Group:
database
Topic:
archives
Topic:
database consistency and reliability
Topic:
database implementation
Topic:
error safe systems
Topic:
implementing distributed systems and applications
Topic:
password protection
Topic:
power fail recovery
Topic:
replicated data
Topic:
security by audit trail
Topic:
security leaks and weaknesses
Topic:
self-identifying data structures
Topic:
trust
| |
Summary
Databases are one of the most important assets of a computer facility. Without the database, its data, and its software contents, the system would be just a bunch of wires. Many people use and depend on a database's public and private information. Measures can be taken to enhance database security: power fail backup, fire-proof environment, controlled access to hardware, frequent automated backups, verified database modifications, critical region maintenance, modification audit trail, user identification, and anomalous use detection.
A special problem exists with secondary databases stored off-site. A system needs to guarantee that stored information has not been modified since it was stored. Usually manual procedures are followed with the assumption that malicious modification or storage degradation is unlikely. Security can be provided by encrypting the migrated data or a signature generated from the data. (cbb 5/80)
Subtopic: what is security 
| QuoteRef: martJ_1975 ;;34 security-- protected physical destruction, reconstructible, auditable, tamperproof (user's identified), actions authorized, use monitored
| | QuoteRef: martJ_1975 ;;34 privacy-- rights of individuals to control disclosure
| | Quote: an interactive database should be invulnerable to accidents or failures [»stefM1_1987]
| | Quote: a design goal was a highly reliable file system which did not need independent backups [»corbFJ_1979]
|
Subtopic: access rights
| Quote: authorization model for relational databases; positive and negative authorizations, exceptions, groups, temporary suspensions [»bertE4_1999]
|
Subtopic: SQL injection attack
| Quote: precise, sound, efficient analysis for SQL injection; tracks user input non-terminals of a context-free grammar for string variables; tested with PHP [»wassG6_2007]
| | Quote: an SQL injection attack changes the intended syntactic structure of generated queries
|
Subtopic: storage jamming
| Quote: storage jamming is reducing the quality of stored data without being detected; use specialized data integrity constraints and detection objects that are not otherwise changed [»mcdeJ8_1995]
| | Quote: use a quarantine system to detect storage jamming; run under load via a script with a quick integrity check [»mcdeJ8_1995]
|
Subtopic: shared objects
| Quote: if objects are shared, must exercise control over how they are shared [»joneAK5_1978]
|
Subtopic: signature
| Quote: by signing a external representation, a type manager can release an object for later retrieval and authentication [»gligVD11_1979]
|
Subtopic: atomicity
Quote: 'ForceOut' writes a space to the backing file; for use in providing transactional atomicity
[»redeDD2_1980]
|
Related Topics
Group: database (27 topics, 665 quotes)
Topic: archives (19 items)
Topic: database consistency and reliability (15 items)
Topic: database implementation (18 items)
Topic: error safe systems (76 items)
Topic: implementing distributed systems and applications (41 items)
Topic: password protection (44 items)
Topic: power fail recovery (6 items)
Topic: replicated data (51 items)
Topic: security by audit trail (18 items)
Topic: security leaks and weaknesses (67 items)
Topic: self-identifying data structures (18 items)
Topic: trust
(21 items)
|
