SlideShare a Scribd company logo

A1802030104

IOSR Journals
IOSR Journals

Volume 18, Issue 2, Ver. III (Mar-Apr. 2016)

Technology
1 of 4
Download to read offline
IOSR Journal of Computer Engineering (IOSR-JCE) e-ISSN: 2278-0661,p-ISSN: 2278-8727, Volume 18, Issue 2, Ver. III (Mar-Apr. 2016), PP 01-04 www.iosrjournals.org DOI: 10.9790/0661-1802030104 www.iosrjournals.org 1 | Page Challenges to Data Base Security – A Futuristic View Rekha Ahirwar1 , Rashi Saxena2 , Pankaj Yadav3 1 (Department Of Computer Science, Lecture Govt. Polytechnic Katani (Mp) 2 (Department Of Computer Science, Lecture Govt. Polytechnic Katani (Mp) 3 (Department Of Information Technology, Lecture Indira Gandhi Govt. Engineering College Sagar (Mp) Abstract: In present scenario, database security is on prime consideration, for any organization because of its implementation and complex nature of system. It is generally associated with the dealing of retrieval of data from data base by various users. if all these retrievals are authentic then there is no problem unautenticity imposed creating threat & security is necessary issue for organization as well as if new internal user would be added then it also create serious threat which might be lead to security problem, this paper highlights main criteria of data base threat & how it can be mitigate or control to a permissible limit thereby we can safe our database. Key word: database security, data retrieval, miscofugered data, and sensitive data I. Introduction All organizations public, governmental or private, small or large| depend on computerized information systems for carrying out their daily activity. At the heart of each such information system, there is a database. At a very general level, we can de ne a database as a persistent collection of related data, where data are facts that have an implicit meaning. For instance, an employee's name, social security number, or date of birth is all facts that can be recorded in a database. Typically, a database is built to store logically interrelated data representing some aspects of the real world, which must be collected, processed, and made accessible to a given user population. The database is constructed according to a data model which defines the way in which data and interrelationships between them can be represented. The collection of software programs that pro-vide the functionalities for defining, maintaining, and accessing data stored in a database is called a database management system (DBMS).Beside access and processing functionalities, each DBMS must also provide security functionalities to ensure the secrecy, integrity, and availability of the stored data [3]. Providing secrecy means providing secrecy means ensuring that data will not be disclosed to unauthorized users. Providing integrity means ensuring that data will not be modified in an unauthorized or improper way. In particular, integrity ensures that the stored data correctly reflect the real world. Providing availability means ensuring that the database will always be accessible by legitimate users for the accesses they are authorized for. The level of protection is required to fulfill the security purpose consists following clause. Protection level: - A DBMS usually needs to protect data at a fine granularity level Object differences there is a greater variety of object types in a DBMS than in an operating system. The typical object type in an operating system is a file; in a DBMS there can be relations (tables), tuples (rows within a table), attributes (columns within a table), indexes, metadata, and others. Data interrelationships: - A database may include many logical objects with complex semantic interrelationships that must be protected. By contrast, the number of physical objects that the operating system protects is less and no semantic interrelationships are supported. Dynamic versus static objects: - Data objects in a DBMS can be obtained by dynamically aggregating data from different physical objects in an operating system. By contrast, less tend to be more static making their protection easier. Lifetime of data: - The lifetime and frequency of access of data in a DBMS is quite different than the lifetime of data stored as les in an operating system. User views of data While in an operating system, users are either granted or denied access to data ( les), in a DBMS it is possible to give access to a portion of an object by defining different views for different users. Because of these differences, it is clear that some security requirements is needed.
Challenges to Data Base Security – A Futuristic View DOI: 10.9790/0661-1802030104 www.iosrjournals.org 2 | Page Database security problem clauses: - following are important clauses under which data base security is important issue. 1- Exploitation of Vulnerabilities and Mis-configured Databases 2- Limited Security Expertise and Education 3- Unmanaged Sensitive Data 4- Weak Audit Trail 5- Privilege Abuse Above these issue are associated with data base protection & industrial management is very aware for mitigation to fulfill the required purpose . Exploitation of Vulnerable, Misconfigured Databases It is common to find vulnerable and un-patched databases, or discover databases that still have default accounts and configuration parameters. Attackers know how to exploit these vulnerabilities to launch attacks against your organization. Unfortunately, organizations often struggle to stay on top of maintaining database configurations even when patches are available. Typical issues include high workloads and mounting backlogs for the associated Database administrators, complex and time-consuming requirements for testing patches, and the challenge of finding a maintenance window to take down and work on what is often classified as a business- critical system. The net result is that it generally takes organizations months to patch databases, during which time they remain vulnerable. Limited Security Expertise and Education Internal security controls are not keeping pace with data growth and many organizations are ill- equipped to deal with a security breach. Often this is due to the lack of expertise required to implement security controls, enforce policies, or conduct incident response processes. According to the Ponemon Institute 2014 Cost of Data Breach Study, for 30 percent of data breach incidents, the main root cause was classified as the ―human factor‖—in other words, a Negligent employee or contractor. Unmanaged Sensitive Data Many companies struggle to maintain an accurate inventory of their databases and the critical data objects contained within them. Forgotten databases may contain sensitive information, and new databases can emerge—e.g., in application testing environments—without visibility to the security team. Sensitive data in these databases will be exposed to threats if the required controls and permissions are not implemented. Weak Audit Trail Automated recording of database transactions involving sensitive data should be part of any database deployment. Failure to collect detailed audit records of database activity represents a serious organizational risk on many levels. Organizations with weak (or sometimes non-existent) database audit mechanisms will increasingly find that they are at odds with industry and government regulatory requirements. For example, Sarbanes-Oxley (SOX), which protects against accounting errors and fraudulent practices, and the Healthcare Information Portability and Accountability Act (HIPAA) in the healthcare sector, are just two examples of regulations with clear database audit requirements. Many enterprises will turn to native audit tools provided by their database vendors or rely on ad-hoc and manual solutions. These approaches do not record details necessary to support auditing, attack detection, and forensics. Furthermore, native database audit mechanisms are notorious for consuming CPU and disk resources forcing many organizations to scale back or eliminate auditing altogether. Finally, most native audit mechanisms are unique to a database server platform. For example, Oracle logs are different from MS-SQL, and MS-SQL logs are different form DB2. For organizations with heterogeneous database environments, this imposes a significant obstacle to implementing uniform, scalable audit processes. When users access the database via enterprise web applications (such as SAP, Oracle E- Business Suite, or PeopleSoft) it can be challenging to understand which database access activity relates to a specific user. Most audit mechanisms have no awareness of who the end user is because all activity is associated with the web application account name. Reporting, visibility, and forensic analysis are hampered because there is no link to the responsible user. Finally, users with administrative access to the database, either legitimately or maliciously obtained, can turn off native database auditing to hide fraudulent activity. Audit capabilities and responsibilities should ideally be separate from both database administrators and the database server platform to ensure strong separation of duties policies. Privilege Abuse Users may abuse legitimate database privileges for unauthorized purposes. Consider an internal healthcare application used to view individual patient records via a custom web interface. The web application
Challenges to Data Base Security – A Futuristic View DOI: 10.9790/0661-1802030104 www.iosrjournals.org 3 | Page normally limits users to viewing an individual patient’s healthcare history—multiple patient records cannot be viewed simultaneously and electronic copies are not allowed. However, a rogue user might be able to circumvent these restrictions by connecting to the database using an alternative client such as MS-Excel. Using Excel and their legitimate login credentials, the user could retrieve and save all patient records to their laptop. Once patient records reach a client machine, the data then becomes susceptible to a wide variety of possible breach scenarios. II. Mitigate Vulnerabilities If vulnerability is deleted and the database vendor hasn’t released a patch, a virtual patching solution should be used. Applying virtual patches will block attempts to exploit vulnerabilities without requiring actual patches or changes to the current configuration of the server. Virtual patching will protect the database from exploit attempts until the patch is deployed. Again, focus on patching high-risk vulnerabilities that can facilitate a DoS or input injection attack. III. Separation Of Duties Implement a DAP solution that delivers the performance, scalability, and flexibility to meet the needs of the most demanding environments. DAP solutions operate independently of database administrators, making it possible to separate audit duties from routine system administration. In addition, they operate independently of the database server and are invulnerable to privilege elevation attacks carried out by non-administrators IV. Cultivate Experienced Security Professionals To defend against a growing array of internal and external threats, hire information security personnel that are well versed in IT Security and have experience implementing, administering, and monitoring security solutions. Ongoing education and training are also important for growing deeper security knowledge and skills. Consider outside IT security and specialists to help with implementation, conduct security assessments and penetration tests, and provide training and support for your administrators. Educate Your Workforce Train your workforce on risk mitigation techniques including how to recognize common cyber threats (e.g. a spear-phishing attack), best practices around Internet and email usage, and password management. Failure to enforce training and create a ―security conscious ―work culture increases the chances of a security breach. The end result is well-informed users who are trained to securely function when connected Identify and Classify Sensitive Data Once you have constructed a catalog of databases, it is critical to understand which databases contain sensitive data. Scan the objects, rows, and columns of databases to pinpoint sensitive data. Use data classification solutions that are aware of data types such as credit cards, email addresses, and national identity numbers, and which enable users to add custom data types as well. Classification results should include the IP address and host name of the asset, and indicate the existence of sensitive data on that server. Automatically identifying sensitive data and personally identifiable information helps narrow the scope of security and compliance efforts. V. Real-Time Alerting And Blocking Monitor all database access activity and usage patterns in real time to detect data leakage, unauthorized SQL and Big Data transactions, and protocol and system attacks. When attempts to access unauthorized data occur, generate alerts or terminate the user session. Use a solution that leverages policies – both pre-defined and custom – that inspect database traffic to identify patterns that correspond to known attacks, such as DoS attacks, and unauthorized activities. Security policies are useful for not only detecting excessive privilege abuse by malicious, compromised, or dormant users, but also for preventing most of the other top ten database threats. Detect Unusual Access Activity Establish a comprehensive profile of each database user’s normal activity. Monitoring for deviations from these baselines enables detection of DoS, malware, input injection, and anomalous activities. If any user initiates an action that does not fit their profile, log the event, generate an alert or block the user. Creating activity-based user profiles increases the likelihood of detecting inappropriate access to sensitive data. VI. Data Protection Automate the long-term data archival processes. Use solutions that can be configured to periodically archive data to external mass storage systems. Data should be optionally compressed, encrypted, and signed
Challenges to Data Base Security – A Futuristic View DOI: 10.9790/0661-1802030104 www.iosrjournals.org 4 | Page prior to archival. Encrypt sensitive data across heterogeneous database environments. This allows you to secure both production and backup copies of databases, then audit the activity of and control access to sensitive data from users who access databases at the operating system and storage tiers. By leveraging database auditing along with encryption, organizations can monitor and control users both inside and outside of the database. VII. Conclusion Database security is the greatest problem in present scenario , the above process is apply for protection which detecting the insecurity area of data & solution out line and its implementation in respect of threat can be protected the valuable sensitive data’s . Reference [1]. Burtescu, E. Problems of Inference in Databases in „Education, Research & Business Technologies―. The Proceeding of the 9th International Conference on Economic Informatics, INFOREC Printing House, Bucharest, 2009 [2]. Burtescu, E. Databse security, in „Knowledge Management. Projects, Systems and Technologies―, International Conference „Knowledge Management. Projects, Systems and Technologies―, Bucharest, November 9-10, 2006, INFOREC Printing House, Bucharest, 2006 [3]. Hsiao, S.B. and Stemp, R. Computer Security, course, CS 4601, Monterey, California, 1995 [4]. McCarthy, L. IT Security: Risking the Corporation, Prentice Hall PTR, 2003 [5]. Proctor, P.E. and Byrnes, F.C. The Secured Enterprise, Prentice Hall PTR, 2002 [6]. Security Complete, Second Edition, SYBEX Inc., 2002

Recommended

Security Issues Surrounding Data Manipulation in a Relational Database
Security Issues Surrounding Data Manipulation in a Relational DatabaseSecurity Issues Surrounding Data Manipulation in a Relational Database
Security Issues Surrounding Data Manipulation in a Relational DatabaseDavid Murphy
 
CST 610 Effective Communication/tutorialrank.com
CST 610 Effective Communication/tutorialrank.comCST 610 Effective Communication/tutorialrank.com
CST 610 Effective Communication/tutorialrank.comjonhson198
 
CSEC 610 Effective Communication/tutorialrank.com
CSEC 610 Effective Communication/tutorialrank.com CSEC 610 Effective Communication/tutorialrank.com
CSEC 610 Effective Communication/tutorialrank.comjonhson198
 
CYB 610 Effective Communication/tutorialrank.com
CYB 610 Effective Communication/tutorialrank.com CYB 610 Effective Communication/tutorialrank.com
CYB 610 Effective Communication/tutorialrank.comjonhson199
 
CSEC 610 Education Specialist / snaptutorial.com
CSEC 610 Education Specialist / snaptutorial.comCSEC 610 Education Specialist / snaptutorial.com
CSEC 610 Education Specialist / snaptutorial.comMcdonaldRyan78
 
Cyb 610Education Specialist / snaptutorial.com
Cyb 610Education Specialist / snaptutorial.comCyb 610Education Specialist / snaptutorial.com
Cyb 610Education Specialist / snaptutorial.comMcdonaldRyan80
 
Csec 610 Education Organization-snaptutorial.com
Csec 610 Education Organization-snaptutorial.comCsec 610 Education Organization-snaptutorial.com
Csec 610 Education Organization-snaptutorial.comrobertlesew5
 
CST 610 RANK Achievement Education--cst610rank.com
CST 610 RANK Achievement Education--cst610rank.comCST 610 RANK Achievement Education--cst610rank.com
CST 610 RANK Achievement Education--cst610rank.comkopiko146
 

Recommended

Security Issues Surrounding Data Manipulation in a Relational Database
Security Issues Surrounding Data Manipulation in a Relational DatabaseSecurity Issues Surrounding Data Manipulation in a Relational Database
Security Issues Surrounding Data Manipulation in a Relational DatabaseDavid Murphy
 
CST 610 Effective Communication/tutorialrank.com
CST 610 Effective Communication/tutorialrank.comCST 610 Effective Communication/tutorialrank.com
CST 610 Effective Communication/tutorialrank.comjonhson198
 
CSEC 610 Effective Communication/tutorialrank.com
CSEC 610 Effective Communication/tutorialrank.com CSEC 610 Effective Communication/tutorialrank.com
CSEC 610 Effective Communication/tutorialrank.comjonhson198
 
CYB 610 Effective Communication/tutorialrank.com
CYB 610 Effective Communication/tutorialrank.com CYB 610 Effective Communication/tutorialrank.com
CYB 610 Effective Communication/tutorialrank.comjonhson199
 
CSEC 610 Education Specialist / snaptutorial.com
CSEC 610 Education Specialist / snaptutorial.comCSEC 610 Education Specialist / snaptutorial.com
CSEC 610 Education Specialist / snaptutorial.comMcdonaldRyan78
 
Cyb 610Education Specialist / snaptutorial.com
Cyb 610Education Specialist / snaptutorial.comCyb 610Education Specialist / snaptutorial.com
Cyb 610Education Specialist / snaptutorial.comMcdonaldRyan80
 
Csec 610 Education Organization-snaptutorial.com
Csec 610 Education Organization-snaptutorial.comCsec 610 Education Organization-snaptutorial.com
Csec 610 Education Organization-snaptutorial.comrobertlesew5
 
CST 610 RANK Achievement Education--cst610rank.com
CST 610 RANK Achievement Education--cst610rank.comCST 610 RANK Achievement Education--cst610rank.com
CST 610 RANK Achievement Education--cst610rank.comkopiko146
 
Cst 610 Motivated Minds/newtonhelp.com
Cst 610 Motivated Minds/newtonhelp.comCst 610 Motivated Minds/newtonhelp.com
Cst 610 Motivated Minds/newtonhelp.comamaranthbeg53
 
Csec 610 Enhance teaching / snaptutorial.com
Csec 610 Enhance teaching / snaptutorial.comCsec 610 Enhance teaching / snaptutorial.com
Csec 610 Enhance teaching / snaptutorial.comBaileyabv
 
Cyb 610 Education Organization-snaptutorial.com
Cyb 610 Education Organization-snaptutorial.comCyb 610 Education Organization-snaptutorial.com
Cyb 610 Education Organization-snaptutorial.comrobertlesew8
 
Cyb 610 Enhance teaching / snaptutorial.com
Cyb 610 Enhance teaching / snaptutorial.comCyb 610 Enhance teaching / snaptutorial.com
Cyb 610 Enhance teaching / snaptutorial.comBaileyaby
 
Top ten database_threats
Top ten database_threatsTop ten database_threats
Top ten database_threatsFITSFSd
 
Cyb 610 Believe Possibilities / snaptutorial.com
Cyb 610 Believe Possibilities / snaptutorial.comCyb 610 Believe Possibilities / snaptutorial.com
Cyb 610 Believe Possibilities / snaptutorial.comDavis12a
 
CST 610 RANK Redefined Education--cst610rank.com
CST 610 RANK Redefined Education--cst610rank.comCST 610 RANK Redefined Education--cst610rank.com
CST 610 RANK Redefined Education--cst610rank.comclaric240
 
CYB 610 Effective Communication - snaptutorial.com
CYB 610 Effective Communication - snaptutorial.comCYB 610 Effective Communication - snaptutorial.com
CYB 610 Effective Communication - snaptutorial.comdonaldzs9
 
CYB 610 Exceptional Education - snaptutorial.com
CYB 610 Exceptional Education - snaptutorial.comCYB 610 Exceptional Education - snaptutorial.com
CYB 610 Exceptional Education - snaptutorial.comDavisMurphyA98
 
Cst 610 Enhance teaching / snaptutorial.com
Cst 610 Enhance teaching / snaptutorial.comCst 610 Enhance teaching / snaptutorial.com
Cst 610 Enhance teaching / snaptutorial.comBaileyabw
 
A Review Report on Security Threats on Database
A Review Report on Security Threats on DatabaseA Review Report on Security Threats on Database
A Review Report on Security Threats on DatabaseShivnandan Singh
 
Database Security - IK
Database Security - IKDatabase Security - IK
Database Security - IKIlgın Kavaklıoğulları
 
Csec 610 Believe Possibilities / snaptutorial.com
Csec 610 Believe Possibilities / snaptutorial.comCsec 610 Believe Possibilities / snaptutorial.com
Csec 610 Believe Possibilities / snaptutorial.comDavis10a
 
Cst 610 Believe Possibilities / snaptutorial.com
Cst 610 Believe Possibilities / snaptutorial.comCst 610 Believe Possibilities / snaptutorial.com
Cst 610 Believe Possibilities / snaptutorial.comDavis10a
 
CST 610 RANK Introduction Education--cst610rank.com
CST 610 RANK Introduction Education--cst610rank.comCST 610 RANK Introduction Education--cst610rank.com
CST 610 RANK Introduction Education--cst610rank.comagathachristie265
 
CST 610 RANK Inspiring Innovation--cst610rank.com
CST 610 RANK Inspiring Innovation--cst610rank.comCST 610 RANK Inspiring Innovation--cst610rank.com
CST 610 RANK Inspiring Innovation--cst610rank.comKeatonJennings104
 
CST 610 RANK Educational Specialist--cst610rank.com
CST 610 RANK Educational Specialist--cst610rank.comCST 610 RANK Educational Specialist--cst610rank.com
CST 610 RANK Educational Specialist--cst610rank.comVSNaipaul15
 
CST 610 RANK Become Exceptional--cst610rank.com
CST 610 RANK Become Exceptional--cst610rank.comCST 610 RANK Become Exceptional--cst610rank.com
CST 610 RANK Become Exceptional--cst610rank.comagathachristie112
 
CSEC 610 Effective Communication - snaptutorial.com
CSEC 610 Effective Communication - snaptutorial.comCSEC 610 Effective Communication - snaptutorial.com
CSEC 610 Effective Communication - snaptutorial.comdonaldzs7
 
G012325053
G012325053G012325053
G012325053IOSR Journals
 
F1303033845
F1303033845F1303033845
F1303033845IOSR Journals
 
Relationship of Kabaddi Performance with Selected Coordinative Ability of the...
Relationship of Kabaddi Performance with Selected Coordinative Ability of the...Relationship of Kabaddi Performance with Selected Coordinative Ability of the...
Relationship of Kabaddi Performance with Selected Coordinative Ability of the...IOSR Journals
 

More Related Content

What's hot

Cst 610 Motivated Minds/newtonhelp.com
Cst 610 Motivated Minds/newtonhelp.comCst 610 Motivated Minds/newtonhelp.com
Cst 610 Motivated Minds/newtonhelp.comamaranthbeg53
 
Csec 610 Enhance teaching / snaptutorial.com
Csec 610 Enhance teaching / snaptutorial.comCsec 610 Enhance teaching / snaptutorial.com
Csec 610 Enhance teaching / snaptutorial.comBaileyabv
 
Cyb 610 Education Organization-snaptutorial.com
Cyb 610 Education Organization-snaptutorial.comCyb 610 Education Organization-snaptutorial.com
Cyb 610 Education Organization-snaptutorial.comrobertlesew8
 
Cyb 610 Enhance teaching / snaptutorial.com
Cyb 610 Enhance teaching / snaptutorial.comCyb 610 Enhance teaching / snaptutorial.com
Cyb 610 Enhance teaching / snaptutorial.comBaileyaby
 
Top ten database_threats
Top ten database_threatsTop ten database_threats
Top ten database_threatsFITSFSd
 
Cyb 610 Believe Possibilities / snaptutorial.com
Cyb 610 Believe Possibilities / snaptutorial.comCyb 610 Believe Possibilities / snaptutorial.com
Cyb 610 Believe Possibilities / snaptutorial.comDavis12a
 
CST 610 RANK Redefined Education--cst610rank.com
CST 610 RANK Redefined Education--cst610rank.comCST 610 RANK Redefined Education--cst610rank.com
CST 610 RANK Redefined Education--cst610rank.comclaric240
 
CYB 610 Effective Communication - snaptutorial.com
CYB 610 Effective Communication - snaptutorial.comCYB 610 Effective Communication - snaptutorial.com
CYB 610 Effective Communication - snaptutorial.comdonaldzs9
 
CYB 610 Exceptional Education - snaptutorial.com
CYB 610 Exceptional Education - snaptutorial.comCYB 610 Exceptional Education - snaptutorial.com
CYB 610 Exceptional Education - snaptutorial.comDavisMurphyA98
 
Cst 610 Enhance teaching / snaptutorial.com
Cst 610 Enhance teaching / snaptutorial.comCst 610 Enhance teaching / snaptutorial.com
Cst 610 Enhance teaching / snaptutorial.comBaileyabw
 
A Review Report on Security Threats on Database
A Review Report on Security Threats on DatabaseA Review Report on Security Threats on Database
A Review Report on Security Threats on DatabaseShivnandan Singh
 
Csec 610 Believe Possibilities / snaptutorial.com
Csec 610 Believe Possibilities / snaptutorial.comCsec 610 Believe Possibilities / snaptutorial.com
Csec 610 Believe Possibilities / snaptutorial.comDavis10a
 
Cst 610 Believe Possibilities / snaptutorial.com
Cst 610 Believe Possibilities / snaptutorial.comCst 610 Believe Possibilities / snaptutorial.com
Cst 610 Believe Possibilities / snaptutorial.comDavis10a
 
CST 610 RANK Introduction Education--cst610rank.com
CST 610 RANK Introduction Education--cst610rank.comCST 610 RANK Introduction Education--cst610rank.com
CST 610 RANK Introduction Education--cst610rank.comagathachristie265
 
CST 610 RANK Inspiring Innovation--cst610rank.com
CST 610 RANK Inspiring Innovation--cst610rank.comCST 610 RANK Inspiring Innovation--cst610rank.com
CST 610 RANK Inspiring Innovation--cst610rank.comKeatonJennings104
 
CST 610 RANK Educational Specialist--cst610rank.com
CST 610 RANK Educational Specialist--cst610rank.comCST 610 RANK Educational Specialist--cst610rank.com
CST 610 RANK Educational Specialist--cst610rank.comVSNaipaul15
 
CST 610 RANK Become Exceptional--cst610rank.com
CST 610 RANK Become Exceptional--cst610rank.comCST 610 RANK Become Exceptional--cst610rank.com
CST 610 RANK Become Exceptional--cst610rank.comagathachristie112
 
CSEC 610 Effective Communication - snaptutorial.com
CSEC 610 Effective Communication - snaptutorial.comCSEC 610 Effective Communication - snaptutorial.com
CSEC 610 Effective Communication - snaptutorial.comdonaldzs7
 

What's hot (19)

Cst 610 Motivated Minds/newtonhelp.com
Cst 610 Motivated Minds/newtonhelp.comCst 610 Motivated Minds/newtonhelp.com
Cst 610 Motivated Minds/newtonhelp.com
 
Csec 610 Enhance teaching / snaptutorial.com
Csec 610 Enhance teaching / snaptutorial.comCsec 610 Enhance teaching / snaptutorial.com
Csec 610 Enhance teaching / snaptutorial.com
 
Cyb 610 Education Organization-snaptutorial.com
Cyb 610 Education Organization-snaptutorial.comCyb 610 Education Organization-snaptutorial.com
Cyb 610 Education Organization-snaptutorial.com
 
Cyb 610 Enhance teaching / snaptutorial.com
Cyb 610 Enhance teaching / snaptutorial.comCyb 610 Enhance teaching / snaptutorial.com
Cyb 610 Enhance teaching / snaptutorial.com
 
Top ten database_threats
Top ten database_threatsTop ten database_threats
Top ten database_threats
 
Cyb 610 Believe Possibilities / snaptutorial.com
Cyb 610 Believe Possibilities / snaptutorial.comCyb 610 Believe Possibilities / snaptutorial.com
Cyb 610 Believe Possibilities / snaptutorial.com
 
CST 610 RANK Redefined Education--cst610rank.com
CST 610 RANK Redefined Education--cst610rank.comCST 610 RANK Redefined Education--cst610rank.com
CST 610 RANK Redefined Education--cst610rank.com
 
CYB 610 Effective Communication - snaptutorial.com
CYB 610 Effective Communication - snaptutorial.comCYB 610 Effective Communication - snaptutorial.com
CYB 610 Effective Communication - snaptutorial.com
 
CYB 610 Exceptional Education - snaptutorial.com
CYB 610 Exceptional Education - snaptutorial.comCYB 610 Exceptional Education - snaptutorial.com
CYB 610 Exceptional Education - snaptutorial.com
 
Cst 610 Enhance teaching / snaptutorial.com
Cst 610 Enhance teaching / snaptutorial.comCst 610 Enhance teaching / snaptutorial.com
Cst 610 Enhance teaching / snaptutorial.com
 
A Review Report on Security Threats on Database
A Review Report on Security Threats on DatabaseA Review Report on Security Threats on Database
A Review Report on Security Threats on Database
 
Database Security - IK
Database Security - IKDatabase Security - IK
Database Security - IK
 
Csec 610 Believe Possibilities / snaptutorial.com
Csec 610 Believe Possibilities / snaptutorial.comCsec 610 Believe Possibilities / snaptutorial.com
Csec 610 Believe Possibilities / snaptutorial.com
 
Cst 610 Believe Possibilities / snaptutorial.com
Cst 610 Believe Possibilities / snaptutorial.comCst 610 Believe Possibilities / snaptutorial.com
Cst 610 Believe Possibilities / snaptutorial.com
 
CST 610 RANK Introduction Education--cst610rank.com
CST 610 RANK Introduction Education--cst610rank.comCST 610 RANK Introduction Education--cst610rank.com
CST 610 RANK Introduction Education--cst610rank.com
 
CST 610 RANK Inspiring Innovation--cst610rank.com
CST 610 RANK Inspiring Innovation--cst610rank.comCST 610 RANK Inspiring Innovation--cst610rank.com
CST 610 RANK Inspiring Innovation--cst610rank.com
 
CST 610 RANK Educational Specialist--cst610rank.com
CST 610 RANK Educational Specialist--cst610rank.comCST 610 RANK Educational Specialist--cst610rank.com
CST 610 RANK Educational Specialist--cst610rank.com
 
CST 610 RANK Become Exceptional--cst610rank.com
CST 610 RANK Become Exceptional--cst610rank.comCST 610 RANK Become Exceptional--cst610rank.com
CST 610 RANK Become Exceptional--cst610rank.com
 
CSEC 610 Effective Communication - snaptutorial.com
CSEC 610 Effective Communication - snaptutorial.comCSEC 610 Effective Communication - snaptutorial.com
CSEC 610 Effective Communication - snaptutorial.com
 

Viewers also liked

Relationship of Kabaddi Performance with Selected Coordinative Ability of the...
Relationship of Kabaddi Performance with Selected Coordinative Ability of the...Relationship of Kabaddi Performance with Selected Coordinative Ability of the...
Relationship of Kabaddi Performance with Selected Coordinative Ability of the...IOSR Journals
 
Effect of yogic practices on Static & Dynamic flexibility of College Student
Effect of yogic practices on Static & Dynamic flexibility of College StudentEffect of yogic practices on Static & Dynamic flexibility of College Student
Effect of yogic practices on Static & Dynamic flexibility of College StudentIOSR Journals
 
Performance Evaluation of Basic Segmented Algorithms for Brain Tumor Detection
Performance Evaluation of Basic Segmented Algorithms for Brain Tumor DetectionPerformance Evaluation of Basic Segmented Algorithms for Brain Tumor Detection
Performance Evaluation of Basic Segmented Algorithms for Brain Tumor DetectionIOSR Journals
 

Viewers also liked (20)

G012325053
G012325053G012325053
G012325053
 
F1303033845
F1303033845F1303033845
F1303033845
 
Relationship of Kabaddi Performance with Selected Coordinative Ability of the...
Relationship of Kabaddi Performance with Selected Coordinative Ability of the...Relationship of Kabaddi Performance with Selected Coordinative Ability of the...
Relationship of Kabaddi Performance with Selected Coordinative Ability of the...
 
I010626877
I010626877I010626877
I010626877
 
A018120105
A018120105A018120105
A018120105
 
N010438890
N010438890N010438890
N010438890
 
F017513138
F017513138F017513138
F017513138
 
Effect of yogic practices on Static & Dynamic flexibility of College Student
Effect of yogic practices on Static & Dynamic flexibility of College StudentEffect of yogic practices on Static & Dynamic flexibility of College Student
Effect of yogic practices on Static & Dynamic flexibility of College Student
 
G012614354
G012614354G012614354
G012614354
 
F010624050
F010624050F010624050
F010624050
 
L013167279
L013167279L013167279
L013167279
 
D012473845
D012473845D012473845
D012473845
 
I1302035763
I1302035763I1302035763
I1302035763
 
N18030296105
N18030296105N18030296105
N18030296105
 
E010424043
E010424043E010424043
E010424043
 
D011112432
D011112432D011112432
D011112432
 
C010211319
C010211319C010211319
C010211319
 
I1304035459
I1304035459I1304035459
I1304035459
 
Performance Evaluation of Basic Segmented Algorithms for Brain Tumor Detection
Performance Evaluation of Basic Segmented Algorithms for Brain Tumor DetectionPerformance Evaluation of Basic Segmented Algorithms for Brain Tumor Detection
Performance Evaluation of Basic Segmented Algorithms for Brain Tumor Detection
 
H010414651
H010414651H010414651
H010414651
 

Similar to A1802030104

DATABASE SECURITY - ATTACKS AND CONTROL METHODS
DATABASE SECURITY - ATTACKS AND CONTROL METHODSDATABASE SECURITY - ATTACKS AND CONTROL METHODS
DATABASE SECURITY - ATTACKS AND CONTROL METHODSijistjournal
 
A Database System Security Framework
A Database System Security FrameworkA Database System Security Framework
A Database System Security FrameworkMaria Perkins
 
A DATABASE SYSTEM SECURITY FRAMEWORK
A DATABASE SYSTEM SECURITY FRAMEWORKA DATABASE SYSTEM SECURITY FRAMEWORK
A DATABASE SYSTEM SECURITY FRAMEWORKijcsit
 
IT 650 Principles of Database DesignProject Milestone – 5.docx
IT 650 Principles of Database DesignProject Milestone – 5.docxIT 650 Principles of Database DesignProject Milestone – 5.docx
IT 650 Principles of Database DesignProject Milestone – 5.docxpriestmanmable
 
Database Security—Concepts,Approaches, and ChallengesElisa
Database Security—Concepts,Approaches, and ChallengesElisaDatabase Security—Concepts,Approaches, and ChallengesElisa
Database Security—Concepts,Approaches, and ChallengesElisaOllieShoresna
 
Managing Data Strategically
Managing Data StrategicallyManaging Data Strategically
Managing Data StrategicallyMichael Findling
 
1639(pm proofreading)(tracked)
1639(pm proofreading)(tracked)1639(pm proofreading)(tracked)
1639(pm proofreading)(tracked)Aida Harun
 
Application Of A New Database Management System
Application Of A New Database Management SystemApplication Of A New Database Management System
Application Of A New Database Management SystemPamela Wright
 
Bca examination 2016 dbms
Bca examination 2016 dbmsBca examination 2016 dbms
Bca examination 2016 dbmsAnjaan Gajendra
 
Final review m score
Final review m scoreFinal review m score
Final review m scoreazhar4010
 
Locking Down Your Data: Best Practices for Database Security
Locking Down Your Data: Best Practices for Database SecurityLocking Down Your Data: Best Practices for Database Security
Locking Down Your Data: Best Practices for Database SecurityFredReynolds2
 
1. Chapter One.pdf
1. Chapter One.pdf1. Chapter One.pdf
1. Chapter One.pdffikadumola
 
Extending Information Security to Non-Production Environments
Extending Information Security to Non-Production EnvironmentsExtending Information Security to Non-Production Environments
Extending Information Security to Non-Production EnvironmentsLindaWatson19
 
History Of Database Technology
History Of Database TechnologyHistory Of Database Technology
History Of Database TechnologyJacqueline Thomas
 
Implementation of Matching Tree Technique for Online Record Linkage
Implementation of Matching Tree Technique for Online Record LinkageImplementation of Matching Tree Technique for Online Record Linkage
Implementation of Matching Tree Technique for Online Record LinkageIOSR Journals
 
Introduction-to-Databases.pptx
Introduction-to-Databases.pptxIntroduction-to-Databases.pptx
Introduction-to-Databases.pptxIvanDarrylLopez
 
Addressing Gaps in Your Cyber Security
Addressing Gaps in Your Cyber Security Addressing Gaps in Your Cyber Security
Addressing Gaps in Your Cyber Security NextLabs, Inc.
 

Similar to A1802030104 (20)

Database security
Database securityDatabase security
Database security
 
DATABASE SECURITY - ATTACKS AND CONTROL METHODS
DATABASE SECURITY - ATTACKS AND CONTROL METHODSDATABASE SECURITY - ATTACKS AND CONTROL METHODS
DATABASE SECURITY - ATTACKS AND CONTROL METHODS
 
Database security
Database securityDatabase security
Database security
 
A Database System Security Framework
A Database System Security FrameworkA Database System Security Framework
A Database System Security Framework
 
A DATABASE SYSTEM SECURITY FRAMEWORK
A DATABASE SYSTEM SECURITY FRAMEWORKA DATABASE SYSTEM SECURITY FRAMEWORK
A DATABASE SYSTEM SECURITY FRAMEWORK
 
IT 650 Principles of Database DesignProject Milestone – 5.docx
IT 650 Principles of Database DesignProject Milestone – 5.docxIT 650 Principles of Database DesignProject Milestone – 5.docx
IT 650 Principles of Database DesignProject Milestone – 5.docx
 
Database Security—Concepts,Approaches, and ChallengesElisa
Database Security—Concepts,Approaches, and ChallengesElisaDatabase Security—Concepts,Approaches, and ChallengesElisa
Database Security—Concepts,Approaches, and ChallengesElisa
 
Managing Data Strategically
Managing Data StrategicallyManaging Data Strategically
Managing Data Strategically
 
Wp security-data-safe
Wp security-data-safeWp security-data-safe
Wp security-data-safe
 
1639(pm proofreading)(tracked)
1639(pm proofreading)(tracked)1639(pm proofreading)(tracked)
1639(pm proofreading)(tracked)
 
Application Of A New Database Management System
Application Of A New Database Management SystemApplication Of A New Database Management System
Application Of A New Database Management System
 
Bca examination 2016 dbms
Bca examination 2016 dbmsBca examination 2016 dbms
Bca examination 2016 dbms
 
Final review m score
Final review m scoreFinal review m score
Final review m score
 
Locking Down Your Data: Best Practices for Database Security
Locking Down Your Data: Best Practices for Database SecurityLocking Down Your Data: Best Practices for Database Security
Locking Down Your Data: Best Practices for Database Security
 
1. Chapter One.pdf
1. Chapter One.pdf1. Chapter One.pdf
1. Chapter One.pdf
 
Extending Information Security to Non-Production Environments
Extending Information Security to Non-Production EnvironmentsExtending Information Security to Non-Production Environments
Extending Information Security to Non-Production Environments
 
History Of Database Technology
History Of Database TechnologyHistory Of Database Technology
History Of Database Technology
 
Implementation of Matching Tree Technique for Online Record Linkage
Implementation of Matching Tree Technique for Online Record LinkageImplementation of Matching Tree Technique for Online Record Linkage
Implementation of Matching Tree Technique for Online Record Linkage
 
Introduction-to-Databases.pptx
Introduction-to-Databases.pptxIntroduction-to-Databases.pptx
Introduction-to-Databases.pptx
 
Addressing Gaps in Your Cyber Security
Addressing Gaps in Your Cyber Security Addressing Gaps in Your Cyber Security
Addressing Gaps in Your Cyber Security
 

More from IOSR Journals

More from IOSR Journals (20)

A011140104
A011140104A011140104
A011140104
 
M0111397100
M0111397100M0111397100
M0111397100
 
L011138596
L011138596L011138596
L011138596
 
K011138084
K011138084K011138084
K011138084
 
J011137479
J011137479J011137479
J011137479
 
I011136673
I011136673I011136673
I011136673
 
G011134454
G011134454G011134454
G011134454
 
H011135565
H011135565H011135565
H011135565
 
F011134043
F011134043F011134043
F011134043
 
E011133639
E011133639E011133639
E011133639
 
D011132635
D011132635D011132635
D011132635
 
C011131925
C011131925C011131925
C011131925
 
B011130918
B011130918B011130918
B011130918
 
A011130108
A011130108A011130108
A011130108
 
I011125160
I011125160I011125160
I011125160
 
H011124050
H011124050H011124050
H011124050
 
G011123539
G011123539G011123539
G011123539
 
F011123134
F011123134F011123134
F011123134
 
E011122530
E011122530E011122530
E011122530
 
D011121524
D011121524D011121524
D011121524
 

Recently uploaded

#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 

Recently uploaded (20)

#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 

A1802030104

  • 1. IOSR Journal of Computer Engineering (IOSR-JCE) e-ISSN: 2278-0661,p-ISSN: 2278-8727, Volume 18, Issue 2, Ver. III (Mar-Apr. 2016), PP 01-04 www.iosrjournals.org DOI: 10.9790/0661-1802030104 www.iosrjournals.org 1 | Page Challenges to Data Base Security – A Futuristic View Rekha Ahirwar1 , Rashi Saxena2 , Pankaj Yadav3 1 (Department Of Computer Science, Lecture Govt. Polytechnic Katani (Mp) 2 (Department Of Computer Science, Lecture Govt. Polytechnic Katani (Mp) 3 (Department Of Information Technology, Lecture Indira Gandhi Govt. Engineering College Sagar (Mp) Abstract: In present scenario, database security is on prime consideration, for any organization because of its implementation and complex nature of system. It is generally associated with the dealing of retrieval of data from data base by various users. if all these retrievals are authentic then there is no problem unautenticity imposed creating threat & security is necessary issue for organization as well as if new internal user would be added then it also create serious threat which might be lead to security problem, this paper highlights main criteria of data base threat & how it can be mitigate or control to a permissible limit thereby we can safe our database. Key word: database security, data retrieval, miscofugered data, and sensitive data I. Introduction All organizations public, governmental or private, small or large| depend on computerized information systems for carrying out their daily activity. At the heart of each such information system, there is a database. At a very general level, we can de ne a database as a persistent collection of related data, where data are facts that have an implicit meaning. For instance, an employee's name, social security number, or date of birth is all facts that can be recorded in a database. Typically, a database is built to store logically interrelated data representing some aspects of the real world, which must be collected, processed, and made accessible to a given user population. The database is constructed according to a data model which defines the way in which data and interrelationships between them can be represented. The collection of software programs that pro-vide the functionalities for defining, maintaining, and accessing data stored in a database is called a database management system (DBMS).Beside access and processing functionalities, each DBMS must also provide security functionalities to ensure the secrecy, integrity, and availability of the stored data [3]. Providing secrecy means providing secrecy means ensuring that data will not be disclosed to unauthorized users. Providing integrity means ensuring that data will not be modified in an unauthorized or improper way. In particular, integrity ensures that the stored data correctly reflect the real world. Providing availability means ensuring that the database will always be accessible by legitimate users for the accesses they are authorized for. The level of protection is required to fulfill the security purpose consists following clause. Protection level: - A DBMS usually needs to protect data at a fine granularity level Object differences there is a greater variety of object types in a DBMS than in an operating system. The typical object type in an operating system is a file; in a DBMS there can be relations (tables), tuples (rows within a table), attributes (columns within a table), indexes, metadata, and others. Data interrelationships: - A database may include many logical objects with complex semantic interrelationships that must be protected. By contrast, the number of physical objects that the operating system protects is less and no semantic interrelationships are supported. Dynamic versus static objects: - Data objects in a DBMS can be obtained by dynamically aggregating data from different physical objects in an operating system. By contrast, less tend to be more static making their protection easier. Lifetime of data: - The lifetime and frequency of access of data in a DBMS is quite different than the lifetime of data stored as les in an operating system. User views of data While in an operating system, users are either granted or denied access to data ( les), in a DBMS it is possible to give access to a portion of an object by defining different views for different users. Because of these differences, it is clear that some security requirements is needed.
  • 2. Challenges to Data Base Security – A Futuristic View DOI: 10.9790/0661-1802030104 www.iosrjournals.org 2 | Page Database security problem clauses: - following are important clauses under which data base security is important issue. 1- Exploitation of Vulnerabilities and Mis-configured Databases 2- Limited Security Expertise and Education 3- Unmanaged Sensitive Data 4- Weak Audit Trail 5- Privilege Abuse Above these issue are associated with data base protection & industrial management is very aware for mitigation to fulfill the required purpose . Exploitation of Vulnerable, Misconfigured Databases It is common to find vulnerable and un-patched databases, or discover databases that still have default accounts and configuration parameters. Attackers know how to exploit these vulnerabilities to launch attacks against your organization. Unfortunately, organizations often struggle to stay on top of maintaining database configurations even when patches are available. Typical issues include high workloads and mounting backlogs for the associated Database administrators, complex and time-consuming requirements for testing patches, and the challenge of finding a maintenance window to take down and work on what is often classified as a business- critical system. The net result is that it generally takes organizations months to patch databases, during which time they remain vulnerable. Limited Security Expertise and Education Internal security controls are not keeping pace with data growth and many organizations are ill- equipped to deal with a security breach. Often this is due to the lack of expertise required to implement security controls, enforce policies, or conduct incident response processes. According to the Ponemon Institute 2014 Cost of Data Breach Study, for 30 percent of data breach incidents, the main root cause was classified as the ―human factor‖—in other words, a Negligent employee or contractor. Unmanaged Sensitive Data Many companies struggle to maintain an accurate inventory of their databases and the critical data objects contained within them. Forgotten databases may contain sensitive information, and new databases can emerge—e.g., in application testing environments—without visibility to the security team. Sensitive data in these databases will be exposed to threats if the required controls and permissions are not implemented. Weak Audit Trail Automated recording of database transactions involving sensitive data should be part of any database deployment. Failure to collect detailed audit records of database activity represents a serious organizational risk on many levels. Organizations with weak (or sometimes non-existent) database audit mechanisms will increasingly find that they are at odds with industry and government regulatory requirements. For example, Sarbanes-Oxley (SOX), which protects against accounting errors and fraudulent practices, and the Healthcare Information Portability and Accountability Act (HIPAA) in the healthcare sector, are just two examples of regulations with clear database audit requirements. Many enterprises will turn to native audit tools provided by their database vendors or rely on ad-hoc and manual solutions. These approaches do not record details necessary to support auditing, attack detection, and forensics. Furthermore, native database audit mechanisms are notorious for consuming CPU and disk resources forcing many organizations to scale back or eliminate auditing altogether. Finally, most native audit mechanisms are unique to a database server platform. For example, Oracle logs are different from MS-SQL, and MS-SQL logs are different form DB2. For organizations with heterogeneous database environments, this imposes a significant obstacle to implementing uniform, scalable audit processes. When users access the database via enterprise web applications (such as SAP, Oracle E- Business Suite, or PeopleSoft) it can be challenging to understand which database access activity relates to a specific user. Most audit mechanisms have no awareness of who the end user is because all activity is associated with the web application account name. Reporting, visibility, and forensic analysis are hampered because there is no link to the responsible user. Finally, users with administrative access to the database, either legitimately or maliciously obtained, can turn off native database auditing to hide fraudulent activity. Audit capabilities and responsibilities should ideally be separate from both database administrators and the database server platform to ensure strong separation of duties policies. Privilege Abuse Users may abuse legitimate database privileges for unauthorized purposes. Consider an internal healthcare application used to view individual patient records via a custom web interface. The web application
  • 3. Challenges to Data Base Security – A Futuristic View DOI: 10.9790/0661-1802030104 www.iosrjournals.org 3 | Page normally limits users to viewing an individual patient’s healthcare history—multiple patient records cannot be viewed simultaneously and electronic copies are not allowed. However, a rogue user might be able to circumvent these restrictions by connecting to the database using an alternative client such as MS-Excel. Using Excel and their legitimate login credentials, the user could retrieve and save all patient records to their laptop. Once patient records reach a client machine, the data then becomes susceptible to a wide variety of possible breach scenarios. II. Mitigate Vulnerabilities If vulnerability is deleted and the database vendor hasn’t released a patch, a virtual patching solution should be used. Applying virtual patches will block attempts to exploit vulnerabilities without requiring actual patches or changes to the current configuration of the server. Virtual patching will protect the database from exploit attempts until the patch is deployed. Again, focus on patching high-risk vulnerabilities that can facilitate a DoS or input injection attack. III. Separation Of Duties Implement a DAP solution that delivers the performance, scalability, and flexibility to meet the needs of the most demanding environments. DAP solutions operate independently of database administrators, making it possible to separate audit duties from routine system administration. In addition, they operate independently of the database server and are invulnerable to privilege elevation attacks carried out by non-administrators IV. Cultivate Experienced Security Professionals To defend against a growing array of internal and external threats, hire information security personnel that are well versed in IT Security and have experience implementing, administering, and monitoring security solutions. Ongoing education and training are also important for growing deeper security knowledge and skills. Consider outside IT security and specialists to help with implementation, conduct security assessments and penetration tests, and provide training and support for your administrators. Educate Your Workforce Train your workforce on risk mitigation techniques including how to recognize common cyber threats (e.g. a spear-phishing attack), best practices around Internet and email usage, and password management. Failure to enforce training and create a ―security conscious ―work culture increases the chances of a security breach. The end result is well-informed users who are trained to securely function when connected Identify and Classify Sensitive Data Once you have constructed a catalog of databases, it is critical to understand which databases contain sensitive data. Scan the objects, rows, and columns of databases to pinpoint sensitive data. Use data classification solutions that are aware of data types such as credit cards, email addresses, and national identity numbers, and which enable users to add custom data types as well. Classification results should include the IP address and host name of the asset, and indicate the existence of sensitive data on that server. Automatically identifying sensitive data and personally identifiable information helps narrow the scope of security and compliance efforts. V. Real-Time Alerting And Blocking Monitor all database access activity and usage patterns in real time to detect data leakage, unauthorized SQL and Big Data transactions, and protocol and system attacks. When attempts to access unauthorized data occur, generate alerts or terminate the user session. Use a solution that leverages policies – both pre-defined and custom – that inspect database traffic to identify patterns that correspond to known attacks, such as DoS attacks, and unauthorized activities. Security policies are useful for not only detecting excessive privilege abuse by malicious, compromised, or dormant users, but also for preventing most of the other top ten database threats. Detect Unusual Access Activity Establish a comprehensive profile of each database user’s normal activity. Monitoring for deviations from these baselines enables detection of DoS, malware, input injection, and anomalous activities. If any user initiates an action that does not fit their profile, log the event, generate an alert or block the user. Creating activity-based user profiles increases the likelihood of detecting inappropriate access to sensitive data. VI. Data Protection Automate the long-term data archival processes. Use solutions that can be configured to periodically archive data to external mass storage systems. Data should be optionally compressed, encrypted, and signed
  • 4. Challenges to Data Base Security – A Futuristic View DOI: 10.9790/0661-1802030104 www.iosrjournals.org 4 | Page prior to archival. Encrypt sensitive data across heterogeneous database environments. This allows you to secure both production and backup copies of databases, then audit the activity of and control access to sensitive data from users who access databases at the operating system and storage tiers. By leveraging database auditing along with encryption, organizations can monitor and control users both inside and outside of the database. VII. Conclusion Database security is the greatest problem in present scenario , the above process is apply for protection which detecting the insecurity area of data & solution out line and its implementation in respect of threat can be protected the valuable sensitive data’s . Reference [1]. Burtescu, E. Problems of Inference in Databases in „Education, Research & Business Technologies―. The Proceeding of the 9th International Conference on Economic Informatics, INFOREC Printing House, Bucharest, 2009 [2]. Burtescu, E. Databse security, in „Knowledge Management. Projects, Systems and Technologies―, International Conference „Knowledge Management. Projects, Systems and Technologies―, Bucharest, November 9-10, 2006, INFOREC Printing House, Bucharest, 2006 [3]. Hsiao, S.B. and Stemp, R. Computer Security, course, CS 4601, Monterey, California, 1995 [4]. McCarthy, L. IT Security: Risking the Corporation, Prentice Hall PTR, 2003 [5]. Proctor, P.E. and Byrnes, F.C. The Secured Enterprise, Prentice Hall PTR, 2002 [6]. Security Complete, Second Edition, SYBEX Inc., 2002