International Journal of Computational Intelligence and Information Security, March 2014 Vol. 5, No. 2 ISSN: 1837-7823
Implementing I&A in Multilayer Checkpoints for DB Security
Nooruldeen Nasih Qader
University of Sulaimani, Computer Science Department firstname.lastname@example.org
Multilayer Checkpoints for DB Security (MLC-DBS) is an application to protect sensitive data. Database (DB) has different vulnerabilities, but peoples still have no choice to store their own data in DB systems, so the need to secure DB systems remains a live area of research due to the significant role of DB on modern life and progresses of malicious techniques to crack the DB. Although many methods of I&A exist, the tradition method (e.g., password) stills the most common method for I&A due to its easiness and familiarity. On the other hand, users practice insecure behaviors in using of PW. Thus, PW considers the weakest link in authentication mechanism, but it could be efficient if selected intelligently and managed properly. Therefore, we should improving PW characteristics and combing it with other methods. However, a PW should be both easy to remember but difficult to guess. Practically most users do not understand security issues. To obtain secure system, information systems should help users implementing techniques for improving techniques. MLC-DBS is differs from multilevel security for DB; the first is general and the second is concerned only with authorization layer. For most security systems, Identification and Authentication (I&A) are in the first layer of defense. In this paper I applied two methods of I&A layer in MLC-DBS. The result shows that the utilized I&A method is flexible and could be configured based on the implementing circumstances. The power of MLC-DBS is, it could be the best choices for securing some DB (e.g., Flash memory DB, small DB, NoSQL DB, Serverless DB).
database, security, Identification, Authentication, Multilevel, Layer, Encryption, Password.
MLC-DBS is an application to protect sensitive data. DB has different vulnerabilities, but peoples still have no choice to store their own data in DB systems, so the need to secure DB systems becomes an important issue. DB security remains a live area of research due to the significant role of DB on modern life and progress of malicious techniques to crack the DB. Different approaches adopted to secure DB. An MLC - DBS system may be the best under specific circumstances . MLC-DBS is differs from multilevel security for DB in logical viewpoint and in the mechanism. MLC-DBS Addresses applying different security layers to prevent unauthorized user to access the DB, But multilevel security for DB addresses the natural expectation that users at different levels should be able to use the same DB, with each seeing only that data for which he has appropriate authorization, and users with different authorizations sharing some data . Thus, multilevel security is a forcing special arrangement between subjects and objects; the work area of multilevel security is the authorization layer, while MLC-DBS is using general techniques of information security and forcing lawyers to prevent intruder [2, 13, 18]. The established MLC-DBS implies following layers: I&A, encryption, decryption, digital signature (i.e., digests) and data type validation have been used to maintain DB integrity, audit trail, intrusion detection system, notification system, and DB backup. As well as MLC-DBS involve the creation and manipulation of DB. Manipulations include encryption and decryption of data, tables' names, and fields' names . Although there are currently many forms of authentication methods, the most common method for authentication is the combination of user ID (identification) and password (authentication). A recent study shows that users practice insecure behaviors in the utilization of passwords (PW). Therefore, most systems enforce users to select strength PW . In this paper, we focus on I&A layer starting from some diagrams illustrate the design of MLC-DBS system, including the general MLC-DBS diagram, and authentication diagram. Here, I use two methods of authentication: the first I&A method is based on something that user knows (i.e., PW), the second I&A is based on something that user has, where the Serial Number (SN) of USB Flash memory and CPU (also, SN, of BIOS, mother board, and hard disk could be used) are utilized. Once the authentication test procedure result is