Database security is the system, processes, and procedures that protect a database from unintended activity. Databases are often store data which is sensitive in nature. Incorrect data or loss of data could negatively affect business operations. Besides that, databases can be used as bases to attack other systems. A good database security management system should possess the following features:
Ø Sharable among different users and applications.
Ø Valid or correct with respect to the real world entity that they represent.
Ø Protected from unauthorized access and be secure.
Ø Consistency of the data should be maintained.
Ø Should be non- redundant.
Ø Data should be independent of the applications.
There are four levels of enforcing database security which are physical security, operating system security, operating system security, DBMS security, and data encryption. However, the first three levels cannot provide a totally satisfactory solution to the database problems. These 3 levels database security hard to control disclosure of raw data, invalid to control disclosure of sensitive data, hard to control disclosure of confidential data in a distributed database system, and hard to verify that the origin of data item is authentic. To solve these problems is to using encryption methods to enforce database security.
6 basic security requirements are physical database integrity, logical database integrity, element integrity, access control, user authentication, and availability. To protect the database integrity, back up can be used. DBMS maintains element integrity in three ways which are field check, access control, and change log. We need audit record to help to maintain the integrity of database or discover who had affected what values and when. It enables users to build up access to protected data incrementally. For redundancy and internal consistency, there have error detection and correction code, shadow fields, recovery, concurrency/consistency, and monitors.
Sensitive data mean data that should not be made public. Factors that make data sensitive are inherently sensitive, from a sensitive source, declared sensitive, of a sensitive attribute or record, and sensitive in relation to previously disclosed information. The types of disclosure are exact data, bounds, negative result, existence, and probable value. The three basic paths to controlling the inference problem are suppress obviously sensitive information, track what the user knows and disguise the data.
No comments :
Post a Comment