Call Us: US - +1 845 478 5244 | UK - +44 20 7193 7850 | AUS - +61 2 8005 4826

Advanced Topics

Database Security Control Measures

There are four main control measures used to provide security of data in databases. They are :
1. Access control – The security mechanism of a DBMS must include provisions for restricting access to the database as a whole. This function is called access control and is handled by creating user accounts and passwords to control the login process by the DBMS.
2. Inference control – Statistical databases are used to provide statistical information or summaries of values based on various criteria. Security for statistical databases must ensure that information about individuals cannot be accessed. It is possible to deduce or infer certain facts concerning individuals from queries that involve only summary statistics on groups, consequently this must not permitted either. This problem called statistical database security and corresponding control measures are called
inference control measures.
3. Flow control – It prevents information from flowing in such a way that it reaches unauthorized users. Channels that are pathways for information to flow implicitly in ways that violate security policy of an organization are called covert channels.
4. Data encryption – It is used to protect sensitive data that is transmitted via some type of communication network. Encryption can be used to provide additional protection for sensitive portions of a database. The data is encoded using some coding algorithm. An unauthorized user who access encoded data will have difficulty deciphering it, but authorized users are given decoding or decryption algorithms to decipher data. Encrypting techniques are very difficult to decode without a key have been developed for military application