Database Security

Good Essays
In all businesses and organisations, Databases are used to store all the core activities/information and often when there a major changes or restructure of the business the first process of many businesses is to change their databases to realign with their goal which makes them a valuable asset to any organisation. (Margulies, Pfleeger, Pfleeger 2015). Databases stores and maintain data at one central location so users can easily access it whenever needed. Through the use of Queries, databases have the ability to present data in multiple ways by linking data together for users to view and process vital information about their business and reports on performance throughout all departments (Knickelbine n.d.). Databases provide a fast and efficient …show more content…
Based on the three principles of computer security; Confidentiality, Integrity and Availability, they have clear relations to database management systems. Integrity and confidentiality is a major concern within database security since data is constantly being stolen leaving it unprotected against malicious users. Confidentiality is the protection against disclosure of sensitive information, integrity is the protection against unauthorised access and modification to sensitive data. (Druzovec, Holbl & Turkanovic …show more content…
However, there are various techniques to prevent the two types of attacks on database, direct and indirect. For direct attacks, the user will directly try to obtain sensitive data from the database with queries. Primary methods used to control direct attacks is access control to correctly classify data sets (Hylkema

Related Documents

  • Decent Essays

    • Custom implementation of authorization and authentication schemes should not be implemented unless they are tested properly [ ]. • Back up policies such as Continuous Data Protection (CDP) should be implemented in order to avoid issues with data recovery in case of a sudden attack [96]. • Additionally, they should be aware if the virtual network infrastructure used by the cloud provider is secured and the various security procedures implemented to ensure the same [25]. Paper [] discusses security challenges in IaaS and discusses identity/access management and multifactor authentication techniques in Amazon Web Service (AWS) cloud. In case of PaaS and SaaS model cloud provider has a responsibility to provide good level of security .Following aspects related to security must be considered.…

    • 745 Words
    • 3 Pages
    Decent Essays
  • Decent Essays

    There is a subtle difference between security and protection, we will perceive that both of them are extremely close concepts but still not the same. Protection is assured if one has all the necessary security measures as security itself is a type of protection to all the external hazards. Information is a treasure which is immensely worthy to an organization and thus it needs to be protected firmly. It is easy to corrupt, lose and steal thus the measures needed or taken to secure them from irrelevant entries are mentioned as Information Security. The significant step taken by most of the Organizations or firms recently is the use of ethical hacking process or techniques to evaluate the success or failure of their current security measures.…

    • 1032 Words
    • 5 Pages
    Decent Essays
  • Decent Essays

    If only half or some of the data is entered than it cannot be considered accurate. There are several ways to ensure that data integrity is being followed by using: constraints, primary and foreign keys, and removing duplicate data from the database. When merging two company’s data into one data warehouse, data integrity needs to be checked using a technique known as data scrubbing.…

    • 1257 Words
    • 5 Pages
    Decent Essays
  • Decent Essays

    Security Life Cycle

    • 1189 Words
    • 5 Pages

    The consequences can be website damage and destruction, compromised information, alteration of data (users ' personal data), and web server infringement. So ensuring that throughout the development lifecycle security is embedded and check can help to alleviate or at least minimize these…

    • 1189 Words
    • 5 Pages
    Decent Essays
  • Decent Essays

    to an extent through the encryption of data and proper access control management. Still even with these security measures in place, dubious attackers can breach the security measures and gain access to the data in the following ways [4]. • Cross-site scripting • Cross-site request forgery • Cookie manipulation • OS and SQL injection • Insecure storage • Hidden field manipulation Due to the vulnerabilities listed above, achieving data security in cloud remains a mammoth task. 1) Network Security: When using SaaS, the client transfer sensitive information to the application over the network. Hence, it is essential to secure the connection and provide proper network security.…

    • 1432 Words
    • 6 Pages
    Decent Essays
  • Decent Essays

    Nowadays we hear the word “cybersecurity” a lot but do you ever wonder what does it really mean? According to the department of homeland security, “Cybersecurity is general Internet safety, which includes protection of anything connected to or accessible by the Internet- from networks themselves to the information stored in computers.” The University of Maryland University College defines cybersecurity as a measure that protects our computers, networks, programs and data from unintended or unauthorized access, change or destruction.” You can also think of cybersecurity as a fence that keeps others from manipulating the confidentiality, integrity or the availability of your information without your consent. In the past 25 years, technology has…

    • 1184 Words
    • 5 Pages
    Decent Essays
  • Decent Essays

    Port Scanning Policy

    • 729 Words
    • 3 Pages

    Roles and Responsibilities: Chief security Officer: Developing test proce-dures, performing periodic testing, documenting results and communicating vulnerabilities to the respective team leads, suggesting potential mitigation strategies. 5. Enforcement: Violation of the policy could result in loss or limitations on use of information resources, as well as disciplinary and/or legal action, includ-ing termination of employment or referral for criminal prosecution. c. Password Policy: Upon exploiting the vulnerability of the target system the pen tester can extract the passwords and crack them to login to other systems. Hav-ing a strict password policy will help reduce this vulnerability.…

    • 729 Words
    • 3 Pages
    Decent Essays
  • Decent Essays

    The consequences for noncompliance are fines, imprisonment or both (Rouse) Information Technology providers need to create and maintain corporate records in a cost-effective fashion that satisfies the requirements of SOX. The retention, periods of storage the non-destruction, alteration or falsification of records and best practices need to be considered to avoid big…

    • 1087 Words
    • 4 Pages
    Decent Essays
  • Decent Essays

    INTRODUCTION The increasing growth of cybercrime and the associated risks are forcing most organizations to focus more attention on information security. It is critical that organizations must find a way to protect their data. This article will describe how to plan, develop and create an Information Security Operation Center (ISOC). Basically, an ISOC brings together the many isolated monitoring and response functions in a unified framework. Therefore, having an ISOC will benefit organizations in real time security incident management, monitoring and improving threat analysis across network systems, efficient forensics and root cause analysis.…

    • 1078 Words
    • 4 Pages
    Decent Essays
  • Decent Essays

    Security Countermeasures

    • 1615 Words
    • 7 Pages

    Subsequently, attacks against switches, routers, and networks may have serious consequences on the efficiency in addition to control functions of the power system. These attacks can take the form of network interference through the injection of ad-hoc crafted streams of packets designed to flood the network. Another form is single implementation vulnerability in which the goal is to exploit an irregularity of a particular model of network devices caused by implementation errors. Fortunately, the known threats or possible threats are considered in creating countermeasures (López, Setola, & Wolthusen, 2012, p. 224-226). Countermeasures are unequivocally essential to maintain control of the power systems.…

    • 1615 Words
    • 7 Pages
    Decent Essays