Database security refers to protecting a database from illegitimate use and cyber threats. It aims to secure the data, database management system, and any applications accessing the database from intrusion, misuse of data, and damage. There are three main aspects of database security - confidentiality or secrecy to protect from unauthorized users, integrity to ensure authorized users can only perform allowed actions, and availability to prevent unplanned downtime and ensure data recovery. Common security threats include stolen database backups containing sensitive data, SQL injections allowing hackers to alter records, data leaks releasing private information, and non-fraudulent threats like human errors, hardware bugs, or natural disasters. Methods of securing databases include authorization with privileges and views, encryption, authentication with passwords

1. D A T A B A S E
S E C U R I T Y
P R E S E N T E D B Y : M D . K A M R U Z Z A M A N
I N T A K E : 5 0
S E C T I O N : 0 6
I D : 2 2 2 3 4 1 0 3 1 6 7

2. A D ATA B A S E I S A C O L L E C T I O N O F I N F O R M AT I O N T H AT I S
O R G A N I Z E D S O T H AT C A N E A S I LY B E A C C E S S E D ,
M A N A G E D A N D U P D AT E .
Database Security:
Database:
I T I S D E G R E E T O W H I C H A L L D ATA I S F U L LY P R O T E C T E D
F R O M TA M P E R I N G A N D U N A U T H O R I Z E D A C T S .

3. DATABASE
SECURITY:
• • Database security refers to the
collective measures used to protect and
secure a database or database
management software from illegitimate
use and malicious cyber threats and
attacks.
• • Database security procedures are
aimed at protecting not just the data
inside the database, but the database
management system and all the
applications that access it from intrusion,
misuse of data, and damage.

4. WE CONSIDER DATABASE
SECURITY ABOUT THE
FOLLOWING SITUATIONS:
• • Theft and fraudulent.
• • Loss of confidentiality or secrecy.
• • Loss of data privacy.
• • Loss of data integrity.
• • Loss of availability of data

5. • ASPECTS IN DATABASE
• There are three main aspects in a database:
•
• • Confidentiality or Secrecy
• • Integrity
• • Availability
Confidentiali
ty or Secrecy Integrity
Availability

6. INTEGRITY
• Protecting the database from authorized user.
• Ensure that what user are trying to do is allowed or not.
For Example: . An employee should be able to modify his
or her own information.
SECRECY OR
CONFIDENTIALIT
Y
• It is protecting the
database from
unauthorized
users.
• Ensure that users
can do things they
are trying to do.
Encryption: • Encryption is a
technique or a
process by which
data is encoded in
such a way that
only that authorized
user can read the
data

7. • AVAILABILITY:
• • Database must have not unplanned downtime.
• • To ensure this, the following steps should be taken
• • Restrict the amount of storage space given to each
user In the database
• • Limit the number of concurrent sessions made
available to each database user.
• • Back up the data at periodic intervals to ensure
data recovery in case of application users.no

8. Security Problems Any
circumstance or event with the
potential to adversely impact and
is through unauthorized access,
destruction, disclosure,
modification of data, or denial of
service. Many issues can arise in
database security.
1 Stolen Database Backups 2 SQL Injections
3 Data Leaks 4 Non Fraudulent Threat

9. • 1 Stolen Database Backups People regularly take backups of their
valuable data. Its benefit is that it contains a copy of our data, but that is
also a big problem. Mostly focus is on securing the data in the database
but when it comes to backup, many start to get less concerned. The
backups contain the same sensitive data and therefore we have to protect
them the same way. Anyone that can get a hold of a backup file can just
restore the database on one of their own servers, and go about dissecting
the sensitive data within it undisturbed.
• 2 SQL Injections This is a type of attack that hackers use. Hackers
identify vulnerable, SQL driven websites and inject malicious SQL queries
via input data. A malicious SQL query is validated and the command is
executed by the database. Then the hacker is granted access to view and
alter records or potentially act as database administration.
• 3 Data Leaks A Data Leak can involve information leakage, also known
as exfiltration; unauthorized copying or transmission of data, without
affecting the source data. Data leak is the release of sensitive,
confidential, or protected data to an untrusted environment. It can occur as
a result of a hacker attack, an inside job by individuals currently or
previously employed by an organization, or unintentional loss or exposure
of data.
• 4 Non Fraudulent Threat This might include certain factors;
• • Natural or accidental disasters
• • Human or bug in hardware or software
• • Human errors SQL-driven

10. METHODS OF SECURING THE DATABASE
Authorization - privileges, views.
➤ Encryption - public key / private key, secure
sockets.
➤ Authentication-passwords.
Logical firewalls, net proxies.

11. • DATABASE FIREWALL
• Database Firewalls are a type of Web Application Firewalls
that monitor databases to identify and protect against database-
specific attacks.
• Purpose:- It mostly seeks to access sensitive information
stored in the databases.
• SECURITY OF THE DATABASE THROUGH
ABSTRACTION:
• Data encryption enables to encrypt of sensitive data, such
as credit card numbers, stored in table columns. Encrypted data
is decrypted for a database user who has access to the data.
Data encryption helps protect data stored on media if the
storage media or data file gets stolen.

12. T H A N K
Y O U