Scribd
Upload
2 views

database security write up

The document discusses the importance of database security, emphasizing the need to protect sensitive data from unauthorized access, data breaches, and insider threats. It outlines various security risks to database systems, including malware infections and physical damage, and presents measures to enhance database security such as authentication, access control, and encryption. The presentation highlights the critical role of database security in maintaining data integrity and ensuring business continuity.

Uploaded by

Tapiwa Basera
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
2 views

database security write up

The document discusses the importance of database security, emphasizing the need to protect sensitive data from unauthorized access, data breaches, and insider threats. It outlines various security risks to database systems, including malware infections and physical damage, and presents measures to enhance database security such as authentication, access control, and encryption. The presentation highlights the critical role of database security in maintaining data integrity and ensuring business continuity.

Uploaded by

Tapiwa Basera
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 4

SCHOOL OF NATURAL SCIENCES

DEPARTMENT OF COMPUTER SCIENCE AND MATHEMATICS

MODULE TITLE: COMPUTER SECURITY


MODULE CODE: HCS219
PROGRAM: BCS IN COMPUTER SCIENCE

DATABASE SECURITY PRESENTATATION


BY: BHASERA TAPIWA M226051
TAKURANASHE SITHOLE M224488
GIBSON TIZIRAI M227233
SMILE SINYORO M171044
DANMORE CHINEFU M232007
MASHAYA TAPIWA M231207
Introduction to Database Security

Database security basically refers to the measures taken to protect databases, their contents, and
their users against unauthorized access, misuse, corruption, or loss. It's a critical aspect of
computer security, especially considering the sensitive and valuable nature of the data stored
within databases.

Importance of Database Security


• data protection- database security is to protects these valuable data or data that is in the
database from unauthorized access, theft, or even corruption, which can have severe
consequences for the organization
• Prevention of Data Breaches: Data breaches can have severe consequences, including
financial losses, reputational damage, and legal liabilities. Securing databases against
external threats such as hackers, malware, and phishing attacks is essential to prevent
unauthorized access and data breaches.
• Maintenance of Data Integrity: Data integrity refers to the accuracy, consistency, and
reliability of data stored in a database. Unauthorized modifications, deletions, or
tampering with data can compromise its integrity and lead to incorrect decisions or
actions based on the data. Database security measures such as encryption, access
controls, and audit trails help maintain data integrity and ensure the reliability of
information
• Ensuring Business Continuity: Databases are critical assets for organizations, supporting
essential business operations and applications. Any disruption to database services,
whether due to security incidents, hardware failures, or natural disasters, can have a
significant impact on business continuity. Implementing security measures such as
backups, disaster recovery plans, and redundancy helps ensure the availability and
resilience of database systems.
• Mitigation of Insider Threats: Insider threats, whether intentional or unintentional, pose a
significant risk to database security. Employees or trusted individuals with privileged
access to databases may misuse their privileges, intentionally leak sensitive information,
or inadvertently expose data to unauthorized parties. Implementing access controls,
monitoring systems, and regular audits helps mitigate insider threats.

Security risks to database systems

 Unauthorized or unintended activity or misuse by authorized database users, database


administrators, or network/systems managers, or by unauthorized users or hackers
(e.g. inappropriate access to sensitive data, metadata or functions within databases, or
inappropriate changes to the database programs, structures or security
configurations);
 Malware infections causing incidents such as unauthorized access, leakage or
disclosure of personal or proprietary data, deletion of or damage to the data or
programs, interruption or denial of authorized access to the database, attacks on other
systems and the unanticipated failure of database services;
 Overloads, performance constraints and capacity issues resulting in the inability of
authorized users to use databases as intended;
 Physical damage to database servers caused by computer room fires or floods,
overheating, lightning, accidental liquid spills, static discharge, electronic
breakdowns/equipment failures and obsolescence;
 Design flaws and programming bugs in databases and the associated programs and
systems, creating various security vulnerabilities (e.g. unauthorized privilege
escalation), data loss/corruption, performance degradation etc.;
 Data corruption and/or loss caused by the entry of invalid data or commands,
mistakes in database or system administration processes, sabotage/criminal damage
etc.

Measures to database Security

1. Authentication
2. Access control
3. Inference control
4. Flow control
5. Database Security applying Statistical Method
6. Encryption
1. Authentication:
Authentication is the process of confirmation that whether the user log in only
according to the rights provided to him to perform the activities of data base. A
particular user can login only up to his privilege but he can’t access the other
sensitive data. The privilege of accessing sensitive data is restricted by using
Authentication.
By using these authentication tools for biometrics such as retina and figure prints can
prevent the data base from unauthorized/malicious users.
2. AccessControl:
The security mechanism of DBMS must include some provisions for restricting
access to the data base by unauthorized users. Access control is done by creating user
accounts and to control login process by the DBMS. So, that database access of
sensitive data is possible only to those people (database users) who are allowed to
access such data and to restrict access to unauthorized persons.
The database system must also keep the track of all operations performed by certain
user throughout the entire login time.
3. InferenceControl:
This method is known as the countermeasures to statistical database security problem.
It is used to prevent the user from completing any inference channel. This method
protect sensitive information from indirect disclosure.
Inferences are of two types, identity disclosure or attribute disclosure.
4. FlowControl:
This prevents information from flowing in a way that it reaches unauthorized users.
Channels are the pathways for information to flow implicitly in ways that violate the
privacy policy of a company are called convert channels.
5. DatabaseSecurityapplyingStatisticalMethod:
Statistical database security focuses on the protection of confidential individual
values stored in and used for statistical purposes and used to retrieve the summaries
of values based on categories. They do not permit to retrieve the individual
information.
This allows to access the database to get statistical information about the number of
employees in the company but not to access the detailed confidential/personal
information about the specific individual employee.
6. Encryption:
This method is mainly used to protect sensitive data (such as credit card numbers,
OTP numbers) and other sensitive numbers. The data is encoded using some
encoding algorithms.
An unauthorized user who tries to access this encoded data will face difficulty in
decoding it, but authorized users are given decoding keys to decode data.

You might also like