Database Security

Introduction
Database:
It is a collection Of information stored in a Computer.
What is Security ?
It is being free from danger.
Database security
It is mechanism that protect the database
against intentional or accidental threats.
 Why need of database Security?

If there is no security to database What Happens ???

Data will be easily corrupted

It is important to restrict access to the database from

authorized users to protect sensitive data.
Main aspects of database security

Theft and Fraud

Loss of confidentiality
Loss of privacy
Loss of integrity
Loss of availability
 Threats

Threat is
any intentional or accidental event that may
adversely affect the system
Examples of threats:
- Using another person’s log-in name to
access data
- Unauthorized copying data
- Program/Data alteration
- Illegal entry by hacker
-Viruses
 There are two kinds of threat
Non-fraudulent threat:
 Natural or accidental disasters
 Error or bugs in hardware or software.
 Human errors
Fraudulent threat.
Authorized Users
Those who abuse their authority.
Hostile agents
Those improper users(outsider or insiders).
Who attack the software and hardware system, or read or write data in a database.
 Loss of confidentiality

It is protecting data from unauthorized users.

Ensures that the users are allowed to do things they
are trying to do.
Encryption is a technique or a process by which the
data is encoded in such a way that only that
authorized users are able to read data.
 Loss of integrity
It is protecting data from unauthorized users.
Ensures that what users are trying to do is
correct.
For example
An employee should be able to modify his or her own information
 Loss of availability
Database must have not unplanned downtime.
To ensure this following steps should be taken.
Restrict the amount of the storage space given to each user in
the database.
Limit the number of concurrent sessions made available to
each database user.
Back up the data at periodic intervals to ensure data recovery
in case of application users.
 Countermeasures

Computer-Based Controls:
- Authorization
-Views
- Backup and Recovery
- Integrity
- Encryption
- RAID Technology
 Authorization

The granting of a privilege that enable a user to have

a legitimate
access to a system.
They are sometimes referred as access controls.
The process of authorization involves authenticating
the user
requesting access to objects.
 Authenticating

A system administrator is responsible

for allowing users to have
access to the system by creating
individual user accounts.
 Closed Vs Open Systems

Closed Systems:
Some DBMS required authorization for authorized DBMS users
to access specific objects.
Open Systems:
Allow users to have complete access to all objects within the
database.
 Views
The view mechanism provides a powerful and flexible security
mechanism by hiding parts of the database from certain
users.
The user is not aware of the existence of any
attributes or rows
that are missing from the view
 Backup & Recovery

Is the process of periodically taking a

copy of the database and log
file on to offline storage media.
DBMS should provide backup facilities to
assist with the recovery
of a database failure.
 Integrity

Maintaining a secure database

system by preventing data
from
becoming invalid.
 Encryption
The encoding of data by a special
algorithm that renders the data
unreadable by any program without the
decryption key.
It also protects the data transmitted over
communication lines.
 RAID
Redundant Array of Independent Disks

The hardware that the DBMS is running on must be fault-tolerant,

meaning that the DBMS should continue to operate even if one
of the hardware components fails.

One solution is the use of RAID technology.

RAID works on having a large disk array comprising an

arrangement of several independent disks that are organized to
improve reliability and at the same time increase performance.