Database Security
Database
security is the technique that protects and secures the database against
intentional or accidental threats.
Security
concerns will be relevant not only to the data resides in an organization's
database: the breaking of security may harm other parts of the system which may
ultimately affect the database structure
Threats
in a Database
- Availability loss − Availability loss refers to non-availability of
database objects by legitimate users.
- Integrity loss − Integrity loss occurs when unacceptable
operations are performed upon the database either accidentally or
maliciously. This may happen while creating, inserting, updating or
deleting data. It results in corrupted data leading to incorrect
decisions.
- Confidentiality loss − Confidentiality loss occurs due to unauthorized
or unintentional disclosure of confidential information. It may result in
illegal actions, security threats and loss in public confidence.
Measures
of Control
The
measures of control can be broadly divided into the following categories −
- Access Control − Access control includes security mechanisms in
a database management system to protect against unauthorized access. A
user can gain access to the database after clearing the login process
through only valid user accounts. Each user account is password protected.
- Flow Control − Distributed systems encompass a lot of data
flow from one site to another and also within a site. Flow control
prevents data from being transferred in such a way that it can be accessed
by unauthorized agents. A flow policy lists out the channels through which
information can flow. It also defines security classes for data as well as
transactions.
- Data Encryption − Data encryption refers to coding data when
sensitive data is to be communicated over public channels. Even if an
unauthorized agent gains access of the data, he cannot understand it since
it is in an incomprehensible format.
No comments:
Post a Comment