ABSTRACT

Database Security is the mechanism that protects the database against intentional or accidental threats.Database security is a growing concern evidenced by an increase in the number of reported incidents of loss of or unauthorized exposure to sensitive data. As the amount of data collected, retained and shared electronically expands, so does the need to understand database security. Ensuring the security of databases is a complex issue. The more complex the databases are, the more complex the security measures that are to be applied are. Also, each and every additional internal user that would be added to user base can create further serious security problems. As organizations increase their reliance on, possibly distributed, information systems for daily business, they become more vulnerable to security breaches even as they gain productivity and efficiency advantages. Though a number of techniques, such as encryption, electronic signatures and enveloping, are currently available to protect data when transmitted across sites. Database security strives to insure that only authenticated users perform authorized activities at authorized times. This seminar write up focuses on the concepts and mechanisms particular to securing data. Database security encompasses three constructs: secrecy or confidentiality or protection of data from unauthorized disclosure, integrity or prevention from unauthorized data access, and availability or the identification of and recovery from hardware and software errors or malicious activity resulting in the denial of data availability. Different levels of database security such as human level, network/user interface, database application program, database system, operating system and physical level are also discussed. Also, this write up addresses types of database security threats such as SQL injection, weak audit trail e.t.c and their countermeasures.