Database Security

Database security refers to the collective measures used to

protect and secure a database or database management
software from illegitimate use and malicious threats and
attacks. It is a broad term that includes a multitude of
processes, tools and methodologies that ensure security
within a database environment.
Authentication

Authentication is about validating your credentials like User Name/User ID and

password to verify your identity. The system determines whether you are what you
say you are using your credentials. In public and private networks, the system
authenticates the user identity via login passwords. Authentication is usually done by
a username and password and sometimes in conjunction with factors of authentication
which refers to the various ways to be authenticated.
Authentication Factor

Single-Factor Authentication It’s the simplest authentication method which

commonly relies on a simple password to grant user access to a particular system such
as a website or a network. The person can request access to the system using only one
of the credentials to verify his identity. The most common example of a single-factor
authentication would be login credentials which only require a password against a
username.
Authentication Factor cont…

Two-Factor Authentication
As the name suggests, it’s a two-step verification process which not only requires a
username and password, but also something only the user knows, to ensure an
additional level of security, such as an ATM pin, which only the user knows. Using a
username and password along with an additional piece of confidential information
makes it virtually impossible for fraudsters to steal valuable data.
Authentication Factor con…

Multi-Factor Authentication :
It’s the most advanced method of authentication which uses two or more levels of
security from independent categories of authentication to grant user access to the
system. All the factors should be independent of each other to eliminate any
vulnerability in the system. Financial organizations, banks, and law enforcement
agencies use multiple-factor authentication to safeguard their data and applications from
potential threats.
Authentication Factor con…

For example, when you enter your ATM card into the ATM machine, the machine
asks you to enter your pin. After you enter the pin correctly, the bank then confirms
your identity that the card really belongs to you and you’re the rightful owner of the
card. By validating your ATM card pin, the bank actually verifies your identity, which
is called authentication. It merely identifies who you are, nothing else.
Authorization

Authorization technique is used to determine the permissions that are granted to an

authenticated user. In simple words, it checks whether the user is permitted to
access the particular resources or not. Authorization occurs after authentication,
where the user’s identity is assured prior then the access list for the user is
determined by looking up the entries stored in the tables and databases.
Authorization con…

Example :
For example, a user X wants to access a particular file from the server. The user
will send a request to the server. The server will verify the user identity. Then, it
finds the corresponding privileges the authenticated user have or whether
he/she is allowed to access that particular file or not. In the following case, the
access rights could include viewing, modifying or deleting the file if the user has
authority to perform the following operations.
Difference between Authorization and
Authentication
Difference con…
Administration

 database administrator (DBA) is a specialized computer systems administrator who

maintains a successful database environment by directing or performing all related
activities to keep the data secure. The top responsibility of a DBA professional is to
maintain data integrity. This means the DBA will ensure that data is secure from
unauthorized access but is available to users.
Administration cont…

Installing and upgrading the DBMS Servers: DBA is responsible

for installing a new DBMS server for the new projects. He is also responsible
for upgrading these servers as there are new versions comes in the market or
requirement. If there is any failure in up gradation of the existing servers, he
should be able revert the new changes back to the older version, thus
maintaining the DBMS working. He is also responsible for updating the
service packs/ hot fixes/ patches to the DBMS servers.
Administration con…

 Design and implementation:

Designing the database and implementing is also DBA’s responsibility. He should be
able to decide proper memory management, file organizations, error handling, log
maintenance etc for the database.
Administration con…

 Performance tuning: Since database is huge and it will have lots of tables,
data, constraints and indices, there will be variations in the performance from time to
time. Also, because of some designing issues or data growth, the database will not
work as expected. It is responsibility of the DBA to tune the database performance.
He is responsible to make sure all the queries and programs works in fraction of
seconds.
Administration con…

 Migrate database servers: Sometimes, users using oracle would

like to shift to SQL server or Netezza. It is the responsibility of DBA to make
sure that migration happens without any failure, and there is no data loss.
Administration con…

 Backup and Recovery: Proper backup and recovery programs needs to be

developed by DBA and has to be maintained him. This is one of the main
responsibilities of DBA. Data/objects should be backed up regularly so that if there is
any crash, it should be recovered without much effort and data loss.
Administration con…

 Security: DBA is responsible for creating various database users and

roles, and giving them different levels of access rights.