Database Security
The focus of this study is that of database security. Databases and database technology are such that play critical roles in the use of computers whether it be in business, electronic commerce, engineering, medicine, genetics, law, education or other such entities requiring the use of computer technology. A database is quite simply a collection of data that is related such as a database containing customer information, supplier information, employee information, project databases, and the sort. Some databases are small while others are of a great size and quite complex. A database management system is "a general purpose software system that facilitates the processes of defining, constructing, manipulating, and sharing databases among various users and applications." (Oracle Security, 1998, p.1) Defining a database is reported to involve "specifying the data types, structures and constraints of the data to be stored in the database." (Oracle Security, 1998, p.1)
Yang, L. 2009. Teaching database security and auditing. Proceedings of the 40th ACM Technical Symposium on Computer Science Education, Chattanooga, TN, USA.
Database Security Plan and equirements Definition for a University Department
The database security plan and requirements definition were developed. The plan included, at the outset, the inclusion of major stakeholder at the University and described their roles in initiating, implementing, and maintaining the plan. Individuals responsible for daily and other periodic tasks were developed. A major consideration in planning the security was the policy that governs granting of access. The need-to-know, combined with the users' roles provided the guiding principles. Physical security, backing up of data and the periodic exercise of restoring data were not overlooked in the plan. Plans were set in place to ensure that attention was paid to the dynamic nature of the document since the security environment must continually change in order to discourage system attackers and to keep pace with the rapidly changing technology.
The Business Environment
We are an entrepreneurial business department in the faculty of engineering…...
mla
References
Bond, Rebecca, Kevin Yeung-Kuen See, Carmen Ka Man Wong, and Yuk-Kuen Chan (2007). Understanding DB2 9 Security. Indianopolis: IBM Press.
With optimistic concurrency control, the database checks resources to determine if any conflicts have occurred only when attempting to change data. If a conflict occurs, the application must read the data and attempt the change again. Pessimistic concurrency, on the other hand, control locks resources as they are required, for the duration of a transaction. Unless deadlocks occur, a transaction is assured of successful completion
5.5 Audit Tracking
Although auditing does not prevent system attacks, it is a vital aid in identifying intruders, attacks in progress, and to diagnose attack footprints (Meier, Mackman, Dunner, Vasireddy, Escamilla and Murukan). It is important to enable Windows operating system level auditing and SQL Server login auditing. SQL Server also offers an auditing capability that complies with the U.S. Government C2 certification. C2 level auditing provides substantially more audit information at the expense of increased disk storage requirements.
5.6 Encryption
SQL Server 2005 will support native database…...
mla
Bibliography
Ambler, S. (2004, April 1), "Concurrency Control," Available:
Database designers and administrators can work concomitantly with it professionals and researchers to implement the security measures necessary to mitigate risks to data.
I have been a database user at my company for a number of years. As such, I am allowed access from only a limited number of locations; one static connection at home, one at work, and one laptop connection that I carry with me when traveling. Each connection has its own password, which is updated on a daily basis. I create the passwords myself, and nobody else has access to these. The it department has provided me with training in optimizing the strength and security of my passwords. ecurity at my company is extremely important, as data leak could for example lead to a compromise of our competitive edge.
ources
Chapple, Mike. Database ecurity: A Fine Balance Between Roles and Rights. About.com http://databases.about.com/od/security/a/databaseroles.htm
Chapple, Mike. QL Injection Attacks on Databases.…...
The article 2007 Survey on Database Security; highlights the most pressing issues that could be facing an organization (someone from within who could have access to the data). Where, this strength points out a situation that many it managers are overlooking. However, the weakness of the article is that it points out the problem, while at the same time saying there is no effective solution. In many ways this is the equivalent of point out a fire and then not having the tools to put it out. (Ponemon, 2010)
The article How to Secure Sensitive Data in a Cloud Environment; highlights how many businesses are turning to virtual networks to perform many functions. The biggest strengths of the article are: the overall dangers it points with this type of it protocol and how an organization can address these issues. The main weakness of the article is that it only…...
Database Security Case Study
Database Security: Case Study
The objective of this study is to answer specific questions following have read the case study which is the focus of this work in writing including naming the concepts which are illustrated in the case study and why a customer database is useful for companies related in the case study under review. This work will additionally answer as to what would occur if the companies did not keep their customer data in databases. Secondly this study will determine the effectiveness of the SAS statistical modeling software that is described in the case study and will answer as to how better data management and analytics improve each company's business performance and provide two examples of improvement realized through mining customer databases. This study will additionally describe some of the weak points of predictive analytics and answer as to what management, organization, and technology factors are…...
mla
Bibliography
Asking the Customer by Asking the Database: Case Study (nd) Chapter 6 -- Foundations of Business intelligence; Databases and Information Management.
Fule, P. (2004) Detecting Privacy and Ethical Sensitivity in Data Mining. Researchgate. Retrieved from: www.researchgate.net/...Ethical...Data_Mining.../3deec51f7...
Design citeia exist at the levels of the technical, system integation aspects of the database to othe systems though XML. This integation is citically impotant to ensue that the applications ceated can be effectively used ove time and not have any scalability issues. Thee is also the need fo designing the databases at the pesentation laye to povide fo scalability and flexibility of being able to ceate applications elatively quickly at the potal level. This is especially impotant fom a Business Pocess Management (BPM) standpoint as databases must be able to suppot the vaious pocess wokflows as defined as pat of business pocess e-engineeing effots ove time. Thee is also the need fom a design standpoint to have a continued development initiative going to captue use needs ove time and include them into the next geneation of database updates. The use of councils to ceate update plans and define the…...
mla
references and real-time workload in information services. Information Systems Research, 11(2), 177-196.
Pangalos, George (1994). A tutorial on secure database systems. Information and Software Technology, 36(12), 717.
Gerald Post & Albert Kagan (2001). Database management systems: Design considerations and attribute facilities. The Journal of Systems and Software, 56(2), 183-193.
Ji Ma, Mehmet A Orgun. (2008). Formalising theories of trust for authentication protocols. Information Systems Frontiers, 10(1), 19-32.
Reagan, J., & Rowlands, I.. (2007, January). Key Technologies Enabling a Seismic Shift in Enterprise Data Management. Business Intelligence Journal, 12(1), 17-25.
y grouping related database queries into transactions, DMS systems can guarantee that each transaction satisfies the ACID properties: Atomicity, Consistency, Isolation, and Durability. However, if a database application is decomposed into transactions in an incorrect manner, the application may fail when executed concurrently.
Concurrency control deals with the issues involved with allowing multiple people simultaneous access to shared entities (Ambler, 2004). A collision occurs when two activities, which may or may not be full-fledged transactions, attempt to change entities within a system of record. A database administrator can either devise ways to avoid collisions or detect and then resolve them. Transactions are collections of actions that potentially modify two or more entities. The easiest way for an application to implement transactions is to use the features supplied by the database. Transactions can be started, attempted, then committed or aborted via SQL code. Also, database APIs such as Java Database Connectivity…...
These laws also emphasize that obtaining such personal information and how it will be used should be made with the individual's knowledge and consent. Moreover, individuals also have the additional rights of viewing, correcting, and deleting the information pertaining to them. ut do we really have access to all information that is being taken from us? We can never tell and we might end waking up one day being accused by actions we haven't taken or worst waking up with a different identity.
II. Security of the Data Gathered
Database Systems are designed and programmed by no less than humans. Securing these databases involves the protection against unauthorized disclosures, alteration and destruction. Security that focuses on stopping people without database access from having any form of access at all and stopping people with access to perform any data manipulation that are not part of their duties or not included in the…...
Database Administrator, Manager of IT, and the value of a college education
As a result of swift distribution of computers and information technology, a necessity for well trained workers to design and promote new hardware and software systems and to integrate new technologies. These workers comprises of computer systems analysts, database administrators, and computer scientists. Based on the choices and procedures of employers and on development of new areas of specialization or alterations in technology, the job responsibilities and professional titles relating these workers change quickly. An ever-increasing level of talent and education from the employees is demanded by the speedily shifting technology. Organization's expectation on professionals is broadening from wholesome technical knowledge to communication and other interpersonal skills. Hence, workers who can manage various tasks are in great need.
Though employers favor workers with technical degrees, persons with degrees in a range of majors also get employment in these computer jobs.…...
"Computer Systems Analysts, Database Administrators, and Computer Scientists" (May 18, 2004) U.S. Department of Labor: Bureau of Labor Statistics. Retrieved from Accessed on 7 May 2005http://www.bls.gov/oco/ocos042.htm
The authors have expertise with Oracle databases and use examples from the enterprise products this software vendor provides to make their point regarding security of highly distributed networks. One of the more valuable aspects of this specific paper is the focus on how to create a multilevel secure environment in an enterprise. The authors have done enterprise-level database security work in their careers and this article and research communicate their expertise clearly.
In the article Data Security: A Security Implementation for elational Database Management Systems (Nilakanta, 1989) the author contends that information architectures must rely on a stable database management system (DBMS) to scale securely and reliably across an enterprise. The author provides insights into several different security procedures and approaches to defining a secured operating environment for enterprise-wide DBMS implementations and use. There are also guidelines for defining security clearances and recommendations on hwo best to use encryptions for…...
mla
References
Feeney, T.R. (1986). Security issues and features of database management systems. Information Age, 8(3), 155-155.
Harris, D., & Sidwell, D. (1994). Distributed database security. Computers & Security, 13(7), 547-547.
Nilakanta, S. (1989). Data security: A security implementation for relational database management systems. Computers & Industrial Engineering, 17(1-4), 415-415.
We are a 100-person strong business dedicated to the production of media, most specifically short animations, for advertising clients worldwide. Our personnel include marketing specialists, visual designers, video editors, and other creative staff.
This security plan encompasses the general and pragmatic characteristics of the security risks expected for our business and the specific actions that aim to, first and foremost, minimize such risks, and, if that's not possible, mitigate any damage should a breach in security happen.
Scope
The measures to be taken and the assigned responsibilities stated in this document apply to all the departments that make up the company. Exemptions can be given but will be only under the prerogative of the CEO under the consultation of the Chief Security Officer that will be formally assigned after the finalization of this document. Otherwise, there will be no exception to the security measures stated in this document.
Database Concepts
Compare and contrast Microsoft Access, Microsoft SQL Server, DB2, and Oracle database programs
Providers: Microsoft Corporation provides Microsoft Access and SQL Server, Oracle by Oracle Corporation and DB2 is a product of IBM.
Brief about each:
MS Access: Microsoft Access is a database, which comes bundled in Microsoft Office Products. Access is fully compatible with Active Server Pages (ASP) scripting. Database programs such as Access (sometimes called Relational Database Management systems or RDBMS) are used to store information, often large amounts of information. It can be used as a flat-file database (using a single table) or a relational database (using more than one table linked together). Access database applications can be produced for a large number of database situations including financial and scientific data - with excellent results. Access comes equipped with Wizards, which help the novice to create tables, forms, queries and reports. A complicated relational database design and implementation may…...
mla
The longest SQL statement in Oracle is of 16,777,216 bytes, 65,536 bytes (Network packet size 4 KB, by default) in SQL Server, approximately 64,000 bytes in MS Access whereas in DB2 it is of 65535 bytes. Microsoft Access 2000 falls into the desktop category and works best for individuals and workgroups managing megabytes of data. In comparison with SQL Server 2000, Access uses file-server architecture, rather than client-server architecture. Access 2000 has many restrictions in comparison with SQL Server 2000 and cannot be used in the case you want to build stable and efficient system with many concurrent users
Conclusion:
It is very difficult to compare all the four on a same platform. It is not true that Oracle 9i Database is better than DB2 Universal Database v8.1 or vice versa. Both products can be used to make stable and proficient systems and the stability and effectiveness of your applications and databases depend rather upon the experience of the database developers and database administrator than the database's provider. It all depends on the use and requirements. If the need is to make a scalability, security, and robustness system, you should use SQL Server instead of Access. Because Access 2000 does not support atomic transactions, it does not guarantee that all changes performed within a transaction boundary are committed or rolled back. SQL Server is integrated with Windows NT security, but Access is not. Access 2000 databases cannot be restored to the point of failure, when SQL Server databases can be. This makes administering Access 2000 databases more expensive than administering SQL Server 2000 databases. So, you should use Access 2000 database, only when you need to store a small amount of data in a single user (or few users) environment, or when you have very low resources, such as memory or disk. In other case, use MSDE or SQL Server. Similarly we can't compare SQL Server 2000 with DB2 Universal Database v8.1 or vice versa. Both products can be used to build stable and efficient system and the stability and effectiveness of your applications and databases depend rather from the experience of the database developers and database administrator than from the database's provider. But SQL Server 2000 has some advantages in comparison with DB2 Universal Database v8.1 and vice versa.
Database Data Warehouse Design
Our company, Data Analytic Limited, specializes in collecting and analyzing data for various organizations. Over the years, we have assisted various companies to turn raw data into valuable information that assists the companies in making effective decision profitable in the short and long run. Our research and data analytics are geared towards giving extra edge to various companies. Our services include processing and analyzing terabytes of data to provide customer meaningful information for business decision and enhance competitive market advantages. ecent growth of our company necessitates the needs to design and develop data warehouse that will accommodate large volume of customer data.
Objective of this project is to design and develop the data warehouse for our company.
Importance of Data Warehousing for our Organization
Comprehensive portfolios of our business include Business, Market, and Financial research, Data processing services and Domain based analytics. While the relational database that our company is…...
mla
Reference
Hillard, R. (2010). Information-Driven Business. UK. Wiley.
Microsoft (2012).Data Warehousing | Microsoft SQL Server 2012. Microsoft Corp.
Patil, P.S., Srikantha, R., Suryakant, B.P. (2011). Simplification in the Reporting and Analysis Optimization of the Data Warehousing System:, Foundation of Computer Science, 9 (6): 33 -- 37.
Rostek, K. (2010). Data Analytic Processing in Data Warehouses. Foundations of Management, 2(1), (2010), 99-116.
The most appropriate products that could be used by MMC to achieve this objective would be: IP San and a Snap Lock. An IP San is a fiber optic channel that can provide secure real time data to each location. Where, software and security applications can be adapted to the current system that is being used. The Snap Lock is: a security software that can be used to provide an effective way for each location to retrieve, update and change information.
Support for why these procedures and products are the optimal approach for this organization
The reason why these different procedures and products were selected was: to reduce the overall risk exposure of the company's external threats. The current system that is being used by MMC increases risks dramatically, by having a number of different systems, where financial information is stored. If any one of these systems is vulnerable, there is…...
Our semester plans gives you unlimited, unrestricted access to our entire library
of resources —writing tools, guides, example essays, tutorials, class notes, and more.
