Scribd
Upload
13 views

Database Security, Distributed Databases and Database Failure

Uploaded by

esther
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
13 views

Database Security, Distributed Databases and Database Failure

Uploaded by

esther
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 4

Comp 401: Database Security Distributed Databased and Database failure

Database security encompasses a variety of measures, tools, and controls implemented to protect
database management systems from unauthorized access, cyber-attacks, and accidental breaches.
It aims to ensure the confidentiality, integrity, and availability of data within database systems

Types of Security Issues that Database Systems face


• Legal and ethical issues
• Policy issues
• System-related issues
• The need to identify multiple security levels

Examples of Security Risks that Database systems face

1. Unauthorized or unintended activity or misuse by authorized database users, database


administrators, or network/systems managers, or by unauthorized users or hackers (e.g.
inappropriate access to sensitive data, metadata or functions within databases, or
inappropriate changes to the database programs, structures or security configurations);
2. Malware infections causing incidents such as unauthorized access, leakage or disclosure of
personal or proprietary data, deletion of or damage to the data or programs, interruption or
denial of authorized access to the database, attacks on other systems and the unanticipated
failure of database services;
3. Overloads, performance constraints and capacity issues resulting in the inability of
authorized users to use databases as intended;
4. Physical damage to database servers caused by computer room fires or floods, overheating,
lightning, accidental liquid spills, static discharge, electronic breakdowns/equipment
failures and obsolescence;
5. Design flaws and programming bugs in databases and the associated programs and
systems, creating various security vulnerabilities (e.g. unauthorized privilege escalation),
data loss/corruption, performance degradation etc.;
Threats to databases
1. Loss of integrity
2. Loss of availability
3. Loss of confidentiality
To protect databases against these types of threats four kinds of countermeasures can be
implemented:
a. Access control - The security mechanism of a DBMS must include provisions for
restricting access to the database as a whole. This function is called access control and is
handled by creating user accounts and passwords to control login process by the DBMS
b. Inference control – This is the protection of data so that it can be published without
revealing confidential information about specific individuals.
c. Flow control - Flow control prevents information from flowing in such a way that it reaches
unauthorized users.
d. Encryption - The data is encoded using some encoding algorithm. An unauthorized user
who access encoded data will have difficulty deciphering it, but authorized users are given
decoding or decrypting algorithms (or keys) to decipher data.
Security Measures that can be Implemented to protect Databases

1. Physical Security: This involves restricting physical access to database servers to


authorized personnel only, ensuring that server locations are secure.

2. Separation of Database Servers: Isolating database servers from other servers and
networks helps prevent unauthorized access and reduces the impact of potential breaches.

3. Network Security: Setting up firewalls, using HTTPS for communication, and avoiding
default network ports can help protect database systems from external attacks.

4. Access Controls: Implementing strong authentication measures, assigning user roles, and
enforcing the principle of least privilege ensure that only those with necessary
permissions can access sensitive data.

5. Regular Audits and Monitoring: Continuous monitoring of database activities and


regular security audits can help in identifying vulnerabilities and suspicious activities
quickly.

6. Firewall and Intrusion Detection Systems: Utilizing firewalls and intrusion detection
systems to prevent unauthorized access and to detect potential threats to the database.

Database Failure

A DBMS is vulnerable to several kinds of failures and each of these failures needs to
be managed differently. There are many reasons that can cause database failures such
as network failure, system crash, natural disasters, carelessness, sabotage(corrupting the
data intentionally), software errors, etc.
Types of Failures in DBMS
A failure in DBMS can be classified as:
1. System Crush
2. Transaction failure
3. Data Transfer Failure
Failure Classification in DBMS

Revision Questions

1. What are the security measures that can be used to protect databases?

2. Discuss the term failure and list types of database failures

Distributed Databases

A distributed database is a collection of multiple interconnected databases, which are spread


physically across various locations and communicate via a computer network. selecting the
appropriate database architecture is crucial for effectively managing and organizing data across
multiple nodes.

Distributed databases can be classified into homogeneous and heterogeneous databases. Here we
will discuss Homogeneous and Heterogeneous databases.

Difference between Homogenous and Heterogeneous Distributed Database Systems

A distributed database system is a database that is spread across different sites, each managed
by a distributed database management system (DDBMS). It can be classified into two
types: homogenous and heterogeneous.
Homogenous Distributed Database Systems
In a homogenous distributed database system, all the physical locations have the same underlying
hardware and run the same operating systems and database applications. The database systems at
each location are aware of each other and agree to participate in the database system.
Heterogeneous Distributed Database Systems
In a heterogeneous distributed database system, the different database sites may run different
database applications. This means that the systems may be based on different hardware, operating
systems, database management systems and even data models. The sites may not be aware of each
other and may provide only limited facilities for cooperation in transaction processing.Examples
of heterogenous distributed database systems are Oracle and non Oracle database systems such as
Ms access
Revision Question
3) Compare and Contrast homogenous Distributed Database Systems Vs. Heterogeneous
Distributed Database Systems

You might also like