The focus of this study is that of database security. Databases and database technology are such that play critical roles in the use of computers whether it be in business, electronic commerce, engineering, medicine, genetics, law, education or other such entities requiring the use of computer technology. A database is quite simply a collection of data that is related such as a database containing customer information, supplier information, employee information, project databases, and the sort. Some databases are small while others are of a great size and quite complex. A database management system is "a general purpose software system that facilitates the processes of defining, constructing, manipulating, and sharing databases among various users and applications." (Oracle Security, 1998, p.1) Defining a database is reported to involve "specifying the data types, structures and constraints of the data to be stored in the database." (Oracle Security, 1998, p.1)
I. Database…… [Read More]
Database Security Plan and equirements Definition for a University Department
The database security plan and requirements definition were developed. The plan included, at the outset, the inclusion of major stakeholder at the University and described their roles in initiating, implementing, and maintaining the plan. Individuals responsible for daily and other periodic tasks were developed. A major consideration in planning the security was the policy that governs granting of access. The need-to-know, combined with the users' roles provided the guiding principles. Physical security, backing up of data and the periodic exercise of restoring data were not overlooked in the plan. Plans were set in place to ensure that attention was paid to the dynamic nature of the document since the security environment must continually change in order to discourage system attackers and to keep pace with the rapidly changing technology.
The Business Environment
We are an entrepreneurial business department in the…… [Read More]
With optimistic concurrency control, the database checks resources to determine if any conflicts have occurred only when attempting to change data. If a conflict occurs, the application must read the data and attempt the change again. Pessimistic concurrency, on the other hand, control locks resources as they are required, for the duration of a transaction. Unless deadlocks occur, a transaction is assured of successful completion
5.5 Audit Tracking
Although auditing does not prevent system attacks, it is a vital aid in identifying intruders, attacks in progress, and to diagnose attack footprints (Meier, Mackman, Dunner, Vasireddy, Escamilla and Murukan). It is important to enable Windows operating system level auditing and SQL Server login auditing. SQL Server also offers an auditing capability that complies with the U.S. Government C2 certification. C2 level auditing provides substantially more audit information at the expense of increased disk storage requirements.
SQL Server 2005 will…… [Read More]
Database designers and administrators can work concomitantly with it professionals and researchers to implement the security measures necessary to mitigate risks to data.
I have been a database user at my company for a number of years. As such, I am allowed access from only a limited number of locations; one static connection at home, one at work, and one laptop connection that I carry with me when traveling. Each connection has its own password, which is updated on a daily basis. I create the passwords myself, and nobody else has access to these. The it department has provided me with training in optimizing the strength and security of my passwords. ecurity at my company is extremely important, as data leak could for example lead to a compromise of our competitive edge.
Chapple, Mike. Database ecurity: A Fine Balance Between Roles and Rights. About.com http://databases.about.com/od/security/a/databaseroles.htm
Chapple, Mike. QL Injection…… [Read More]
Strengths vs. Weaknesses
The article 2007 Survey on Database Security; highlights the most pressing issues that could be facing an organization (someone from within who could have access to the data). Where, this strength points out a situation that many it managers are overlooking. However, the weakness of the article is that it points out the problem, while at the same time saying there is no effective solution. In many ways this is the equivalent of point out a fire and then not having the tools to put it out. (Ponemon, 2010)
The article How to Secure Sensitive Data in a Cloud Environment; highlights how many businesses are turning to virtual networks to perform many functions. The biggest strengths of the article are: the overall dangers it points with this type of it protocol and how an organization can address these issues. The main weakness of the article is that…… [Read More]
Database Security Case Study
Database Security: Case Study
The objective of this study is to answer specific questions following have read the case study which is the focus of this work in writing including naming the concepts which are illustrated in the case study and why a customer database is useful for companies related in the case study under review. This work will additionally answer as to what would occur if the companies did not keep their customer data in databases. Secondly this study will determine the effectiveness of the SAS statistical modeling software that is described in the case study and will answer as to how better data management and analytics improve each company's business performance and provide two examples of improvement realized through mining customer databases. This study will additionally describe some of the weak points of predictive analytics and answer as to what management, organization, and technology…… [Read More]
Design citeia exist at the levels of the technical, system integation aspects of the database to othe systems though XML. This integation is citically impotant to ensue that the applications ceated can be effectively used ove time and not have any scalability issues. Thee is also the need fo designing the databases at the pesentation laye to povide fo scalability and flexibility of being able to ceate applications elatively quickly at the potal level. This is especially impotant fom a Business Pocess Management (BPM) standpoint as databases must be able to suppot the vaious pocess wokflows as defined as pat of business pocess e-engineeing effots ove time. Thee is also the need fom a design standpoint to have a continued development initiative going to captue use needs ove time and include them into the next geneation of database updates. The use of councils to ceate update plans and define the…… [Read More]
y grouping related database queries into transactions, DMS systems can guarantee that each transaction satisfies the ACID properties: Atomicity, Consistency, Isolation, and Durability. However, if a database application is decomposed into transactions in an incorrect manner, the application may fail when executed concurrently.
Concurrency control deals with the issues involved with allowing multiple people simultaneous access to shared entities (Ambler, 2004). A collision occurs when two activities, which may or may not be full-fledged transactions, attempt to change entities within a system of record. A database administrator can either devise ways to avoid collisions or detect and then resolve them. Transactions are collections of actions that potentially modify two or more entities. The easiest way for an application to implement transactions is to use the features supplied by the database. Transactions can be started, attempted, then committed or aborted via SQL code. Also, database APIs such as Java Database Connectivity…… [Read More]
These laws also emphasize that obtaining such personal information and how it will be used should be made with the individual's knowledge and consent. Moreover, individuals also have the additional rights of viewing, correcting, and deleting the information pertaining to them. ut do we really have access to all information that is being taken from us? We can never tell and we might end waking up one day being accused by actions we haven't taken or worst waking up with a different identity.
II. Security of the Data Gathered
Database Systems are designed and programmed by no less than humans. Securing these databases involves the protection against unauthorized disclosures, alteration and destruction. Security that focuses on stopping people without database access from having any form of access at all and stopping people with access to perform any data manipulation that are not part of their duties or not included in…… [Read More]
Databases in the Work Place
We are in the information age and the effective management of data is paramount in almost all aspects of our life. All businesses today thrive on the availability of vast pool of data pertaining to their domain and thus databases constitute an indispensable aspect of all businesses. Having access to a huge database and the intelligent interpretation of the data therein holds the key to business success. I am working as a database engineer for "Intelligent Email Solutions," a company which specializes in offering email based intelligent customer relationship management solutions. Let us have a brief overview of the use and the importance of databases in our company.
Our clientele are big corporations like Nike, Citibank, ANZ Grindlays, Jc penny etc. We provide automated email-based customer relationship management using our novel 'semantic engine' which scans through thousands of customer emails and categorizes them and…… [Read More]
Databases and their relational file structures have also progressed to the point of being open in architectural structure enough to allow for real-time updates via XML calls and integration points throughout individual and shared files (oth, Hernandez, Coulthard, Yan, et al., 2006). This open architecture-based approach to XML integration is also making databases ideally suited for transaction-intensive environments throughout e-commerce websites and throughout complex transactions involving multiple selling partners through a supply chain as well (Smyrlis, 2005). As a result, databases are the foundation of distributed order management, enterprise content management, enterprise resource planning (EP) and Customer elationship Management (CM) systems.
Databases and Security
Databases in organizations and governments often hold the most confidential data that exists and therefore need to be protected extremely well. The dominant standard for database security is ACID (atomicity, consistency, isolation, durability) compliance (Dolgicer, 1993). When an ACID test of compliance is completed on a…… [Read More]
Database Administrator, Manager of IT, and the value of a college education
As a result of swift distribution of computers and information technology, a necessity for well trained workers to design and promote new hardware and software systems and to integrate new technologies. These workers comprises of computer systems analysts, database administrators, and computer scientists. Based on the choices and procedures of employers and on development of new areas of specialization or alterations in technology, the job responsibilities and professional titles relating these workers change quickly. An ever-increasing level of talent and education from the employees is demanded by the speedily shifting technology. Organization's expectation on professionals is broadening from wholesome technical knowledge to communication and other interpersonal skills. Hence, workers who can manage various tasks are in great need.
Though employers favor workers with technical degrees, persons with degrees in a range of majors also get employment in these…… [Read More]
The authors have expertise with Oracle databases and use examples from the enterprise products this software vendor provides to make their point regarding security of highly distributed networks. One of the more valuable aspects of this specific paper is the focus on how to create a multilevel secure environment in an enterprise. The authors have done enterprise-level database security work in their careers and this article and research communicate their expertise clearly.
In the article Data Security: A Security Implementation for elational Database Management Systems (Nilakanta, 1989) the author contends that information architectures must rely on a stable database management system (DBMS) to scale securely and reliably across an enterprise. The author provides insights into several different security procedures and approaches to defining a secured operating environment for enterprise-wide DBMS implementations and use. There are also guidelines for defining security clearances and recommendations on hwo best to use encryptions for…… [Read More]
1. In a civil action, how can a claim of negligent hiring have a greater chance of succeeding?
Jurisdictions have been increasingly putting laws in place pertaining to what makes organizations a potential target for a lawsuit on negligent hiring. Though in most instances, claims of negligent hiring may be effectively fended off, it proves increasingly tricky in the following cases:
· If the individual harming or injuring another is an employee of the company.
· If the employee is found guilty of harming, injuring or doing any damage to the complainant.
· If the organization was aware of, or ought to have been aware of, the employee’s tendency to inflict harm or injury.
· If the organization was inattentive when hiring the individual and failed to carry out a proper background check which could have identified the individual’s tendency to cause harm to clients or colleagues (McCrie, 57-60).…… [Read More]
Databases and egulatory Compliance Challenges
The advent of technology has increased the popularity of database usage in firms, yet the legislation regulating the field has yet to be finalized. The changing nature of the IT sector, coupled with the legislative traits, creates several situations in which the companies find it difficult to comply with the regulations. This paper recognizes some of those difficulties, and also proposes some solutions.
egulatory challenges for databases
No sector in the modern day society evolves as rapidly as the technologic domain. And the innovations developed at this level come to impact all aspects of life, from the spending of the leisure time to the completion of the most challenging professional tasks.
The applications of technology within the contemporaneous society are numerous and complex, one specific example in this sense being represented by superior capabilities for data management. The management of the information integrates the…… [Read More]
Security Plan: Pixel Inc.
About Pixel Inc.
We are a 100-person strong business dedicated to the production of media, most specifically short animations, for advertising clients worldwide. Our personnel include marketing specialists, visual designers, video editors, and other creative staff.
This security plan encompasses the general and pragmatic characteristics of the security risks expected for our business and the specific actions that aim to, first and foremost, minimize such risks, and, if that's not possible, mitigate any damage should a breach in security happen.
The measures to be taken and the assigned responsibilities stated in this document apply to all the departments that make up the company. Exemptions can be given but will be only under the prerogative of the CEO under the consultation of the Chief Security Officer that will be formally assigned after the finalization of this document. Otherwise, there will be no exception to the security…… [Read More]
These personal productivity systems also tend to be islands of customer data that need to be integrated into larger customer information systems to be effective (Zahay, 2008). Enterprise-class DBMS are capable of integrating to broader process workflows due to their underlying technical design. In addition, these DBMS are often used for more advanced customer strategies including data mining, business analytics of customer bases, and the development of long-term loyalty campaigns. All of these types of analysis are not possible on the personal productivity class of databases. The limitations of enterprise DBMS however are the their cost for implementing in larger companies, and the need for training users how to use the many functions in these databases.
Daniel E. O'Leary (2008). Supporting decisions in real-time enterprises: autonomic supply chain systems. Information Systems and eBusiness Management, 6(3), 239-255. etrieved May 8, 2008, from ABI/INFOM Global database. (Document ID: 1475085461).
Debra Zahay…… [Read More]
Compare and contrast Microsoft Access, Microsoft SQL Server, DB2, and Oracle database programs
Providers: Microsoft Corporation provides Microsoft Access and SQL Server, Oracle by Oracle Corporation and DB2 is a product of IBM.
Brief about each:
MS Access: Microsoft Access is a database, which comes bundled in Microsoft Office Products. Access is fully compatible with Active Server Pages (ASP) scripting. Database programs such as Access (sometimes called Relational Database Management systems or RDBMS) are used to store information, often large amounts of information. It can be used as a flat-file database (using a single table) or a relational database (using more than one table linked together). Access database applications can be produced for a large number of database situations including financial and scientific data - with excellent results. Access comes equipped with Wizards, which help the novice to create tables, forms, queries and reports. A complicated relational database…… [Read More]
Database Data Warehouse Design
Our company, Data Analytic Limited, specializes in collecting and analyzing data for various organizations. Over the years, we have assisted various companies to turn raw data into valuable information that assists the companies in making effective decision profitable in the short and long run. Our research and data analytics are geared towards giving extra edge to various companies. Our services include processing and analyzing terabytes of data to provide customer meaningful information for business decision and enhance competitive market advantages. ecent growth of our company necessitates the needs to design and develop data warehouse that will accommodate large volume of customer data.
Objective of this project is to design and develop the data warehouse for our company.
Importance of Data Warehousing for our Organization
Comprehensive portfolios of our business include Business, Market, and Financial research, Data processing services and Domain based analytics. While the relational database…… [Read More]
Finally, the company uses Microsoft applications for expanding its business opportunities by providing quick information about customer requests.
ight now, the company is growing and it finds itself overwhelmed with growing information needs from customers and their increasing transactions. The company is realizing that to meet the needs they will need to update their software to meet the future needs of the business. The company is also recognizing that presently the applications that the company is using are full of security holes. Anyone can browse and download confidential data about customers and their transactions (McFadden, Hoffer, and Prescott, 1999). The company is taking adequate steps to improve these security gaps. For example, the company has featured Microsoft Access on a LAN rather than the personal computers. By doing so, the company makes it sure that before anyone can look customer and their transaction data, they need to use a password…… [Read More]
The most appropriate products that could be used by MMC to achieve this objective would be: IP San and a Snap Lock. An IP San is a fiber optic channel that can provide secure real time data to each location. Where, software and security applications can be adapted to the current system that is being used. The Snap Lock is: a security software that can be used to provide an effective way for each location to retrieve, update and change information.
Support for why these procedures and products are the optimal approach for this organization
The reason why these different procedures and products were selected was: to reduce the overall risk exposure of the company's external threats. The current system that is being used by MMC increases risks dramatically, by having a number of different systems, where financial information is stored. If any one of these systems is vulnerable, there…… [Read More]
For example, a straightforward database of customer names for a company is searched with relative simplicity. The names may be retrieved according to beginning letters or other important data (such as item purchased). But for a database of full-text magazine articles, the user will need to search according to name, title, publication, and keywords, among other features. The database will not be able to perform adequately without such usability factors. Even if a database is 'fast' in terms of how it returns queries, the queries must be of use to the searcher.
When developing the infrastructure, a data management system is required to operate the databases, store the information, back up the data, and enforce security. If users are entering sensitive information, password protection and encryption is also essential. The hardware and software used must be adequate to support the needs of the system. And the ease of data entry…… [Read More]
Database System in a Retail Environment
We are in a world of information boom and efficient management of data holds the key for success in this new business environment. The world of Internet has opened new vitas for corporations to take their business into a global level. Data management is at the center of all business applications and database systems are the very core of this new business perspective. Database systems have helped us take a huge stride in our ability to collect, interpret, and even assist in our decision making process. In short we can say that database management systems have bought a paradigm shift to our mode of business and have evolved from being simple store houses of data to more complex and highly efficient business decision making tools. Let us take Wall-Mart, the giant retailer as our case study and how the company profited from the implementation…… [Read More]
This researcher rejects the existence of online communities because computer mediated group discussions cannot possibly meet this definition. Weinreich's view is that anyone with even a basic knowledge of sociology understands that information exchange in no way constitutes a community.
For a cyber-place with an associated computer mediated group to be labeled as a virtual settlement it is necessary for it to meet a minimum set of conditions. These are: (1) a minimum level of interactivity; (2) a variety of communicators; (3) a minimum level of sustained membership; and (4) a virtual common-public-space where a significant portion of interactive computer mediated groups occur (Weinreich, 1997). The notion of interactivity will be shown to be central to virtual settlements. Further, it will be shown that virtual settlements can be defined as a cyber-place that is symbolically delineated by topic of interest and within which a significant proportion of interrelated interactive computer…… [Read More]
Security on Commercial Flights
Describe two (2) lapses in pre-flight security that contributed to the ease of the hijacking operation on September 11, 2001
Following the terrorist attacks of September 11, 2001, the United States of America evaluated the security of the commercial Airline Industry. Major security lapses gave way for terrorists to board commercial flights, which finally led to the aircrafts' hijacking and demise.
The first lapse that contributed to terrorist attack is President Bill Clinton's ignorance. U.S. administration under the leadership of President Bill Clinton ignored warning signs that Osama bin Laden and al Qaida organization was planning a terrorist attack on United States. Osama Bin Laden claimed responsibility of various attacks on U.S. Militaries deployed in various countries, such as Sudan and Soviet Union aimed at fighting the rising terrorist groups (Oliver, 2006).
The failure of the Intelligence Community is another lapse that contributed to the attack.…… [Read More]
A system possesses authenticity when the information retrieved is what is expected by the user -- and that the user is correctly identified and cannot conceal his or her identity. Methods to ensure authenticity include having user names and secure passwords, and even digital certificates and keys that must be used to access the system and to prove that users 'are who they say they are.' Some highly secure workplaces may even use biological 'markings' like fingerprint readers (Introduction, 2011, IBM).
Accountability means that the source of the information is not anonymous and can be traced. A user should not be able to falsify his or her UL address or email address, given the requirements of the system. "Non-repudiation is a property achieved through cryptographic methods which prevents an individual or entity from denying having performed a particular action related to data... Through the use of security-related mechanisms, producers and…… [Read More]
Security System Analysis
The information era has totally revolutionized our society with its sphere of influence touching every facet of our lives. There is a paradigm shift in our business methodology and ecommerce has evolved as an integral and indispensable aspect of any business venture that wishes to capitalize on the global market that technology promises. Today more and more companies are recognizing the vast potential and the unprecedented customer base of ecommerce which is definitely poised to become the mainstay business medium of the future. With ecommerce exploding like anything there will be more and more transfer of funds online. It stands out clearly that the anonymous nature of the web medium poses issues pertaining to the credibility and authenticity and thus compromises on the flexibility and the comfort of the web. The success of fast online fund transfer very much hinges on implementing effective security measures to…… [Read More]
(%) Cross Site Scripting (XSS) errors -- by far the most common strategy hackers use to gain access to the source code of websites and the databases supporting them is to use a technique called cross-site scripting (Brodkin, 2007). Actively monitoring the percentage of XSS errors over time can determine patterns of when hackers attempt to gain access to a website's source code, database links, pricing and e-commerce systems. This is one of the most often used metrics in security dashboards used for monitoring Web-based applications and multisite installations.
(%) Incidence and Trending of Buffer Overflow Injection Flaws -- This is most commonly associated with attempts to gain access to SQL databases supporting a website by forcing a buffer overflow condition (Brodkin, 2007). This is one of the most effective hacking strategies there are as it forces a system to fail and allow access.
(%) Authentication Soft and Hard Errors…… [Read More]
Even though there is always some form of a risk involved in the coding technique together with the deployment methods of a website, some technologies such as PHP and MySQL form some of the worst aggravators of online website security. The loopholes that exists in the use of these technologies results in some of the worst hack attacks and security breaches ever experienced in the field of web design. The internet is bustling with a lot of activities. Some of the activities that are officiated over the internet are very sensitive due to both the nature of the information exchanged or even the information stored in the database.
It is paramount that websites be provided with secure and personalized databases. One inevitable fact however is that once a site is deployed on the internet, it becomes a resource to be accessed by everyone as postulated by Kabir
Secure website development…… [Read More]
Security Audit for FX Hospital EH/EM Systems
The study carries out the security audits for the FX Hospital EH/EM information systems to identify the vulnerabilities in the systems. The study uses the BackTrack as an auditing tool to penetrate the website, and outcomes of the auditing reveal that the website is not secure and can be subject to different vulnerabilities. After carrying out the auditing, the study is able to collect as much patients' data as possible revealing the website can be subject to vulnerable attacks. One of the vulnerabilities identified is that the website UL starts from HTTP showing that an attacker can easily break into the website and collect sensitive information. Moreover, all the data in the website are not encrypted making them easy for an attacker to collect patients' data.
By consequence, the FX Hospital can face lawsuits for failing to protect patients' data because if patients'…… [Read More]
Security Failures and Preventive Measures
Summary of the Case
The Sequential Label and Supply company is a manufacturer and supplier of labels as well as distributor of other stationary items used along with labels. This company is shown to be growing fast and is becoming highly dependent on IT systems to maintain their high end inventory as well as the functioning of their department.
The case started with the inception of a troubled employee who called up the helpdesk agent to resolve the issue he is facing. Likewise, other employees start calling in to launch similar complaints. Later, the technical support help desk employee, while checking her daily emails, accidentally opened an untrusted source file sent from a known work colleague. This led to a number of immediate problems in her network computer which led to her being not able to access the information over the network and the call…… [Read More]
There needs to be however more efficiency put into the process of validating just what is personal vs. professional mail, with a more insightful series of policies put in place to define acceptable use of e-mail and communications systems (Breaux, Anton, 2008).
Clearly, being able to guard against personal data of employees being accessed, sold or used in any way needs to have even more stringent rules associated with it (Breaux, Anton, 2008). The fact that so many companies today have their employee database compromised and then selectively sold off to telemarketers, it is clear that higher penalties need to be put into place for it professionals who either have lax security in place to allow this to happen, or unfortunately make the terrible mistake of thinking this is a way to make extra cash. As has been seen from the cases of overt theft of employee data, it has…… [Read More]
A few of the most notable include: social networking / fake emails and cloud computing. The information from this source is useful, as it is illustrating the current challenges facing the database security of most organizations. (Kark, 2011)
Olzak, T. (2008). Five Steps to Protect Mobile Devices. Tech epublic. etrieved from: http://www.techrepublic.com/blog/security/five-steps-to-protect-mobile-devices-anywhere-anytime/529
The article that was written by Olzak (2008), is talking about specific tools for protecting mobile devices. These include: storing information that is absolutely necessary, protecting the database when it is accessed over public networks, configuring devices to block external spying and encrypting sensitive information. This information is useful, because it is showing how organizations must utilize specific steps to safeguard against new vulnerabilities. (Olzak, 2008)
Tanzy, B. (2011). Security Strategy. Silicon.com. etrieved from: http://www.silicon.com/technology/security/2011/05/12/security-strategy-staff-smartphones-ring-the-changes-39747388/
The article that was written by Tanzy (2011), is discussing the challenges associated with cloud computing and accessing information from databases remotely. This…… [Read More]
Hence, along with database security, it is important that the operating system is also secured from unauthorized access.
Data Security Policy
There are instances when not all information in a database is open for access to a user. Hence, there is the data security policy that controls the level of access a user has. According to Oracle Corporation Online,
Data security includes the mechanisms that control the access and use of the database at the object level. Your data security policy determines which users have access to a specific schema object, and the specific types of actions allowed for each user on the object.
Generally data security is based on how sensitive information is (Oracle Corp.). Important and confidential information is always necessary to be accessible only to a limited number of users.
User Security Policy
This policy defines how users will be allowed to access a database. The most…… [Read More]
rich society, database management is an ever-expanding and increasingly important field. This paper discusses databases, database management systems (DBMSs), and their importance in today's society. Additional topics include the need for security, concurrency, and control within database management, as well as the role of the database administrator.
A database can be defined as "a structure that can house information about multiple types of entities, the attributes of these entities, and the relationships among the entities" (St. Edward's University). Databases can contain a wide variety of information. For example, a university database may include information about students, courses and classrooms. Further, this university database may contain significant amounts of information about the relationships between these entities, such as student course enrollment, and the use of classrooms for courses (amakrishnan).
A database management system (DBMS) is "a software product through which users interact with a database" (St. Edward's University). These systems allow…… [Read More]
Director of Information Security
There is now a need evolving to create a better-sophisticated system of security that can prevent many financial disasters for companies and customers. This becomes necessary because of growing technology and the way the malicious elements have become better at using technology to further their nefarious purposes. Financial institutions also stand a good chance of being the target of the future cyber terrorist. Because of all these changes, the role of the security directors known as the CISCO -- Chief Information Security Officer has become very specialized to the extent that form the rudimentary service it began with, namely the basic IT security administration. It has now encompassed the role of addressing every threat and risk management especially in financial organizations that have large customer bases, ATMs and online banking. It was formerly a necessary periphery service that included just maintenance of firewalls, upgrading antivirus and…… [Read More]
A Brief Critique of Database Security Articles
The focus of both papers to be critiqued is the definition, status, and significance of database security. As many corporations such as Amazon and Google move toward using cloud computing, there is greater concern for the security of information contained within databases. Long before cloud computing (long in technology terms), database security was a primary concern in information technology. The paper will offer insight as to the validity of the arguments presented in each piece as well as significance of the topic in general.
Mashburn states that although companies utilize databases placed on the Internet, most companies are unaware of their databases' security. He claims that companies are prioritizing the convenience of using Internet databases over preventative security measures to keep the data safe. This lack of awareness will ultimately cost companies money. The data may be compromised in some way…… [Read More]
Databases and Data Communications
Understanding whether or not the need for a database exist occurs within several types of businesses at all levels. Several professionals have taken time to determine this need in order to improve operations within their operations. These professionals include educational institutions and doctors, as well as insurance companies. Databases are becoming a part of everyday living. There are several things a database can bring to a company which includes, efficiency and the ability to manipulate, input and use information. These benefits provide organizations with powerful decision making tools that aid in onscreen delivery and printed reports. Possessing a database management system is an essential tool in the ability of an organization to retrieve and store mass amounts of data at command. Although the possibility of a database being nothing greater than a time consuming expense, when used properly, a database can be an asset to any…… [Read More]
Next, firewalls capable of blocking IP addresses need to be installed and used (Becker, Clement, 2006). The focus on these efforts is just the first phase; there needs to be a monthly audit of IP addresses in the departments where P2P file sharing has occurred to make sure it isn't happening again. This an be accomplished using a series of constraint-based configuration tools that will trap on P2P known client footprints or digital signatures and immediately block them (Hosein, Tsiavos, Whitley, 2003). This technology will also work to isolate any inside IP addresses which attempt to reach P2P client-based download sites and immediately log and block all IP activity for the address. This will make a given IP address inoperable and immediately delete it, which will make any subsequent hacking attempts of the system useless. This is precisely the strategy the U.S. Government is using today to ensure a very…… [Read More]
security and governance program is "a set of responsibilities and practices that is the responsibility of the Board and the senior executives." This is the procedures by which the company ensures information security in the organization. The program consists of desired outcomes, knowledge of the information assets, and process integration (ITGI, 2013). Security of information is important because of the value of information, especially proprietary, in today's business world. The biggest differentiator between governance and IT security is that the latter is about the physical constructs of the IT program but governance incorporates everything include spoken communication so any form of information creation or handling.
The first thing is the desired outcomes. The company has to know what it wants to accomplish with this program. Ideally there is alignment between the information security strategy and the organization's overall strategy. There should be risk management, so understanding the different risk and…… [Read More]
Security in Healthcare
The recent advances in technology -- databases that store personal medical records and information -- are bringing tools to patients, doctors and other healthcare professionals that were simply not available just a few years ago. There is hope that eventually, a doctor in Hawaii that is treating a medical emergency for a tourist from Florida, will be able to access the digitally kept medical and healthcare records for that injured tourist. In other words, there will likely be in the foreseeable future a national database -- that perhaps links state databases with each other the way the FBI and local law enforcement agencies are linked -- that will be of enormous benefit to citizens and their healthcare providers.
But before that nationally linked database can become a reality, there are a number of potential problems that need to be ironed out. For example, legislation needs to be…… [Read More]
" (Muntenu, 2004)
According to Muntenu (2004) "It is almost impossible for a security analyst with only technical background to quantify security risk for intangible assets. He can perform a quantitative or qualitative evaluation using dedicated software to improve the security of the information systems, but not a complete risk assessment for the whole information system. Qualitative assessment based on questionnaires use in fact statistical quantitative methods to obtain results. Statistical estimation represents the basis for quantitative models." Muntenu states conclusion that in each of these approaches the "moral hazard of the analyst has influence on the results because human nature is subjective. He must use a sliding window approach according to business and information systems features, balancing from qualitative to quantitative assessment." (2004) qualitative study of information systems security is reported in a study conducted in U.S. academic institutions in the work of Steffani a. urd, Principal Investigator for…… [Read More]
Analysis and Overview of Database ystems in the Enterprise
The pervasive adoption of databases for aggregating, analyzing, parsing, reporting and storing data continues to exponentially increase over time, as the information needs of companies continued to increase. The foundation fo nearly every enterprise-wide system and computing platform includes integration to databases of many types, from object-oriented to relational (Lungu, Velicanu, Botha, 2009). Every Enterprise Resource Planning (ERP) system today relies on databases for product, pricing, costing, production scheduling, service coordination and manufacturing execution task coordination as well (Bremer, Carey, 1987). Databases have become an essential component of every enterprise system in use today, from coordinating supply chains, sourcing, production and tracking customer activity and sales through Customer Relationship Management (CRM) systems (Madduri, hi, Baker, Ayachitula, 2007). Object-oriented databases are pervasively used in Computer-Aided Drawing (CAD) applications as well, given their speed and accuracy in managing geographic and graphic primitives…… [Read More]
Comparing Microsoft Access, SQL, IBM DB2 and Oracle databases is presented in this analysis, taking into account the key features of ACID Compliance, Data partitioning, interface options, referential integrity, operating systems supported, and support for transactions and Unicode. Each of these factors is initially defined followed by a table comparing them across the database types.
Definition of Comparison Factors
At their most fundamental level, all databases have support for relational data models and the ability to index data through the use of a wide variety of taxonomies or organizational structures (Basumallick, Wong, 1996). elational Database Management Systems (DBMS) however all have the ability to manage transactions with the greatest efficiency given the design of these systems to support multiple transactions at once, running concurrently from each other. The characteristic of an operating system being able to manage thousands of concurrent transactions at the same time is often referred…… [Read More]
Despite its clear benefits and advantages in terms of ease of use and cost effectiveness, there are certain risks associated with wireless networking. These risks are discussed further below.
Review of the Literature.
Security Risks Associated with IEEE WLAN 802.11. The applications for wireless communication technology continue to develop and expand; today, at least, the 802.11b is the standard of choice for wireless router communication used with network installation (Gonazles & Higby 2003). "The integrity of the transmitted data is a valid 2.4 GHz. At this wavelength medium, the propagation of wavelength maintains strong connectivity" (Gonzales & Higby 2003, p. 30). The technology of WLANs actually dates back to the mid-1980s; during this period, the Federal Communications Commission (FCC) freed up radio frequency (rf) to the industry. "Initially, this was viewed as a broadcast reception procedure and very little thought went to broadcast transmission" (Gonzales & Higby 2003, p. 30).…… [Read More]
security crisis that is plaguing e-commerce as it transforms into the epitome of global business. It attempts to analyze the possible repercussions of this problem and then put forward various possible solutions to rectify the biggest obstacle limiting the path of e-commerce progress. The ideas and references used in this proposal have been cited from five different sources.
E-commerce has changed the way the world do business, plain and simple. It has single-handedly brought more people, countries, enterprises and governments together to the same world market than all other forms of conducting methods, combined. This name, given to the electronic method of executing business, has made the task of buying every available merchandise exponentially easier and has therefore made all the more products accessible to the general population as well as businesses and industries. The boom in online trade is gaining alacrity and is destined to become the method of…… [Read More]
Current Employment Trends and Certification Options for Database Professionals. Monaco Vs US
Current Job Markets and Future Trends Analysis
The current job trends for database professionals indicate that in both countries employment is projected to grow by about 11 percent in the coming 5 years (Kline). This is faster than the average in any other occupation. The driving factor is the ever-increasing data needs of companies within the economy. Data has been seen as the next currency and every company wants to invest heavily in the management and processing of data. According to the (U.S. Bureau of Labor Statistics), DBA professionals are ranked amongst the top 10 professions for the past several years. According to a survey carried out by (U.S. News & World Report), a majority of the current database professionals intend to retire in the next ten years since they are over 55 years. This means that there…… [Read More]
companies such as credit card systems have their backend offices (databases) in India. What are the benefits and risks?
The databasing industry in India is a growing and thriving IT market with credit care companies including Diners Club and Citibank storing their client and potential client information in Indian databases (Vandrevala 15). Clearly, there are extensive benefits from databasing this information offshore. The costs in India are much cheaper, to both develop and maintain complex databases, saving the company finances and labor. In addition, the copyright laws in India have been modified to protect the data, and maintaining ownership of the parent company, rather than the IT company providing services in India. This was a major hurdle to widespread databasing in India, and when the laws were changed, more companies such as credit card companies took advantage of the lower costs in India, and moved their databases offshore. Moreover, the…… [Read More]
Airport Security System
The secure operation of the aviation system across the globe is one of the most significant factors in the security and economic development of the United States. The use of the world's airspace should also be secured because aviation has become a major target for criminals. Actually, criminals, terrorists, and hostile nations increasingly consider aviation as a major target for exploitation and attack. An example of the security threats facing this industry is the 9/11 terror attacks, which highlighted the desire and ability of enemies to generate considerable harm to the United States. Therefore, aviation security is increasingly important in order to protect the country and its citizens from such attacks. According to Federal of American Scientists (2007), aviation security is realized through combination of private and public aviation security activities across the globe. These activities are then coordinated to detect, prevent, deter, and defeat threats that…… [Read More]
Health-Care Data at Euclid Hospital Security and Control: A White Paper
Protecting Health-Care Data
The efficiency of the modern healthcare system is increasingly becoming reliant on a computerized infrastructure. Open distributed information systems have been initiated to bring professionals together on a common platform throughout the world. It needs to be understood that easy and flexible methods of processing and communication of images; sound and texts will help in visualizing and thereby cure illnesses and diseases effectively. Another aspect is that the easy access and usage can risk patient privacy, accountability, and secrecy associated with the healthcare profession. Therefore, Information Technology -- IT must be able to focus mainly on improving the health of the patient and should not put the patient's health in danger. (IO Press)
This implies that right data has to be made available to the right person at the right time. IT strongly affects the confidentiality…… [Read More]
"Government representatives are responsive to and reliant upon feedback and suggestions from their constituents" and "the most direct way of impacting a legislator is through a letter-writing campaign. The more letters a legislator receives, the more important the issue becomes" (Keene State College Advocates, 2011).
One of the emerging threats that is now a more commonplace threat is that of cyber security. With technology advancing at a rapid rate, it seems that security is sometimes overlooked. Our society is well-versed in how hackers can hack into e-mail, social networking sites and bank accounts but it is absolutely something that the public needs to be more cautious of. A way to combat cyber threats would be to make sure that the computer is completely secure and use common sense when it comes to certain online transactions. People should band together and use one place to reveal the scams that they may…… [Read More]
It therefore assists in identifying network vulnerability and corrects them immediately.
Ferland (2009) noted that Secure Socket Layer (SSL) is a network protocol used in encrypting data so that the information send remains secure until it reaches its destination. It also used in the validation of the identity of the website which is using certificate. It informs the user the authentication of the website and that such a web site as been validated by the third party certificate authority. Both the source and destination of any send data has their own unique keys for encryption. However, the organization would install SSL certificate so that the customers has trust in our website
Digital certificate is describes as an electronic "tag" that shows the credentials of an organization when doing business or any other transaction online. The certificate contains the name of organization, serial number, and expiry date,…… [Read More]
wireless Web is truly' the next major wave of Internet computing
A its potential for bringing people together and expanding commerce is even greater than that of the wired Internet."
Edward Kozel, board member and former CTO of Cisco systems (AlterEgo, 2000, p. 12)
The integration of the Internet into our modern culture as a driving force behind business, convenience, services and merchandise acquisition has created a new set of desires for modern consumers. The trend started with the ease and availability of services and products being offer4ed through radio and television advertising, and then infomercials and shopping channels. The internet brought the availability to purchase products, goods, and information from our desks and kitchens. Now trough wireless hotspots and wireless devices, society is following their desires toward a marketing distribution channel which motivates them to pay for internet access, and mobile commerce (m-commerce) anytime, anywhere, and instantly. These sets…… [Read More]
Countermeasures After 911
Without a doubt, September 11th changed a tremendous amount about how we live and about how safe (and unsafe) we feel. These attacks caused enormous changes and countermeasures regarding the way we travel and the way we interact with one another and the way in which we use technology. However, ever since the ten-year anniversary of 9/11 has come and gone, it begs to determine just how much we've changed in the way that we live, examining specific areas of technology, commerce and communication. Consider the following: "In spite of a doubling of the intelligence budget since 2001 to $80 billion, the creation or reorganizing of some 263 government organizations, and the formation of the $50 billion Department of Homeland Security, the government has largely fallen short, the new report notes. The report states that while some progress has been made, 'some major September 11 Commission…… [Read More]
Terrorist attacks are an ever-growing concern within the United States. Some states have taken a more developed approach to handling potential terrorist threats. Ever since the 9/11 attacks, Florida was the first draft the United States' first comprehensive counterterrorism policies to assist in the protection of Florida's citizens and visitors. Florida's policy was drafted early within the new model of Homeland Security. The policy has various modifications performed over the years. However, a comprehensive evaluation and analysis has not been done since the start. Times change and so has the current list of potential terrorist threats. With new technologies available and the latest weaponries and tactics, Florida must update its Domestic Security Strategic Plan.
The latest strategic plan ran from 2012-2014 with a new one that will cover from 2015-2017. The plan provides important information on what Florida has done and planned on doing in recent times. As well, as…… [Read More]
hat It Takes To Be A Database Administrator
A database can be defined as an organized collection of data, most probably in digitized form. Data is organized within such databases primarily in such a way that it displays and supports the processing of the relevant aspects of the information as it is required by those who use the database. Databases are usually software management systems that are quite complex. The complexity is embedded in these databases to ensure the presence of security, and is also inherent due to the nature or quality of the information they carry, i.e., large amount of important data. [1: Microsoft. "Database Basics." Microsoft Office. March 2012 .]
Nowadays, the utilization of databases is so widespread amongst every sector of the business, that almost every other product, whether small or large, and technology, whether existing or latest, is dependent upon the usage of databases…… [Read More]
Database Deliverables: Wild Wood Apartments
Wild Wood Apartments has relied on individual apartment managers tracking the maintenance, repairs, and renting of the respective units in their assigned buildings. Every quarter, managers are expected to fill out lengthy reports by hand to submit to the central headquarters in San Francisco. However, the process is tedious and often riddled with mistakes, making it clearly inefficient. Managers have been complaining about the inefficiencies of the system, asking the parent company to address their concerns with preparing a centralized database that makes it easier to track and record maintenance and leasing events in real time, thus making data available as events occur and avoiding the lengthy quarterly process of reporting multiple events in a single sitting.
The apartment database will manage maintenance and leasing events in real time. Apartment managers will be able to upload changes to leases, maintenance expenses and events, and…… [Read More]
Building a Database for Use in Scheduling Process
The scheduling of various activities can at the moment be with the help of computer programs that implement the methodology of the critical-path method (CPM) (Choo et al.,2008). The requirements for building a database for use in scheduling process are numerous. For instance, each scheduler must have a separate database for storing information persistently. The server administrator and the application scheduler have the choice as well as location of database to be used. The performance of a scheduler is largely affected by the performance of the chosen database. If more tasks per second are needed then the scheduler daemons can be run on larger and faster systems.
According to Johnson (2004), the requirements for building a database for use in scheduling process include ensuring the following;
The scheduler database and service must be configured have a high level of availability by…… [Read More]
Design a data model that will conform to the following criteria:
• Propose an efficient data structure that may hold the tour operator's data using a normalization process. Describe each step of the process that will enable you to have a 2nd Normal Form data structure.
The database in question provides sufficient data for operational consistency but the redundancy of certain data impedes the general efficiency of the system in place. Therefore, normalization is a major priority for the tour operating company. Specifically, the database is overburdened by duplicate customer records, each of which is created at the time that a new tour is booked. This denotes that the system is decidedly inefficient in presenting data on the whole of our customer base.
First, we propose the use of framing as a data structure as a way of refining the representation of data. According to the text…… [Read More]
Business Database Technology
The focus of this project is to design a database program for a company called Home Sweet Home that specializes in the management of properties on behalf of owners. The company offers a complete rental service for customers willing to rent furnished properties. The services delivered by the Home Sweet Home include advertising of properties in then local and national press. The company also carries out the interview and organize visit to prospective renters as well as negotiating the lease agreement. Once a customer rent a property, the company assumes the responsibilities of carrying out the regular property inspection.
Entities are the object used to track the database, and each entity is stored in the database. The entity assists in designing the ED (entity relation diagram). This paper identifies the entities that need to be used in the database design for the Home Sweet Home. The…… [Read More]