Introduction of Database Security

Database Security is the mechanism that protect the database against intentional
or accidental threats. The main aspects of database security are confidentiality,
integrity, and availability.

i. Confidentiality: Confidentiality refers to keeping the data secretive so that

only authorized users have an access to it, it is roughly equivalent.
ii. Integrity: Integrity involves maintaining the consistency, accuracy and trust
worthiness of data over its entire lifecycle.
iii. Availability: Availability of information refers to ensuring that authorized
parties are able to access the information when needed.
Control Methods of Database Security
1. Authentication:
Authentication means verifying the identity of someone who wants to
access data, resources, or applications. Validating that identity establishes a trust
relationship for further interactions.

2. Authorization:
Authorization is the process to determine whether the authenticated user
has access to the particular resources. It checks your rights to grant you access to
resources such as information, databases, files, etc.

3. Access Control:
The security mechanisms of DBMS must include some provisions for
restricting access to the data base by unauthorized users. Access control is done by
creating user accounts and to control login process by the DBMS.
4. Flow Control:
This prevents information from flowing in a way that it reaches unauthorized
users. Channels are the pathways for information to flow implicitly in ways that
violate the privacy policy of a company are called covert channels.

5. Encryption:
Encryption is the process of encoding a message or information in such a way
that only authorized parties can access it.
Needs of Database Security:

1. Data Tampering: Ensure the integrity of data by preventing unauthorized

alterations, preserving accuracy, and avoiding misinformation.
2. Data Theft: Protect against unauthorized access; secure data to prevent theft and
maintain confidentiality.
3. Unauthorized access to Tables and Columns: Control access to specific data
elements; secure confidentiality by restricting access.
4. Unauthorized access to Data Rows: Enforce granular access controls; prevent
unauthorized viewing or modification of individual records for privacy.
5. Lack of Accountability: Establish accountability through access controls, logging,
and monitoring mechanisms to trace actions and identify the source of security
incidents.