what is security of database system
how we can handle database security
how database security can be check
what are the countermeasures of database security
Overview To Database Security.
What is Database Security
Why need of database security.
Concepts of Database Security.
Security Problems
Security Controls
In today’s world, we need everything secured whether it is your mobile phone , computer , vehicle or almost anything.
What is database security?
Database
It is a collection of information stored in a computer.
Security:
It is being free from danger.
Database Security:
It is the mechanisms that protect the database against intentional or accidental threats.
Database Security is defined as the process by which “Confidentiality,
Integrity and Availability” of the database can be protected
Why need of database security?If there is no security to database what happens???
Data will be easily corrupted
It is important to restrict access to the database from authorized users to protect sensitive data.
Concepts of Database SecurityThree are 3 main aspects
Secrecy or Confidentiality
Integrity
Availability
SECRECY /It is protecting the database from unauthorized users.
Ensures that users are allowed to do the things they are trying to do.
Encryption is a technique or a process by which the data is encoded in such a way that only that authorized users are able to read the data.
INTEGRITYProtecting the database from authorized users.
Ensures that what users are trying to do is correct.
For examples,
An employee should be able to modify his or her own information.
AVAILABILITYDatabase must have not unplanned downtime.
To ensure this ,following steps should be taken
Restrict the amount of the storage space given to each user in the database.
Limit the number of concurrent sessions made available to each
database user.
Back up the data at periodic intervals to ensure data recovery in case of application users.
Database security is an important topic in DBMS course. This is my group presentation of this course. We discus three are security aspects, security problems, security controls, database and firewall.
Overview To Database Security.
What is Database Security
Why need of database security.
Concepts of Database Security.
Security Problems
Security Controls
In today’s world, we need everything secured whether it is your mobile phone , computer , vehicle or almost anything.
What is database security?
Database
It is a collection of information stored in a computer.
Security:
It is being free from danger.
Database Security:
It is the mechanisms that protect the database against intentional or accidental threats.
Database Security is defined as the process by which “Confidentiality,
Integrity and Availability” of the database can be protected
Why need of database security?If there is no security to database what happens???
Data will be easily corrupted
It is important to restrict access to the database from authorized users to protect sensitive data.
Concepts of Database SecurityThree are 3 main aspects
Secrecy or Confidentiality
Integrity
Availability
SECRECY /It is protecting the database from unauthorized users.
Ensures that users are allowed to do the things they are trying to do.
Encryption is a technique or a process by which the data is encoded in such a way that only that authorized users are able to read the data.
INTEGRITYProtecting the database from authorized users.
Ensures that what users are trying to do is correct.
For examples,
An employee should be able to modify his or her own information.
AVAILABILITYDatabase must have not unplanned downtime.
To ensure this ,following steps should be taken
Restrict the amount of the storage space given to each user in the database.
Limit the number of concurrent sessions made available to each
database user.
Back up the data at periodic intervals to ensure data recovery in case of application users.
Database security is an important topic in DBMS course. This is my group presentation of this course. We discus three are security aspects, security problems, security controls, database and firewall.
File based Approach is a traditional approach of collecting and storing data.This presentation outlines what a file based approach is, its disadvantages and an alternative approach to it.
To see more presentations on various interesting topics and to get notes for Computer visit my blog : https://aviyalpresentations.wordpress.com/
DBMS Vs TRADITIONAL FILES COMPARISON, DBMS ADVANTAGES AND DISADVANTAGES, CLASSIC FILE BASED SYSTEM, ADVANTAGES AND DISADVANTAGES OF CLASSICAL TECHNIQUE
Slides present data and information system. In any information system security and integrity is the prime concern. How we can make sure stored data is more secure and generated information should be accurate, reliable and consistent.
● Distributed Database Management Systems Advantages and Disadvantages.
● Characteristics of Distributed Database Management Systems.
● Levels of Data and Process Distribution.
● Distributed Database Transparency Features.
● Transaction Performance and Failure Transparency.
File based Approach is a traditional approach of collecting and storing data.This presentation outlines what a file based approach is, its disadvantages and an alternative approach to it.
To see more presentations on various interesting topics and to get notes for Computer visit my blog : https://aviyalpresentations.wordpress.com/
DBMS Vs TRADITIONAL FILES COMPARISON, DBMS ADVANTAGES AND DISADVANTAGES, CLASSIC FILE BASED SYSTEM, ADVANTAGES AND DISADVANTAGES OF CLASSICAL TECHNIQUE
Slides present data and information system. In any information system security and integrity is the prime concern. How we can make sure stored data is more secure and generated information should be accurate, reliable and consistent.
● Distributed Database Management Systems Advantages and Disadvantages.
● Characteristics of Distributed Database Management Systems.
● Levels of Data and Process Distribution.
● Distributed Database Transparency Features.
● Transaction Performance and Failure Transparency.
security concepts ,goals of computer security , problem and requirements ,identifying the assets ,identifying the threats, identifying the impacts, vulnerability ,user authentication ,security system and facilities ,system access control , password management ,privileged user management ,user account management ,data resource protection, sensitive system protection ,cryptography ,intrusion detection ,computer-security classification
Locking Down Your Data: Best Practices for Database SecurityFredReynolds2
Database security is a set of practices and technologies used to secure database management systems against malicious cyber-attacks and unauthorized access. Ensuring a database is intricate because it requires knowledge of multiple areas of information security, including application security, data security, and endpoint security.
Moreover, Database Security is the safeguarding of sensitive data and the prevention of data loss. Database Administrator (DBA) is responsible for ensuring database security.
Database security is a growing concern as the amount of sensitive data collected and retained in databases
is fast growing and most of these data are being made accessible via the internet. Majority of the companies, organizations and teaching and learning institutions store sensitive data in databases .As most of these data are electronically accessed , It can therefore be assumed that , the integrity of these numerous and sensitive data is prone to different kind of threat such as{Unauthorized access, theft as well access denial}. Therefore, the need for securing databases has also increased The primary objectives of database security are to prevent unauthorized access to data, prevent unauthorized tampering or modification of
data, and to also ensure that, these data remains available whenever needed. In this paper, we developed
a database security framework by combining different security mechanism on a sensitive students information database application designed for Shehu Shagari College of Education Sokoto (SSCOE) with the aim of minimizing and preventing the data from Confidentiality, Integrity and Availability threats
Security ConceptsDr. Y. ChuCIS3360 Security in Computing.docxbagotjesusa
Security Concepts
Dr. Y. Chu
CIS3360: Security in Computing
0R02
Spring 2018
1
Information
Textbook Chapter 1
Some of the slides and figures are from textbook slides distributed by Pearson
2
Computer Security Definition
The NIST Computer Security Handbook Definition
“The protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability and confidentiality of information system resources (includes hardware, software, firmware, information/data, and telecommunications).”
Key points:
Confidentiality, integrity and availability
Confidentiality:
Data confidentiality: confidential information is not disclosed to unauthorized parties
Privacy: personal information should not be collected by unauthorized personnel
Integrity:
Data integrity: information should not be changed by unauthorized parties
System integrity: systems perform as intended free of unauthorized manipulation
Availability:
Systems work promptly and service is not denied to authorized user.
Information resources: hardware, software, firmware, information/data, and telecommunications
3
National Institute of Standards and Technology
Computer Security Objectives
4
CIA triad
FIPS PUB 199 characterization
Confidentiality: Preserving authorized restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information. A loss of confidentiality is the unauthorized disclosure of information.
Integrity: Guarding against improper information modification or destruction, including ensuring information non-repudiation and authenticity. A loss of integrity is the unauthorized modification or destruction of information.
Availability: Ensuring timely and reliable access to and use of information. A loss of availability is the disruption of access to or use of information or an information system.
Federal Information Processing Standards
Computer Security Objectives
5
Additional concepts
Authenticity: verifying that users are who they say they are and that each input arriving at the system came from a trusted source.
Accountability: Systems must keep records of their activities to permit later forensic analysis to trace security breaches or to aid in transaction disputes.
Tools for Confidentiality
Encryption
Transform the information using a secrete so it is useful only to the intended recipient
Access Control
Rules and policies that limit access to confidential information
Authentication
Determine identity or role of a user
Authorization
Specify the access rights or privileges to resources
Physical Security
Use physical barriers to deny unauthorized access
For example, lock and security guards
6
Tools for Integrity
Backups
Periodic archiving of data.
Checksums
Computation of a function that maps the contents of a file to a numerical value
Data correcting codes
methods for storing data in such.
In this presentation we have covered the topic Data Security from the subject of Information Security. Where Data, Data Security, Security, Security Policy, Tools to secure data, Security Overview (Availability, Integrity, Authenticity, Confidentiality), Some myths and Dimensions of System Security and Security Issues are discussed.
A review of the growth of the Israel Genealogy Research Association Database Collection for the last 12 months. Our collection is now passed the 3 million mark and still growing. See which archives have contributed the most. See the different types of records we have, and which years have had records added. You can also see what we have for the future.
A Strategic Approach: GenAI in EducationPeter Windle
Artificial Intelligence (AI) technologies such as Generative AI, Image Generators and Large Language Models have had a dramatic impact on teaching, learning and assessment over the past 18 months. The most immediate threat AI posed was to Academic Integrity with Higher Education Institutes (HEIs) focusing their efforts on combating the use of GenAI in assessment. Guidelines were developed for staff and students, policies put in place too. Innovative educators have forged paths in the use of Generative AI for teaching, learning and assessments leading to pockets of transformation springing up across HEIs, often with little or no top-down guidance, support or direction.
This Gasta posits a strategic approach to integrating AI into HEIs to prepare staff, students and the curriculum for an evolving world and workplace. We will highlight the advantages of working with these technologies beyond the realm of teaching, learning and assessment by considering prompt engineering skills, industry impact, curriculum changes, and the need for staff upskilling. In contrast, not engaging strategically with Generative AI poses risks, including falling behind peers, missed opportunities and failing to ensure our graduates remain employable. The rapid evolution of AI technologies necessitates a proactive and strategic approach if we are to remain relevant.
বাংলাদেশের অর্থনৈতিক সমীক্ষা ২০২৪ [Bangladesh Economic Review 2024 Bangla.pdf] কম্পিউটার , ট্যাব ও স্মার্ট ফোন ভার্সন সহ সম্পূর্ণ বাংলা ই-বুক বা pdf বই " সুচিপত্র ...বুকমার্ক মেনু 🔖 ও হাইপার লিংক মেনু 📝👆 যুক্ত ..
আমাদের সবার জন্য খুব খুব গুরুত্বপূর্ণ একটি বই ..বিসিএস, ব্যাংক, ইউনিভার্সিটি ভর্তি ও যে কোন প্রতিযোগিতা মূলক পরীক্ষার জন্য এর খুব ইম্পরট্যান্ট একটি বিষয় ...তাছাড়া বাংলাদেশের সাম্প্রতিক যে কোন ডাটা বা তথ্য এই বইতে পাবেন ...
তাই একজন নাগরিক হিসাবে এই তথ্য গুলো আপনার জানা প্রয়োজন ...।
বিসিএস ও ব্যাংক এর লিখিত পরীক্ষা ...+এছাড়া মাধ্যমিক ও উচ্চমাধ্যমিকের স্টুডেন্টদের জন্য অনেক কাজে আসবে ...
Delivering Micro-Credentials in Technical and Vocational Education and TrainingAG2 Design
Explore how micro-credentials are transforming Technical and Vocational Education and Training (TVET) with this comprehensive slide deck. Discover what micro-credentials are, their importance in TVET, the advantages they offer, and the insights from industry experts. Additionally, learn about the top software applications available for creating and managing micro-credentials. This presentation also includes valuable resources and a discussion on the future of these specialised certifications.
For more detailed information on delivering micro-credentials in TVET, visit this https://tvettrainer.com/delivering-micro-credentials-in-tvet/
This presentation was provided by Steph Pollock of The American Psychological Association’s Journals Program, and Damita Snow, of The American Society of Civil Engineers (ASCE), for the initial session of NISO's 2024 Training Series "DEIA in the Scholarly Landscape." Session One: 'Setting Expectations: a DEIA Primer,' was held June 6, 2024.
MATATAG CURRICULUM: ASSESSING THE READINESS OF ELEM. PUBLIC SCHOOL TEACHERS I...NelTorrente
In this research, it concludes that while the readiness of teachers in Caloocan City to implement the MATATAG Curriculum is generally positive, targeted efforts in professional development, resource distribution, support networks, and comprehensive preparation can address the existing gaps and ensure successful curriculum implementation.
This presentation includes basic of PCOS their pathology and treatment and also Ayurveda correlation of PCOS and Ayurvedic line of treatment mentioned in classics.
The simplified electron and muon model, Oscillating Spacetime: The Foundation...RitikBhardwaj56
Discover the Simplified Electron and Muon Model: A New Wave-Based Approach to Understanding Particles delves into a groundbreaking theory that presents electrons and muons as rotating soliton waves within oscillating spacetime. Geared towards students, researchers, and science buffs, this book breaks down complex ideas into simple explanations. It covers topics such as electron waves, temporal dynamics, and the implications of this model on particle physics. With clear illustrations and easy-to-follow explanations, readers will gain a new outlook on the universe's fundamental nature.
2. Introduction
Database:
It is a collection Of information stored in a Computer.
What is Security ?
It is being free from danger.
Database security
It is mechanism that protect the database
against intentional or accidental threats.
3. Why need of database Security?
If there is no security to database What Happens ???
Data will be easily corrupted
It is important to restrict access to the database from
authorized users to protect sensitive data.
4.
5. Main aspects of database security
Theft and Fraud
Loss of confidentiality
Loss of privacy
Loss of integrity
Loss of availability
6. Threats
Threat is
any intentional or accidental event that may
adversely affect the system
Examples of threats:
- Using another person’s log-in name to
access data
- Unauthorized copying data
- Program/Data alteration
- Illegal entry by hacker
-Viruses
7. There are two kinds of threat
Non-fraudulent threat:
Natural or accidental disasters
Error or bugs in hardware or software.
Human errors
Fraudulent threat.
Authorized Users
Those who abuse their authority.
Hostile agents
Those improper users(outsider or insiders).
Who attack the software and hardware system, or read or write data in a database.
8. Loss of confidentiality
It is protecting data from unauthorized users.
Ensures that the users are allowed to do things they
are trying to do.
Encryption is a technique or a process by which the
data is encoded in such a way that only that
authorized users are able to read data.
9. Loss of integrity
It is protecting data from unauthorized users.
Ensures that what users are trying to do is
correct.
For example
An employee should be able to modify his or her own information
10. Loss of availability
Database must have not unplanned downtime.
To ensure this following steps should be taken.
Restrict the amount of the storage space given to each user in
the database.
Limit the number of concurrent sessions made available to
each database user.
Back up the data at periodic intervals to ensure data recovery
in case of application users.
12. Authorization
The granting of a privilege that enable a user to have
a legitimate
access to a system.
They are sometimes referred as access controls.
The process of authorization involves authenticating
the user
requesting access to objects.
14. Closed Vs Open Systems
Closed Systems:
Some DBMS required authorization for authorized DBMS users
to access specific objects.
Open Systems:
Allow users to have complete access to all objects within the
database.
15. Views
The view mechanism provides a powerful and flexible security
mechanism by hiding parts of the database from certain
users.
The user is not aware of the existence of any
attributes or rows
that are missing from the view
16. Backup & Recovery
Is the process of periodically taking a
copy of the database and log
file on to offline storage media.
DBMS should provide backup facilities to
assist with the recovery
of a database failure.
18. Encryption
The encoding of data by a special
algorithm that renders the data
unreadable by any program without the
decryption key.
It also protects the data transmitted over
communication lines.
19. RAID
Redundant Array of Independent Disks
The hardware that the DBMS is running on must be fault-tolerant,
meaning that the DBMS should continue to operate even if one
of the hardware components fails.
One solution is the use of RAID technology.
RAID works on having a large disk array comprising an
arrangement of several independent disks that are organized to
improve reliability and at the same time increase performance.