Table of Contents
Table of Contents
Security threats to Database
Numerous layers and data security controls are related to databases as follows
7 Assessments of vulnerabilities and Compliance
This paper gives an idea regarding the important aspects of the database security. It mainly focuses on the security parameters such as confidentiality, authenticity and availability of the data. It also explains the different threats for the security in an organization in relation to the database. The basic steps which are required to control the loss of data are explained in detail. Among the controls the encryption process is the one which has to be followed to control the access into an organization by implementing physical security. Database Security
Database security is securing and protecting the data and database from unauthorized access. It helps to maintain the availability, confidentiality and authenticity of the data. It is divided into different controls such as sorts or classes of controls, for example, specialized, procedural/authoritative and physical. Database security is a necessary to maintain the workstation security, data security and risk administration. Physical attack to database servers created by overheating, lightning, static release, electronic breakdownsand outdated nature. Outline defects and software bugs in databases and the projects and systems, making different security vulnerabilities (e.g. unapproved benefit acceleration), information misfortune/defilement, and execution corruption and so on.Information defilement and/or misfortune brought about by the passage of invalid information, tangles in database or system organization techniques, criminal attack. Physical Security
The database may be prone to attack when the access into the organization is not monitored. There must be certain rules and regulations which have to be followed by each and every individual working in an organization. The encryption process must be done using finger prints, identity cards and also check for any external devices like pen drives. The electronic communications must only be used for the organization mails as the virus gets easily transferred. The mails must be scanned by the IT professional to prevent the leakage of sensitive information. The employees must not download certain software’s which causes huge data loss due to malware attack. Security threats to Database
Exorbitant Privilege Misuse
These are certain rights which are given to the employees where they have the ability to access the databases which are related to an organization. For instance, a workstation chief in an alliance requires basically the ability to change representative contact data it can be done by using help of the clients working in that organization. Benefit Elevation
Due to the competition between the employees, they may make change in the current records or share the sensitive information of the organization with a person working in other organization. They may even share their login id and password with others. It is better if the IT members create software which asks certain questions before they log into the data. Stage Vulnerabilities
Vulnerabilities in the computers may be due the unauthorized access of the person to corrupt the information in the system related to the database, some may also format the databases where upon usage they can easily hack the information. For example, the Blaster Worm abused a Windows 2000 feebleness to make foreswearing of association conditions. Induction
Undoubtedly in secure DBMS, it is feasible for clients to draw gatherings from the data they get from the database. The employee working in an organization when gets certain information they may try to elaborate it or draw some important aspects related to the database from past. There are two...
References: Summers, G. (2004). Data and databases. In: Koehne, H Developing Databases with
Sethumadhavan, Simha (2011), "Silencing Hardware Backdoors."
Pipkin, D. (2000). Information security: Protecting the global enterprise.
Schlienger, Thomas. (2003). "Information security culture-from analysis to change."pp:
Please join StudyMode to read the full document