Importance Of Database Security

1822 Words8 Pages
Every company or organization needs places to store their institutional knowledge and data such as personally identifiable data, employee human resource data, financial data and etc. Nowadays all this institutional knowledge and data are being stored on the companies database. So, the security and confidentiality of this data is a critical importance. Database security can be defined as the protection of data and information that is stored in a database. According to [1] database security primarily ensures the confidentiality, availability and integrity of the information contained in a database. Other authors including Clifton Christopher have defined database security as the assurance that data is protected from unauthorized access,…show more content…
In most cases, this is not the case since sometimes cybercriminals access data of companies even without due authorization. The firms should be able to ensure that the persons who purport to have the logins to data are the true persons known by the company. The problems of ghost workers have been seen as a contributing factor to this issue. They wrongfully access a company’s information while representing themselves as the actual workers of the company. The persons entrusted with the management of database should also ensure that any outbound data goes to the expected and legalized receiver so that any mischievous movements of data can be monitored. Database Object Security can help eliminate such [3]. Availability of the data must also ensure that, the data must be available only for authorized users of the database. Furthermore, not all the authorized users can access all the parts of the database. In other words, some users will be restricted to see very confidential parts of the database.
…show more content…
The objective of such a mechanism is to control what objects can an authenticated access and what operations they can perform on those objects. Access control can be defined as the process of arbitrating a request for the database resources and determining whether that request should be granted or denied [5]. Several solutions to access control have been proposed and implemented and the three most outstanding ones will be presented and compared in this survey that are discretionary access control, mandatory access control and role-based access control.
3.1.1 Discretionary access control The Discretionary Access Control Mechanism (DAC) can be defined as a mechanism that governs a subject’s access to data based on his identity and the authorization rules. This approach is actualized by use of access matrix, where the columns of the matrix represent attributes of a given object and the rows represent the system users. By giving users specific access rights to object attributes, the DAC provides a lot of flexibility. Thus discretionary access control restricts access to objects based solely on the identity of users who are trying to access
Open Document