data Integrity Threats To Organizations
Introduction
Data integrity is defined as the accuracy and consistency of data throughout its lifecycle. Data integrity is the core aspect of cyber security. It is important in the design, implementation and utilization of systems that process, store and retrieves data. There are many threats to data integrity and they include cyber-attacks, transfer errors, human error, compromised hardware and malware. Data integrity has a great impact to organizations in terms of its operations and decision making processes (Nedal & Sail, 2013). Data integrity is important to organizations in terms of productivity and operations since these activities rely on sound decision making processes made by the management based on real time data available to them. Inaccurate data based on data lacking data integrity has adverse effects on an organization progress since wrong organizational decisions would be made. It is therefore important for organizations to make data security a priority in their information systems. Organizations can prioritize data security by establishing cyber security teams or outsourcing the services to a third party who would protect and mitigate the threats associated to cyber security.
Thesis
Data integrity refers to the accuracy and consistency of data throughout its lifecycle and it can be compromised by threats such as human error, cyber-attacks, compromised hardware and malware.
Importance of Data Integrity
Data integrity is considered to be both a process and a state. As a state, data integrity can be both accurate and valid whereas as a process, data integrity is described as the measures taken to ensure that a data set or all the data in a database or construct is valid and accurate. It is important for organizations and enterprises to consider data integrity whether as a state or as a process because it ensures the traceability recoverability and searchability of data (Kavale, 2012). The validity and accuracy of data, which is essentia.
Running head DATA INTEGRITY THREATS TO ORGANIZATIONS1DATA INTE.docxhealdkathaleen
Running head: DATA INTEGRITY THREATS TO ORGANIZATIONS1
DATA INTEGRITY THREATS TO ORGANIZATIONS10
Data Integrity Threats To Organizations
Student’s Name
Institutional Affiliation
Abstract
The purpose of this paper is to define data integrity and to explain in detail its importance to any particular organization or enterprise. This paper goes into detail and discusses the main threats to data integrity which include cyber-attacks, transfer errors, human error, compromised hardware and malware.
Solution
s to these threats are also highlighted and the possible recommendations are given. The data collected for the purpose of this research paper came from questionnaires and literature reviews. The paper makes use of the qualitative research methodology based on the data collected from the questionnaires, literatures and interviews. Threats to data integrity are seen to have adverse effects on the productivity and profitability of many organizations.
Data Integrity Threats To Organizations
Introduction
Data integrity is defined as the accuracy and consistency of data throughout its lifecycle. Data integrity is the core aspect of cyber security. It is important in the design, implementation and utilization of systems that process, store and retrieves data. There are many threats to data integrity and they include cyber-attacks, transfer errors, human error, compromised hardware and malware. Data integrity has a great impact to organizations in terms of its operations and decision making processes (Nedal & Sail, 2013). Data integrity is important to organizations in terms of productivity and operations since these activities rely on sound decision making processes made by the management based on real time data available to them. Inaccurate data based on data lacking data integrity has adverse effects on an organization progress since wrong organizational decisions would be made. It is therefore important for organizations to make data security a priority in their information systems. Organizations can prioritize data security by establishing cyber security teams or outsourcing the services to a third party who would protect and mitigate the threats associated to cyber security.
Thesis
Data integrity refers to the accuracy and consistency of data throughout its lifecycle and it can be compromised by threats such as human error, cyber-attacks, compromised hardware and malware.
Importance of Data Integrity
Data integrity is considered to be both a process and a state. As a state, data integrity can be both accurate and valid whereas as a process, data integrity is described as the measures taken to ensure that a data set or all the data in a database or construct is valid and accurate. It is important for organizations and enterprises to consider data integrity whether as a state or as a process because it ensures the traceability recoverability and searchability of data (Kavale, 2012). The validity and accuracy of data, which is essentia ...
Running head Cryptography1Cryptography16.docxhealdkathaleen
Running head: Cryptography 1
Cryptography 16
Cryptography
Aisha Tate
UMUC
August 29, 2019
Hi Aisha
I am puzzled – didn’t we talk about a focused report for a particular organization? Did you review the table below. Please continue to work to improve your research skills and find peer-reviewed/scholarly resources to support your work.
Best wishes,
Dr K
Student Name: Aisha Tate
Date: 18-Sep-2019
This form provides the same classroom instructions in a checklist form to help students and professors quickly evaluate a submission
Project 5: Requires the Following TWO Pieces
Areas to Improve
1. Paper
2. Lab Experience Report with Screenshots
1. Paper
IT Systems Architecture
You will provide this information in tabular format and call it the Network Security and Vulnerability Threat Table
security architecture of the organization
the cryptographic means of protecting the assets of the organization
the types of known attacks against those types of protections
means to ward off the attacks
Include and define the following components of security in the architecture of your organization, and explain if threats to these components are likely, or unlikely:
LAN security
identity management
physical security
personal security
availability
privacy
Then list the security defenses you employ in your organization to mitigate these types of attacks.
Needs better research and writing skills
Plan of Protection
Learn more about the transmission of files that do not seem suspicious but that actually have embedded malicious payload, undetectable to human hearing or vision. This type of threat can enter your organization’s networks and databases undetected through the use of steganography or data hiding. You should include this type of threat vector to an organization in your report to leadership.
No details on organization or strategy?
Provide the leadership of your organization with your plan for protecting identity, access, authorization and nonrepudiation of information transmission, storage, and usage
Data Hiding Technologies
describe to your organization the various cryptographic means of protecting its assets. descriptions will be included in the network security vulnerability and threat table for leadership
Basic elements explained
Encryption Technologies
1. Shift / Caesar cipher
2. Polyalphabetic cipher
3. One time pad cipher/Vernam cipher/perfect cipher
4. Block ciphers
5. triple DES
6. RSA
7. Advanced Encryption Standard (AES)
8. Symmetric encryption
9. Text block coding
Data Hiding Technologies
1. Information hiding and steganography
2. Digital watermarking
3. Masks and filtering
Network Security Vulnerability and Threat Table
Describe the various cryptographic means of protecting its assets. descriptions will be included in the network security vulnerability and threat table for leadership
Basic information provided
Encryption Technologies
1. Shift / Caesar cipher
2. Polyalphabetic ...
Module 3 Lectures 6 hrs.
Infrastructure and Network Security: Introduction to System Security, Server Security,
OS Security, Physical Security, Introduction to Networks, Network packet Sniffing,
Network Design Simulation. DOS/DDOS attacks. Asset Management and Audits,
Vulnerabilities and Attacks. Intrusion detection and Prevention Techniques, Host based
Intrusion prevention Systems, Security Information Management, Network Session
Analysis, System Integrity Validation.
Open Source/ Free/ Trial Tools: DOS Attacks, DDOS attacks, Wireshark, Cain & abel,
iptables/
Windows Firewall, snort, suricata, fail2ban
Excel Data Reporting Assignment 3 Data Analysis (Feasibility .docxgitagrimston
Excel Data Reporting: Assignment 3 Data Analysis (Feasibility Study Data
Reporting)
Assignment Checklist:
☐ Am I submitting my Excel workbook AND delivery of strategy (delivery can be
a paper or a podcast)?
☐ Did I place all of my files into a folder and then compress that folder to upload
to the FSO platform?
☐ Did I include messages in my chart titles to persuade my audience?
☐ Did I use projection formulas as well as percent change formulas to analyze
the company's financials?
☐ Did I review the Worksheet Design Guidelines before submitting my Excel
workbook?
☐ Did I use the correct chart types for my data?
☐ Did I properly format my axes so my audience will know how the data is being
measured? (For example: dollar figures include dollar signs, percentages show
the percent symbol)
☐ Do the Excel Data file and delivery form I'm presenting tell a persuasive
story?
☐ Did I include citations and references for all of the sources I used for my
data?
Your introduction to the topic provides background information and prepares the reader for what follows. After discussing the OS vulnerabilities, you describe the threats to your environment. As you say, you can prevent weak password by setting up the security policies to enforce strong policies and this is so easy to implement that you can remove the threat right away. Instead of 'Week', try 'Weak'. You have very good material. The only item missed was the prioritization of the threats to decide which ones to mitigate. Good references and citations. Grade: 05/05 – Document Organization 15/15 – OS for Security 35/35 – OS Security Risks 34/35 – Mitigation Strategy 10/10 – Mechanics 99%
Operating System Security
Operating system security can be defined as the various sets of protection mechanisms or techniques employed by system administrators to prevent information theft and unauthorized resource access. All systems and especially in distributed systems require some measure of security that only allows authorized data manipulation and availability to employees of a company. Jinx will also need to secure its system to prevent both external and internal threats.
Services that are mostly focus on in system security include;
· Authentication: This is the validation of system servers or the identity of users or information/data senders within an organization.
· Availability: Authorized users of a system should be able to access information freely in addition to withholding it from unauthorized access. This also includes shared resources in the system.
· Authorization: This can also be referred to as Access Control. Organizations can limit the number of people access the network resources by simply verifying users when logging into the system. Using passwords and usernames is one way of controlling unauthorized access to computers and the system. However, authentication does not always guarantee a user full access to network resources or da ...
This ppt contains information about definition of computer & information security, types of attacks, services, mechanisms, controls and model for network security
1 hour ago
Srinivas Goud Thadakapally
week 3 discussion
COLLAPSE
Top of Form
Separation in a network is essential, of course. It would be more annoyed with that much knowledgeability and security features if it were only about security. However, it makes this network much more flexible, and in some ways makes it more secure. It reduces the potential for internal and external attacks on the same network and makes it harder for someone to take over the network. Furthermore, this separation keeps our data away from third parties. Separation of access is essential in a network, for example, to ensure that a user cannot access the whole network. It is common for specific applications and software installations on the personal computer to operate in the background. In this regard, it is possible to customize the software operating mode to make the software operation hidden to not be visible to the user. No one server or group of servers is going to have to withstand many other servers. The first line of defense in any IT environment is resource partitioning to enable critical infrastructure to handle all requests without overloading the primary server (Jaeger et al., 2016).
Separation is basically the process of using multiple processes with some type of separation for Process separation of access to objects and data. Separation (or transient segregation) can occur in both physical and logical network segments. The trick with security is to keep it away from the IT infrastructure. For example, a firewall is still strictly considered a technical security tool because it is not supposed to affect business activities. it is possible to separate administrative control, physical systems, and data between those with different roles within the organization. The behavior within the network is like partitioning an IT environment into discrete services, although some elements of this concept have not been adopted in Active Directory–in particular, policies and modules. A system administrator can move control of the administrative control of physical systems or systems within the network to a different server. However, when implementing security controls on deployments, it becomes essential to understand the scale at which the resources need to be distributed. Simply put, separation makes IT more secure (Liu et al., 2019).
References
Jaeger, B., Kraft, R., Luhn, S., Selzer, A., & Waldmann, U. (2016, August). Access Control and Data Separation Metrics in Cloud Infrastructures. In 2016 11th International Conference on Availability, Reliability, and Security (ARES) (pp. 205-210). IEEE.
Liu, W., Zhang, K., Tu, B., & Lin, K. (2019, August). HyperPS: A Hypervisor Monitoring Approach Based on Privilege Separation. In 2019 IEEE 21st International Conference on High-Performance Computing and Communications; IEEE 17th International Conference on Smart City; IEEE 5th International Conference on Data Science and Systems (HPCC/SmartCity/DSS) (pp. 981-988). IEEE.
Bott.
1 hour ago
Srinivas Goud Thadakapally
week 3 discussion
COLLAPSE
Top of Form
Separation in a network is essential, of course. It would be more annoyed with that much knowledgeability and security features if it were only about security. However, it makes this network much more flexible, and in some ways makes it more secure. It reduces the potential for internal and external attacks on the same network and makes it harder for someone to take over the network. Furthermore, this separation keeps our data away from third parties. Separation of access is essential in a network, for example, to ensure that a user cannot access the whole network. It is common for specific applications and software installations on the personal computer to operate in the background. In this regard, it is possible to customize the software operating mode to make the software operation hidden to not be visible to the user. No one server or group of servers is going to have to withstand many other servers. The first line of defense in any IT environment is resource partitioning to enable critical infrastructure to handle all requests without overloading the primary server (Jaeger et al., 2016).
Separation is basically the process of using multiple processes with some type of separation for Process separation of access to objects and data. Separation (or transient segregation) can occur in both physical and logical network segments. The trick with security is to keep it away from the IT infrastructure. For example, a firewall is still strictly considered a technical security tool because it is not supposed to affect business activities. it is possible to separate administrative control, physical systems, and data between those with different roles within the organization. The behavior within the network is like partitioning an IT environment into discrete services, although some elements of this concept have not been adopted in Active Directory–in particular, policies and modules. A system administrator can move control of the administrative control of physical systems or systems within the network to a different server. However, when implementing security controls on deployments, it becomes essential to understand the scale at which the resources need to be distributed. Simply put, separation makes IT more secure (Liu et al., 2019).
References
Jaeger, B., Kraft, R., Luhn, S., Selzer, A., & Waldmann, U. (2016, August). Access Control and Data Separation Metrics in Cloud Infrastructures. In 2016 11th International Conference on Availability, Reliability, and Security (ARES) (pp. 205-210). IEEE.
Liu, W., Zhang, K., Tu, B., & Lin, K. (2019, August). HyperPS: A Hypervisor Monitoring Approach Based on Privilege Separation. In 2019 IEEE 21st International Conference on High-Performance Computing and Communications; IEEE 17th International Conference on Smart City; IEEE 5th International Conference on Data Science and Systems (HPCC/SmartCity/DSS) (pp. 981-988). IEEE.
Bott.
Running head DATA INTEGRITY THREATS TO ORGANIZATIONS1DATA INTE.docxtodd271
Running head: DATA INTEGRITY THREATS TO ORGANIZATIONS1
DATA INTEGRITY THREATS TO ORGANIZATIONS10
Data Integrity Threats To Organizations
Student’s Name
Institutional Affiliation
Abstract
The purpose of this paper is to define data integrity and to explain in detail its importance to any particular organization or enterprise. This paper goes into detail and discusses the main threats to data integrity which include cyber-attacks, transfer errors, human error, compromised hardware and malware.
Solution
s to these threats are also highlighted and the possible recommendations are given. The data collected for the purpose of this research paper came from questionnaires and literature reviews. The paper makes use of the qualitative research methodology based on the data collected from the questionnaires, literatures and interviews. Threats to data integrity are seen to have adverse effects on the productivity and profitability of many organizations.
Data Integrity Threats To Organizations
Introduction
Data integrity is defined as the accuracy and consistency of data throughout its lifecycle. Data integrity is the core aspect of cyber security. It is important in the design, implementation and utilization of systems that process, store and retrieves data. There are many threats to data integrity and they include cyber-attacks, transfer errors, human error, compromised hardware and malware. Data integrity has a great impact to organizations in terms of its operations and decision making processes (Nedal & Sail, 2013). Data integrity is important to organizations in terms of productivity and operations since these activities rely on sound decision making processes made by the management based on real time data available to them. Inaccurate data based on data lacking data integrity has adverse effects on an organization progress since wrong organizational decisions would be made. It is therefore important for organizations to make data security a priority in their information systems. Organizations can prioritize data security by establishing cyber security teams or outsourcing the services to a third party who would protect and mitigate the threats associated to cyber security.
Thesis
Data integrity refers to the accuracy and consistency of data throughout its lifecycle and it can be compromised by threats such as human error, cyber-attacks, compromised hardware and malware.
Importance of Data Integrity
Data integrity is considered to be both a process and a state. As a state, data integrity can be both accurate and valid whereas as a process, data integrity is described as the measures taken to ensure that a data set or all the data in a database or construct is valid and accurate. It is important for organizations and enterprises to consider data integrity whether as a state or as a process because it ensures the traceability recoverability and searchability of data (Kavale, 2012). The validity and accuracy of data, which is essentia.
Running head DATA INTEGRITY THREATS TO ORGANIZATIONS1DATA INTE.docxhealdkathaleen
Running head: DATA INTEGRITY THREATS TO ORGANIZATIONS1
DATA INTEGRITY THREATS TO ORGANIZATIONS10
Data Integrity Threats To Organizations
Student’s Name
Institutional Affiliation
Abstract
The purpose of this paper is to define data integrity and to explain in detail its importance to any particular organization or enterprise. This paper goes into detail and discusses the main threats to data integrity which include cyber-attacks, transfer errors, human error, compromised hardware and malware.
Solution
s to these threats are also highlighted and the possible recommendations are given. The data collected for the purpose of this research paper came from questionnaires and literature reviews. The paper makes use of the qualitative research methodology based on the data collected from the questionnaires, literatures and interviews. Threats to data integrity are seen to have adverse effects on the productivity and profitability of many organizations.
Data Integrity Threats To Organizations
Introduction
Data integrity is defined as the accuracy and consistency of data throughout its lifecycle. Data integrity is the core aspect of cyber security. It is important in the design, implementation and utilization of systems that process, store and retrieves data. There are many threats to data integrity and they include cyber-attacks, transfer errors, human error, compromised hardware and malware. Data integrity has a great impact to organizations in terms of its operations and decision making processes (Nedal & Sail, 2013). Data integrity is important to organizations in terms of productivity and operations since these activities rely on sound decision making processes made by the management based on real time data available to them. Inaccurate data based on data lacking data integrity has adverse effects on an organization progress since wrong organizational decisions would be made. It is therefore important for organizations to make data security a priority in their information systems. Organizations can prioritize data security by establishing cyber security teams or outsourcing the services to a third party who would protect and mitigate the threats associated to cyber security.
Thesis
Data integrity refers to the accuracy and consistency of data throughout its lifecycle and it can be compromised by threats such as human error, cyber-attacks, compromised hardware and malware.
Importance of Data Integrity
Data integrity is considered to be both a process and a state. As a state, data integrity can be both accurate and valid whereas as a process, data integrity is described as the measures taken to ensure that a data set or all the data in a database or construct is valid and accurate. It is important for organizations and enterprises to consider data integrity whether as a state or as a process because it ensures the traceability recoverability and searchability of data (Kavale, 2012). The validity and accuracy of data, which is essentia ...
Running head Cryptography1Cryptography16.docxhealdkathaleen
Running head: Cryptography 1
Cryptography 16
Cryptography
Aisha Tate
UMUC
August 29, 2019
Hi Aisha
I am puzzled – didn’t we talk about a focused report for a particular organization? Did you review the table below. Please continue to work to improve your research skills and find peer-reviewed/scholarly resources to support your work.
Best wishes,
Dr K
Student Name: Aisha Tate
Date: 18-Sep-2019
This form provides the same classroom instructions in a checklist form to help students and professors quickly evaluate a submission
Project 5: Requires the Following TWO Pieces
Areas to Improve
1. Paper
2. Lab Experience Report with Screenshots
1. Paper
IT Systems Architecture
You will provide this information in tabular format and call it the Network Security and Vulnerability Threat Table
security architecture of the organization
the cryptographic means of protecting the assets of the organization
the types of known attacks against those types of protections
means to ward off the attacks
Include and define the following components of security in the architecture of your organization, and explain if threats to these components are likely, or unlikely:
LAN security
identity management
physical security
personal security
availability
privacy
Then list the security defenses you employ in your organization to mitigate these types of attacks.
Needs better research and writing skills
Plan of Protection
Learn more about the transmission of files that do not seem suspicious but that actually have embedded malicious payload, undetectable to human hearing or vision. This type of threat can enter your organization’s networks and databases undetected through the use of steganography or data hiding. You should include this type of threat vector to an organization in your report to leadership.
No details on organization or strategy?
Provide the leadership of your organization with your plan for protecting identity, access, authorization and nonrepudiation of information transmission, storage, and usage
Data Hiding Technologies
describe to your organization the various cryptographic means of protecting its assets. descriptions will be included in the network security vulnerability and threat table for leadership
Basic elements explained
Encryption Technologies
1. Shift / Caesar cipher
2. Polyalphabetic cipher
3. One time pad cipher/Vernam cipher/perfect cipher
4. Block ciphers
5. triple DES
6. RSA
7. Advanced Encryption Standard (AES)
8. Symmetric encryption
9. Text block coding
Data Hiding Technologies
1. Information hiding and steganography
2. Digital watermarking
3. Masks and filtering
Network Security Vulnerability and Threat Table
Describe the various cryptographic means of protecting its assets. descriptions will be included in the network security vulnerability and threat table for leadership
Basic information provided
Encryption Technologies
1. Shift / Caesar cipher
2. Polyalphabetic ...
Module 3 Lectures 6 hrs.
Infrastructure and Network Security: Introduction to System Security, Server Security,
OS Security, Physical Security, Introduction to Networks, Network packet Sniffing,
Network Design Simulation. DOS/DDOS attacks. Asset Management and Audits,
Vulnerabilities and Attacks. Intrusion detection and Prevention Techniques, Host based
Intrusion prevention Systems, Security Information Management, Network Session
Analysis, System Integrity Validation.
Open Source/ Free/ Trial Tools: DOS Attacks, DDOS attacks, Wireshark, Cain & abel,
iptables/
Windows Firewall, snort, suricata, fail2ban
Introduction to AI for Nonprofits with Tapp NetworkTechSoup
Dive into the world of AI! Experts Jon Hill and Tareq Monaur will guide you through AI's role in enhancing nonprofit websites and basic marketing strategies, making it easy to understand and apply.
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdfTechSoup
In this webinar you will learn how your organization can access TechSoup's wide variety of product discount and donation programs. From hardware to software, we'll give you a tour of the tools available to help your nonprofit with productivity, collaboration, financial management, donor tracking, security, and more.
How to Make a Field invisible in Odoo 17Celine George
It is possible to hide or invisible some fields in odoo. Commonly using “invisible” attribute in the field definition to invisible the fields. This slide will show how to make a field invisible in odoo 17.
Acetabularia Information For Class 9 .docxvaibhavrinwa19
Acetabularia acetabulum is a single-celled green alga that in its vegetative state is morphologically differentiated into a basal rhizoid and an axially elongated stalk, which bears whorls of branching hairs. The single diploid nucleus resides in the rhizoid.
Synthetic Fiber Construction in lab .pptxPavel ( NSTU)
Synthetic fiber production is a fascinating and complex field that blends chemistry, engineering, and environmental science. By understanding these aspects, students can gain a comprehensive view of synthetic fiber production, its impact on society and the environment, and the potential for future innovations. Synthetic fibers play a crucial role in modern society, impacting various aspects of daily life, industry, and the environment. ynthetic fibers are integral to modern life, offering a range of benefits from cost-effectiveness and versatility to innovative applications and performance characteristics. While they pose environmental challenges, ongoing research and development aim to create more sustainable and eco-friendly alternatives. Understanding the importance of synthetic fibers helps in appreciating their role in the economy, industry, and daily life, while also emphasizing the need for sustainable practices and innovation.
Macroeconomics- Movie Location
This will be used as part of your Personal Professional Portfolio once graded.
Objective:
Prepare a presentation or a paper using research, basic comparative analysis, data organization and application of economic information. You will make an informed assessment of an economic climate outside of the United States to accomplish an entertainment industry objective.
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...Levi Shapiro
Letter from the Congress of the United States regarding Anti-Semitism sent June 3rd to MIT President Sally Kornbluth, MIT Corp Chair, Mark Gorenberg
Dear Dr. Kornbluth and Mr. Gorenberg,
The US House of Representatives is deeply concerned by ongoing and pervasive acts of antisemitic
harassment and intimidation at the Massachusetts Institute of Technology (MIT). Failing to act decisively to ensure a safe learning environment for all students would be a grave dereliction of your responsibilities as President of MIT and Chair of the MIT Corporation.
This Congress will not stand idly by and allow an environment hostile to Jewish students to persist. The House believes that your institution is in violation of Title VI of the Civil Rights Act, and the inability or
unwillingness to rectify this violation through action requires accountability.
Postsecondary education is a unique opportunity for students to learn and have their ideas and beliefs challenged. However, universities receiving hundreds of millions of federal funds annually have denied
students that opportunity and have been hijacked to become venues for the promotion of terrorism, antisemitic harassment and intimidation, unlawful encampments, and in some cases, assaults and riots.
The House of Representatives will not countenance the use of federal funds to indoctrinate students into hateful, antisemitic, anti-American supporters of terrorism. Investigations into campus antisemitism by the Committee on Education and the Workforce and the Committee on Ways and Means have been expanded into a Congress-wide probe across all relevant jurisdictions to address this national crisis. The undersigned Committees will conduct oversight into the use of federal funds at MIT and its learning environment under authorities granted to each Committee.
• The Committee on Education and the Workforce has been investigating your institution since December 7, 2023. The Committee has broad jurisdiction over postsecondary education, including its compliance with Title VI of the Civil Rights Act, campus safety concerns over disruptions to the learning environment, and the awarding of federal student aid under the Higher Education Act.
• The Committee on Oversight and Accountability is investigating the sources of funding and other support flowing to groups espousing pro-Hamas propaganda and engaged in antisemitic harassment and intimidation of students. The Committee on Oversight and Accountability is the principal oversight committee of the US House of Representatives and has broad authority to investigate “any matter” at “any time” under House Rule X.
• The Committee on Ways and Means has been investigating several universities since November 15, 2023, when the Committee held a hearing entitled From Ivory Towers to Dark Corners: Investigating the Nexus Between Antisemitism, Tax-Exempt Universities, and Terror Financing. The Committee followed the hearing with letters to those institutions on January 10, 202
A Strategic Approach: GenAI in EducationPeter Windle
Artificial Intelligence (AI) technologies such as Generative AI, Image Generators and Large Language Models have had a dramatic impact on teaching, learning and assessment over the past 18 months. The most immediate threat AI posed was to Academic Integrity with Higher Education Institutes (HEIs) focusing their efforts on combating the use of GenAI in assessment. Guidelines were developed for staff and students, policies put in place too. Innovative educators have forged paths in the use of Generative AI for teaching, learning and assessments leading to pockets of transformation springing up across HEIs, often with little or no top-down guidance, support or direction.
This Gasta posits a strategic approach to integrating AI into HEIs to prepare staff, students and the curriculum for an evolving world and workplace. We will highlight the advantages of working with these technologies beyond the realm of teaching, learning and assessment by considering prompt engineering skills, industry impact, curriculum changes, and the need for staff upskilling. In contrast, not engaging strategically with Generative AI poses risks, including falling behind peers, missed opportunities and failing to ensure our graduates remain employable. The rapid evolution of AI technologies necessitates a proactive and strategic approach if we are to remain relevant.
Unit 8 - Information and Communication Technology (Paper I).pdfThiyagu K
This slides describes the basic concepts of ICT, basics of Email, Emerging Technology and Digital Initiatives in Education. This presentations aligns with the UGC Paper I syllabus.
"Protectable subject matters, Protection in biotechnology, Protection of othe...
A Database System Security Framework
1. International Journal of Computer Science & Information Technology (IJCSIT) Vol 7, No 6, December 2015
DOI:10.5121/ijcsit.2015.7614 165
A DATABASE SYSTEM SECURITY FRAMEWORK
Habiba Muhammad Sani1
and Muhammad Mika’ilu Yabo2
1
Department of Mathematics,Computer Science Unit Usmanu Danfodiyo University,
Sokoto-Nigeria
2
Department of Computer Science, Shehu Shagari College of Education, Sokoto-Nigeria.
ABSTRACT
Database security is a growing concern as the amount of sensitive data collected and retained in databases
is fast growing and most of these data are being made accessible via the internet. Majority of the
companies, organizations and teaching and learning institutions store sensitive data in databases .As most
of these data are electronically accessed , It can therefore be assumed that , the integrity of these numerous
and sensitive data is prone to different kind of threat such as{Unauthorized access, theft as well access
denial}. Therefore, the need for securing databases has also increased The primary objectives of database
security are to prevent unauthorized access to data, prevent unauthorized tampering or modification of
data, and to also ensure that, these data remains available whenever needed. In this paper, we developed
a database security framework by combining different security mechanism on a sensitive students
information database application designed for Shehu Shagari College of Education Sokoto (SSCOE) with
the aim of minimizing and preventing the data from Confidentiality, Integrity and Availability threats.
KEYWORDS
Database, Database Security Framework, Confidentiality, Integrity
1. INTRODUCTION
Database technologies are the core component of many information systems. These technologies
allow data to be collected, stored and disseminated electronically. They allow data to be retained
and shared electronically and the amount of data contained in these systems continues to grow at
an exponential rate. So does the need to insure the integrity of the data and secure the data from
unintended access.
Database security can be defined as a system or process by which the “Confidentiality, Integrity,
and Availability,” or CIA, of the database can be protected. Unauthorized entry or access to a
database server signifies a loss of confidentiality; unauthorized alteration to the available data
signifies loss of integrity; and lack of access to database services signifies loss of availability.
Loss of one or more of these basic facets will have a significant impact on the security of the
database [1]. Similarly, it refers to the collective measures used to protect and secure a database
or database management software from illegitimate use and malicious threats and attacks[2].
Database security issues have been more complex due to widespread use of the internet.
Databases are an organizational main resource and therefore, policies and measures must be put
into place to safeguard its security and the integrity of the data it contains [3].
2. International Journal of Computer Science & Information Technology (IJCSIT) Vol 7, No 6, December 2015
166
According to [4] database is always a key target for adulteration because it contains sensitive and
valuable information. Therefore in every database design process the designers need to know and
find way of handling the vulnerabilities that can be found in database driven system, it can be
through creation stage, during application integration or even during patching and updating,
which some of this vulnerabilities are:
Deployment Failures: The database should be checked when designed to identifies all its
functionality, because the common reason of most database vulnerabilities is due to lack
of care when they are developed, and a database will only tested for it expected
functionality without checking to see if the database is not doing things which it should
not be doing them.
Data leak: Always “back end” is what we considered a databases to be, and this database
contains networking interface which help the hacker to capture it traffic and exploit it.
For this to be avoided, the use of encryption communication platform is needed.
Stolen database backups: Another database treats are internal treats, these are those that
are inside the organization, they can destroy or steal the backup of a database whether for
revenge, money or any other profits.
The abuse of database features: Miss used of standard features of database made many
database to be exploited. Removing the tools that are unnecessary can limited the Future
abuse, not by eliminating the exploitation completely, but at least reduction the areas that
hackers can study to initiate the attack.
A lack of segregation: Separation of powers between administrator and user, also duties
need to be segregated which can make fraud or theft very difficult by internal staff. In
addition, the user account power limitation will make it difficult for a hacker to
completely take control of the database.
Database inconsistencies: Lack of consistency is the common thread that gives room to
all vulnerabilities. And it is not a problem of database technology but rather
administrative problem; therefore there is a need to consistently develop looking after the
database by the database developers and system administrators, so as to be aware of any
kind of threats and to take care of any kind of vulnerabilities.
The database security can be enforced and maintain throughout the system life cycle with use of
Confidentiality, integrity, and availability (CIA) principles. According to [5] the Confidentiality,
integrity, and availability (CIA) are principle model design to ensure information security policies
within any given organization. As he explains:-
Confidentiality: means that the prevention of unauthorised disclosure of information.
That is the wrong people will not be able to get any sensitive information, and making
sure the authorized or right people can easily get it. Simply means prevention of
unauthorised disclosure of information [5].
Integrity: This involves maintaining the data accuracy, consistency, and trustworthiness
throughout its life cycle. Therefore the steps must be taken to make sure that data is not
be altered or changed in transit by unauthorized parties. Likewise as results of non
human cause such as server crash, means of detection need to be in place to detect any
alteration or changes that occur, and a copy of backup must always be available for the
effected data to be restored in it correct state. Simply means prevention of unauthorised
modification of information [5].
3. International Journal of Computer Science & Information Technology (IJCSIT) Vol 7, No 6, December 2015
167
Availability: meaning that the ability of the system to make it assets accessible to only
authorized users and in a timely manner as determined by the systems requirements.
Simply means prevention of unauthorised withholding of information or resources [5].
1.1 Mechanisms That Enforce Confidentiality
Encryption and Decryption Algorithm: It helps with confidentiality as it changes the
format of a plaintext (clean message) to non-readable format in order to prevent any
unauthorised person to read that data.
Access Control List: it helps with confidentiality – as only authorised users should be
able to access the system.
A firewall: it also helps with confidentiality by trying to prevent the traffic getting
through.
IDS and IPS systems: they also helps with confidentiality just like firewalls they are
continually monitoring traffic that should and should not enter the network and take
action accordingly if traffic violates network rules.
1.2 Mechanisms That Enforce Integrity
Encryption and Decryption Algorithm: It helps with integrity as it changes the format of a
plaintext(clean message) to non-readable format in order to prevent any unauthorised
person to change the content of the data.
A message digest or checksum: it helps with integrity by providing authenticity
1.3 Mechanisms That Enforce Availability
A honeypot: It helps availability- as it is attempting to filter or direct traffic to an area
where it can cause no damage but be monitored
Access Control List: It also help availability- as it effectively filters traffic purposely to
filter out unwanted traffic.
A firewall: It also helps availability- as like an ACL it filters traffic and trying to prevent
the unwanted traffic from getting through.
The paper is organised into four sections as follows: Section 1 provides the introductory aspect of
the paper. In section2, the paper presents materials and methods of the proposed database security
framework. In section 3, the paper described the result and discussion of the work. In section 4 ,
the paper presents conclusion of the work.
2. Materials and Methods
2.1 Database System Modelling
Systems modelling of the database involve set of interrelated operations (as a whole system) that
interacts in different ways to one another, so as to allow the operational and design of one part in
the system to have impact to other parts of the system [6]. This research uses UseCase and
ClassDiagram of StarUML Case tools to model the system.
4. International Journal of Computer Science & Information Technology (IJCSIT) Vol 7, No 6, December 2015
168
2.1.1 Use case diagram:
Below is a UseCase Diagram design using a StarUML CASE tools.
Figure 1. UseCase Diagram Design
2.1.2 Description of Usecase
The students result processing system is a system design to provide an interface for users to add
new students, new courses and students exams result. It also allowed the users to view the result
for them to make any of the three reports that is, Individual student report, sessional students
report and final year students report. The system employs a College Exam officer who will add a
new courses and amend the existing courses, it also employ a director MIS who will oversee the
addition of new students. The Schools Exams Coordinators were also employs to add new
students’ results, and finally it employs the College academic Secretary who is responsible to
delete students.
2.1.3 Justification of Usecase
The analysis of conceptual class diagram was justifiably design to image all the needed classes’
base on the user specification. Also a proper signs were used to characterize their expected
relationship with a multiplicity.
2.2 Design class diagrams:
Below is a class diagram design and its layers using a StarUML CASE tools.
5. International Journal of Computer Science & Information Technology (IJCSIT) Vol 7, No 6, December 2015
169
Figure 2. Design Class Diagram
Figure 3. Design Class Diagram showing the User Interface Layer (Presentation Layer)
6. International Journal of Computer Science & Information Technology (IJCSIT) Vol 7, No 6, December 2015
170
Figure 4. Design Class Diagram showing the control objects layer or application logic layer (Processing
Layer).
Figure 5. Design Class Diagram showing the Data Layer (Domain Layer)
2.2.1 Description of Design Class Diagrams
The system design diagram was divided into three layers namely, Application logic layer,
Data/Domain Layer and User Interface Layer.
7. International Journal of Computer Science & Information Technology (IJCSIT) Vol 7, No 6, December 2015
171
The domain/data layer: is a layer that contains classes design to store data as an object
from a business domain, these classes are Courses class, Courseslist class, Studentdetails
class, Studentdetailslist class, Results class, Resultsrecordbook class, Report class,
IndividualReport class, SessionalReport class and FinalyearstunedtsReport class.
The user interface layer: is a layer design with classes to handle the input and output
process, that is to allow the external actors that are outside the software boundary to send in
the request as input and receive the result as output, these classes are
CollegeExamOfficeGUI, Director_MIS_GUI, SchoolsExamCoordinatorsGUI and
CollegeAcademicSecretaryGUI.
The control object layer or application logic layer: is a layer that has only one class that
used to provide the control logic of the use cases and their coordination, this class is
ReportController class. The class serve as interface or bridge between user interface layer
data layer where by the user interface layer will send request to application layer and the
application layer identify the data layer class that is suitably related with the request and
pass that request to the class, it also collect the output of the request from that data layer
class and send it to the user interface layer class as the design class diagram indicated using
a direct relationship arrows.
2.2.2 Justification of Design Class Diagrams
The researchers justifiably tries to make the design class diagram base on the specification and
requirements of the system user. The design class diagram has four user interfaces that will be
used by the boundary user to get access to the system, where by the College exam Officer access
the system through CollegeExamOfficerGUI, Director MIS through Director_MIS_GUI, Schools
Exam Coordinator through SchoolsExamCoordinatorGUI and College Academic Secretary
through CollegeAcademicSecretaryGUI.
The design class also has a system controller named ReportController class so that it will give a
clear meaning to its functions since it was design to control all the system activities, and the
classes of data layer are all design base on the specification of the user.
2.3 Security Framework
Figure 6. Database security framework Architecture
8. International Journal of Computer Science & Information Technology (IJCSIT) Vol 7, No 6, December 2015
172
3. RESULTS AND DISCUSSION
After developing the software and the security measures to safeguard the data stored in the
database. The performance of the software was tested against the security measures
described/shown in figure 6 above. The result indicates that, the user can only gain access to the
data after successfully being authenticated against all the CIA mechanism put in place and all
assigned role are made available to the user. Similarly, the user is denied access if not
authenticated.
In order to evaluate the above database application against the security mechanisms put in place,
the experimental evaluation was carried out by selecting 3 examination officers as administrators
to be involved in the use and management of the system. Each of the administrators was allowed
to log into the system by entering their details respectively. The overall analysis of the system
performance against the security mechanism was captured based on the effectiveness of the user’s
login details as shown below:
Administrators WrongLoginDetail RightLoginDetails
1 Access Denial Access Granted
2 Access Denial Access Granted
3 Access Denial Access Granted
Figure 7. Screen shot of the User (admin) access denial interface
9. International Journal of Computer Science & Information Technology (IJCSIT) Vol 7, No 6, December 2015
173
Figure 8. Screen shot of the User (admin) system login access interface
4. CONCLUSION
Despite the increased security concerns in database systems, its benefits outnumbered its
shortcoming. However, as database security and in particular data protection from unauthorized
users remain important goal in any organizational database management system ,In this paper,
the authors proposed database securing framework aimed at minimizing different forms of
security concerns against the numerous data stored in the record system of SSCOE database
systems. The security framework was designed based on the core facets of database security
mechanisms (CIA) to help address the issues of confidentiality, integrity and authenticity as well
as availability of data. More so, the system was tested and the results of the study indicated that,
the system can only grant access to only the authorized users after successfully authenticated
against the CIA mechanisms in place and allowed to view only the roles assigned to them. While
on the other hand, the system rejects and denied unauthorised users access to the system and data.
REFERENCES
[1] Bright Hub Inc. (2012). Database Security.[Online] Available from
<http://www.brighthub.com/computing/smb-security/articles/61400.aspx.> [November/12 2015]
[2] Techopedia,2015). Databse security. [online] Available from
<https://www.techopedia.com/definition/29841/database-security> [November/12 2015]
[3] Singh, S(2009) Database systems: Concepts, Design and applications New Delhi: Pearson Education
India.
[4] Osborne, C. (2013) The top ten most common database security vulnerabilities [online] available
from <http://www.zdnet.com/the-top-ten-most-common-database-security-vulnerabilities-
7000017320/> [November/o1 2015]
10. International Journal of Computer Science & Information Technology (IJCSIT) Vol 7, No 6, December 2015
174
[5] Gibilisco, S. (2013) confidentiality, integrity, and availability (CIA) [online] available from
<http://whatis.techtarget.com/definition/Confidentiality-integrity-and-availability-CIA>
[November/24 2015]
[6] Broy, M., Cengarle, M. V., Gronniger, H. and Rumpe, B. (2011) Definition Of The System Model
[Online] available from <http://www.se-rwth.de/publications/Definition-of-the-UML-system-
model.pdf> [November/16 2015]
AUTHORS
Habiba Muhammad Sani is a BSc. degree holder in Computer Science from the Usmanu
Danfodiyo University, Sokoto (UDUS) in Nigeria and also obtained MSc. degree in
Computing Information Engineering from the Robert Gordon university, Aberdeen,
United Kigdom. Currently lecturing in the Department of Mathematic, Computer Science
Unit of UDUS. Her major research interest area is on advanced database systems and
Artificial intelligence Systems.
Muhammad Mika’ilu Yabo is a BSc.and MSc. degree holder in Computer Science and
Network Computing from the Usmanu Danfodiyo University,Sokoto, Nigeria and
Coventry University,United Kingdom respectively. Currently lecturing in the department
of Computer Science Shehu Shagari College Of Education Sokoto, Nigeria .His major
area of interest is database security and web applications.