Scribd
Upload
49 views13 pages

Niversity: Abdul Majid Niazai

Database security refers to measures used to protect a database from unauthorized access and threats. It involves securing the database, software, hardware, network, and people. Key aspects of database security include preventing theft, loss of confidentiality, loss of data privacy, integrity, and availability. Threats can be intentional or accidental and harm the database structure. Access controls, backups, encryption, and other computer-based controls help mitigate threats and risks.

Uploaded by

Abdulmajid Niazai
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
49 views13 pages

Niversity: Abdul Majid Niazai

Database security refers to measures used to protect a database from unauthorized access and threats. It involves securing the database, software, hardware, network, and people. Key aspects of database security include preventing theft, loss of confidentiality, loss of data privacy, integrity, and availability. Threats can be intentional or accidental and harm the database structure. Access controls, backups, encryption, and other computer-based controls help mitigate threats and risks.

Uploaded by

Abdulmajid Niazai
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 13

HE W A D UNIVERSITY

DBS
Abdul Majid Niazai
niazai216@gmail.com
What is DBS

 Database security is the technique that protects and secures the database
against intentional or accidental threats. Security concerns will be relevant
not only to the data resides in an organization's database: the breaking of
security may harm other parts of the system which may ultimately affect the
database structure. Consequently, database security includes hardware part,
software part, human resource, and data.
Or

 Database security refers to the collective measures and procedure used to


protect and secure a database or database management software from
illegitimate use and malicious threats and attacks.
We consider database security about the
following situations:
 Theft and fraudulent.
 Loss of confidentiality or secrecy.
 Loss of data privacy.
 Loss of data integrity.
 Loss of availability of data.
 These listed circumstances mostly signify the areas in which the organization
should focus on reducing the risk that is the chance of incurring loss or
damage to data within a database. In some conditions, these areas are
directly related such that an activity that leads to a loss in one area may also
lead to a loss in another since all of the data within an organization is
interconnected.
What is a Threat?

 Any situation or event, whether intentionally or incidentally, can cause


damage which can reflect an adverse effect on the database structure and
consequently the organization. A threat may occur by a situation or event
involving a person, or the action or situations that is probably to bring harm
to an organization and its database.
 The degree that an organization undergoes as a result of a threat's following
which depends upon some aspects, such as the existence of countermeasures
and contingency plans. Let us take an example where you have a hardware
failure occurs corrupting secondary storage; all processing activity must cease
until the problem is resolved.
Computer-Based Controls

 The different forms of countermeasure to threats on computer systems range


from physical controls to managerial procedures. In spite of the range of
computer-based controls that are preexisting, it is worth noting that, usually,
the security of a DBMS is merely as good as that of the operating system, due
to the close association among them.
Most of the computer-based database security is listed below:
 Access authorization.
 Access controls.
 Views.
 Backup and recovery of data.
 Data integrity.
 Encryption of data.
 RAID technology.
What is Access Controls?

 The usual way of supplying access controls to a database system is dependent


on the granting and revoking of privileges within the database. A privilege
allows a user to create or access some database object or to run some
specific DBMS utilities. Privileges are granted users to achieve the tasks
required for those jobs.
 The database provides various types of access controls:
 Discretionary Access Control (DAC)
 Mandatory Access Control (MAC)
Backup and Recovery

 Every Database Management System should offer backup facilities to help


with the recovery of a database after a failure. It is always suitable to make
backup copies of the database and log file at the regular period and for
ensuring that the copies are in a secure location. In the event of a failure that
renders the database unusable, the backup copy and the details captured in
the log file are used to restore the database to the latest possible consistent
state.
Database Integrity

 Data integrity in the database is the correctness, consistency and


completeness of data. Data integrity is enforced using the following three
integrity constraints:
 Entity Integrity - This is related to the concept of primary keys. All tables
should have their own primary keys which should uniquely identify a row and
not be NULL.
 Referential Integrity - This is related to the concept of foreign keys. A
foreign key is a key of a relation that is referred in another relation.
 Domain Integrity - This means that there should be a defined domain for all
the columns in a database.
data privacy (information privacy)

 Data privacy, also called information privacy, is the aspect of information


technology (IT) that deals with the ability an organization or individual has to
determine what data in a computer system can be shared with third parties.
RAID

 RAID refers to redundancy array of the independent disk. It is a technology


which is used to connect multiple secondary storage devices for increased
performance, data redundancy or both. It gives you the ability to survive one
or more drive failure depending upon the RAID level used.
 It consists of an array of disks in which multiple disks are connected to
achieve different goals.
Encryption of data

 A DBMS can use encryption to protect information in certain situations where


the normal security mechanisms of the DBMS are not adequate. For example,
an intruder may steal tapes containing some data or tap a communication
line. By storing and transmitting data in an encrypted form, the DBMS ensures
that such stolen data is not intelligible to the intruder. Thus, encryption is a
technique to provide privacy of data.
End of Chapter 01

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy