Database Security

Get Started. It's Free
or sign up with your email address
Database Security by Mind Map: Database Security

1. Threats

1.1. Definition: any situation or event, either intentional or unintentional that may affect a system and organisation.

1.2. Caused by a situation or event that involves a person, action or circumstance that is likely to produce harm to someone or to an organization

1.3. Harm

1.3.1. Tangible : Loss of hardware, software or data.

1.3.2. Intangible : Loss of credibility or client confidence and trust.

2. Computer-Based Control (how to secure the system)

2.1. Authorization

2.1.1. Definition: Authorization is the granting of a right or privilege that enables a subject to have legitimate access to a system or a systems object

2.1.2. Process: Involves authentication of the subject or a person requesting access to objects or systems.

2.1.3. Rules: Controls integrated in the data management system that controls the access to the data and the actions that client or personnel may take when they access the data.

2.2. Access Controls

2.2.1. Based on granting and revoking of privileges.

2.2.2. Privilege allows a user to create or access (that is read, write or modify) a database object or to execute a DBMS utility.


2.3.1. Dynamic result of one or more relational operations operating on the base relations to produce another relation

2.3.2. A virtual relation that does not actually exist in the database, but is produced upon request by a particular user at the end of request

2.3.3. User is allowed to see what they need to see only

2.4. Backup and Recovery

2.4.1. Process of periodically taking a copy of the database and log file to offline storage media

2.4.2. Very important for a DBMS to recover the database following a failure or damage. Basic Facilities (DBMS) Backup facilities: provide periodic backup copies of the database. Journalising Facilities: maintain an audit trail of transactions and database changes. Checkpoint Facilities:DBMS periodically suspends all processing and synchronizes its files to establish a recovery point. Recovery Manager: Allows the DBMS to restore the database to a correct condition and restart processing transactions

2.5. Encryption

2.5.1. Process of encoding of the data using a special algorithm that renders the data unreadable by any program without the decryption key

2.5.2. Used to protect highly sensitive data like customer credit card numbers or user password.

2.6. RAID (Redundant Array of Independent Disks)

2.6.1. Main hardware that should be fault-tolerant: 1. Disk drive 2. Disk controllers 3. CPU 4. Power supplies 5. Cooling fan

2.6.2. RAID works by having a large disk array containing of an arrangement of several independent disks.

3. Security in Microsoft Office Access DBMS

3.1. Create a password for opening database

3.2. Once the database open, all the objects in the database can be accesed

4. DBMS and Web Security

4.1. Proxy Servers

4.1.1. A proxy server is a computer that is located between a web browser and a web server.

4.1.2. Main purpose: To improve perfromance

4.2. Firewalls

4.2.1. A system designed to prevent unauthorised access to or from a private network

4.3. Digital Signature

4.3.1. Verify that the data comes from the authorised sender.

4.3.2. Consist of: 1. a string of bits that is computed from the data that is being signed using signature algorithms 2. Private key or password of the individual wishing the signature

4.4. Digital Certificates

4.4.1. An attachment to an electronic message used to verify that a user sending a message is who he or she claims to be.

5. Summary

5.1. Database security is the mechanism that protects the database against intentional or unintentional threats.

5.2. A threat is any situation or event, whether intentional or unintentional, that will affect a system and organisation.

5.3. Computer-based security controls for the multi-user environment include authorisation, access controls, views, backup and recovery, encryption and RAID technology.

5.4. The security measures associated with DBMS on the web include proxy servers, firewalls, digital signature and digital certificate.

6. BY: Hajar Syafilla Bt Zamri