With increasing attacks and internal data theft the organizations must strengthen their database security beyond the traditional methods, especially those databases which hold private data. This can be done by developing a security strategy which is a framework of control mechanisms for authentication, authorization, and access control mechanisms to enforce role separation, database auditing, monitoring, network and data encryption, data masking according to the needs and environment in the organization. To develop a high-quality security strategy detailed knowledge and understanding about the database control mechanisms is needed. So the main purpose of this paper is to give a detailed description of security mechanisms which are available till today and build a security strategy according to the needs and environment of the organization. Using the knowledge gained a working prototype which is a security strategy is designed, developed and evaluated for an organization according to the scenario described which contains the challenges or threats and present security mechanisms used in the organization. Finally a security strategy is developed which can help the organization in protecting their information assets and private data from inside and outside attacks.
Databases contain sensitive and important information about an organization. The basic element of any organization is to protect these information resources that support the critical operations of the organization from unauthorized access, modification, or disclosure.
The major threat of the organization is securing its gigabytes of data from the prying eyes of unauthorized outsiders and insiders attempting to exceed their authority. ...
... middle of paper ...
... managed to introduce changes in the database they were spotted as intruder in the subsequent command. The results of the detection latency and performance overhead are mentioned both in normal conditions and heavy load conditions. The author finally concluded that “The detection coverage was 100%, if we consider the sequence of commands inside the transaction in reality” [Fonseca, 2008].
Limitations of the research: The proposed mechanism for Online Detection of Malicious Data Access technique does not apply to users that execute ad-hoc queries which can be considered as the limitation of the paper.
Relationship to your paper: The concurrent detection of malicious data access capabilities in DBMS will provide an extra layer for security mechanism used. This mechanism can provide another layer of security in the security strategy which is the main aim of my paper.