Database security comprises a range of security controls that have been designed to safeguard the

Database Management System (DBMS). The security measures mainly focus on protecting
structures that house the database system such as servers and the network, securely configuring
the Database Management System, and access to data(Yunus, et al., 2017).

Explanation:

Database security techniques or controls help in managing the circumventing of security

protocols, and they include;

 DBMS configuring
 System hardening and monitoring
 Authentication
 Access
 Database Auditing

Database Management System configuration is vital as it enables it to take advantage of the

various security features and control privileged access that leads to the misconfiguration of the
anticipated security setting. The DBMS configuration will remain consistent if there is proper
monitoring of the Database Management System and appropriate change control.

The basic architecture offers additional access to the Database Management System (DBMS).
The whole system must be patched continuously, hardened with known security configuration
standards, and regularly monitored, including threats from inside the system. Finally, all database
security controls available has to be enabled unless there is a reason for disabling it (Kolditz, et
al., 2018).

Authentication is one of the database security measures, it through authentication that user
credentials are verified by comparing them to those stored in the database, allowing access to
data, database platform, and networks only to those who have been authenticated.

The primary outcome of database security is the effective control of access to data. Access
controls verify genuine applications and users, limiting their access to the database. Access
control includes designing and granting legitimate users roles and attributes and limiting
administrative privileges.

Auditing or monitoring a database provides centralized database oversight. The auditing process
helps to detect, deter, and eliminate the overall impact caused by unauthorized access to the
Database Management System (DBMS).

Concurrency control is the management of shared data so that different users can access the data
and update it within a short period while maintaining the data integrity. Generally, integrity and
data access exist in an inverse relationship (Van Aken, et al., 2017). Data integrity can be
threatened if an application will allow all users to access at will. If an application keeps locks for
a long time, for instance, by running as one continuous transaction, then this will make it
difficult for users to perform data sharing. Most application developers ensure that they can
develop systems that are easy to access and share data, and at the same time, the data integrity is
maintained.

The implementation of security features should adhere to the following parameters; availability,
confidentiality, and integrity. As much as the security controls are critical to be implemented,
data availability should be guaranteed through the implementation process (Ma & L,
2018). Users should access necessary data at the appropriate time, and the data should be up to
date. The other aspect is confidentiality; the all process of implementation of security controls
should ensure that there confidentiality such that the data is accessed only by the intended
person. The database should be encrypted to external and internal breaches. Finally, data
integrity should be observed in the whole process of implementation (Ma & L, 2018).
Verification of external and internal done should be done to make sure that the data is accurate.
Data workflows for the organization should be maintained and changes in the data workflow
should be reported

Reference

Yunus, M. A. M., Krishnan, S. K. G., Nawi, N. M., & Surin, E. S. M. (2017). Study on Database
Management System Security Issues. JOIV: International Journal on Informatics
Visualization, 1(4-2), 192-194.

Kolditz, T., Habich, D., Lehner, W., Werner, M., & de Bruijn, S. T. (2018, May). AHEAD:
Adaptable data hardening for on-the-fly hardware error detection during database query
processing. In Proceedings of the 2018 International Conference on Management of Data (pp.
1619-1634).

Van Aken, D., Pavlo, A., Gordon, G. J., & Zhang, B. (2017, May). Automatic database
management system tuning through large-scale machine learning. In Proceedings of the 2017
ACM International Conference on Management of Data (pp. 1009-1024).

Ma, L. J. (2018, July). A Brief Analysis of Database Security Policy. In 2018 3rd International
Conference on Education, Sports, Arts and Management Engineering (ICESAME 2018). Atlantis
Press.