Database Security

Book Report: Secure Database

According to Natan (2005), database is a service provider which performs its duties as commanded by the user. It is used as a network server where clients search for various services on this network initiating a database connection. Database is prone to attacks since it is a network node. It is important for the user to limit his/her access unnecessarily. This is through ensuring utmost security without interfering with its intended operations. This chapter gives an overview of measures to undertake to secure database as a service (Natan, 2005). This is through understanding and controlling database access, removing what is not in use, securing what is in use, and continuous monitoring of changes that may occur when accessing the database over the network.

It is beneficial to understand that databases should be secured from the public especially if the user of database has sensitive or vulnerable information that is crucial. Interference or damaged can cause great loss to the owner. Therefore, it is crucial for the user to understand the database environment through its network accessibility (Natan, 2005). Networks are complex infrastructures consisting of routers and switch which subnet with other virtual networks. Understanding the initiation of the database network connections is also beneficial. This can be done by knowing which applications are used in accessing the data, the drivers, and versions in use. Knowledge of versions and tools helps to identify vulnerability points and ensure that all applications and Information Technology rules are followed. Most clients are connected to the database by a network protocol. Hence, databases are accessible by the use of various client-server mechanisms. The vendors allow database user to use a protocol that carries the SQL. SQL is a server with networked layers which depend on the Application Program Interfaces abbreviated as (APIs) (Natan, 2005). APIs shield layers from abstractions formed on the lower layers.

As confirmed by Raj, database security and protection goes hand in hand. Database security deals with complying with policies while protection deals with mechanisms implemented in observing database security policies in handling hardware, software, and firmware. Database security system should win the user’s trust and confidence through meeting its intended high quality. Most databases that need maximum security are the statistical databases. These databases contain information that should not be altered whatsoever. They protect individual information such as students’ marks and individual incomes. Statistical inferences are databases containing information on medical issues, which is purposely used for research purposes. Security of such databases should comply with the law and should be respected as sensitive data. This is because it should be kept accurate and treated as confidential since researchers need meaningful and accurate data. In addition, information on patients must be kept private and confidential.

However, some databases are static while others are dynamic. Static databases are created once and should never be altered or changed (Raj). An example of such a data is the Census information conducted every 10 years. Dynamic databases reflect real-time changes such as researches available online. Although changes can be applied to them, such databases should also be secured, and any changes made must come from the user authorization. In conclusion, it has been noted that all databases require a multi-level security where information in the database should be secured at different levels according to user accessibility. This prevents from accessing and changing of the information without user’s consent. Polyinstantiation is also a method of securing data at different access levels. This applies where numerous tuples with a similar apparent input value though with different values in attribute for different level of users.