Data is a valuable entity that must have to be firmly handled and managed as with any economic resource. So some part or all of the commercial data may have tactical importance to their respective organization and hence must have to be kept protected and confidential. In this chapter, you will learn about the scope of database security. There is a range of computer-based controls that are offered as countermeasures to these threats.
What is Database Security?
Database security is the technique that protects and secures the database against intentional or accidental threats. Security concerns will be relevant not only to the data resides in an organization's database: the breaking of security may harm other parts of the system, which may ultimately affect the database structure. Consequently, database security includes hardware parts, software parts, human resources, and data. To efficiently do the uses of security needs appropriate controls, which are distinct in a specific mission and purpose for the system. The requirement for getting proper security while often having been neglected or overlooked in the past days; is now more and more thoroughly checked by the different organizations.
We consider database security about the following situations:
- Theft and fraudulent.
- Loss of confidentiality or secrecy.
- Loss of data privacy.
- Loss of data integrity.
- Loss of availability of data.
These listed circumstances mostly signify the areas in which the organization should focus on reducing the risk that is the chance of incurring loss or damage to data within a database. In some conditions, these areas are directly related such that an activity that leads to a loss in one area may also lead to a loss in another since all of the data within an organization are interconnected.
What is a Threat?
Any situation or event, whether intentionally or incidentally, can cause damage, which can reflect an adverse effect on the database structure and, consequently, the organization. A threat may occur by a situation or event involving a person or the action or situations that are probably to bring harm to an organization and its database.
The degree that an organization undergoes as a result of a threat's following which depends upon some aspects, such as the existence of countermeasures and contingency plans. Let us take an example where you have a hardware failure that occurs corrupting secondary storage; all processing activity must cease until the problem is resolved.
The different forms of countermeasure to threats on computer systems range from physical controls to managerial procedures. In spite of the range of computer-based controls that are preexisting, it is worth noting that, usually, the security of a DBMS is merely as good as that of the operating system, due to the close association among them.
Most of the computer-based database security are listed below:
- Access authorization.
- Access controls.
- Backup and recovery of data.
- Data integrity.
- Encryption of data.
- RAID technology.
What is Access Controls?
The usual way of supplying access controls to a database system is dependent on the granting and revoking of privileges within the database. A privilege allows a user to create or access some database object or to run some specific DBMS utilities. Privileges are granted users to achieve the tasks required for those jobs.
The database provides various types of access controls:
- Discretionary Access Control (DAC)
- Mandatory Access Control (MAC)
Backup and Recovery
Every Database Management System should offer backup facilities to help with the recovery of a database after a failure. It is always suitable to make backup copies of the database and log files at the regular period and for ensuring that the copies are in a secure location. In the event of a failure that renders the database unusable, the backup copy and the details captured in the log file are used to restore the database to the latest possible consistent state.