Topic: database security

topics > computer science > Group: security


database consistency and reliability
database implementation
error safe systems
implementing distributed systems and applications
password protection
power fail recovery
replicated data
security by audit trail
security leaks and weaknesses
self-identifying data structures


Databases are one of the most important assets of a computer facility. Without the database, its data, and its software contents, the system would be just a bunch of wires. Many people use and depend on a database's public and private information. Measures can be taken to enhance database security: power fail backup, fire-proof environment, controlled access to hardware, frequent automated backups, verified database modifications, critical region maintenance, modification audit trail, user identification, and anomalous use detection.

A special problem exists with secondary databases stored off-site. A system needs to guarantee that stored information has not been modified since it was stored. Usually manual procedures are followed with the assumption that malicious modification or storage degradation is unlikely. Security can be provided by encrypting the migrated data or a signature generated from the data. (cbb 5/80)

Subtopic: what is security up

QuoteRef: martJ_1975 ;;34 security-- protected physical destruction, reconstructible, auditable, tamperproof (user's identified), actions authorized, use monitored
QuoteRef: martJ_1975 ;;34 privacy-- rights of individuals to control disclosure
Quote: an interactive database should be invulnerable to accidents or failures [»stefM1_1987]
Quote: a design goal was a highly reliable file system which did not need independent backups [»corbFJ_1979]

Subtopic: access rights up

Quote: authorization model for relational databases; positive and negative authorizations, exceptions, groups, temporary suspensions [»bertE4_1999]

Subtopic: SQL injection attack up

Quote: precise, sound, efficient analysis for SQL injection; tracks user input non-terminals of a context-free grammar for string variables; tested with PHP [»wassG6_2007]
Quote: an SQL injection attack changes the intended syntactic structure of generated queries

Subtopic: storage jamming up

Quote: storage jamming is reducing the quality of stored data without being detected; use specialized data integrity constraints and detection objects that are not otherwise changed [»mcdeJ8_1995]
Quote: use a quarantine system to detect storage jamming; run under load via a script with a quick integrity check [»mcdeJ8_1995]

Subtopic: shared objects up

Quote: if objects are shared, must exercise control over how they are shared [»joneAK5_1978]

Subtopic: signature up

Quote: by signing a external representation, a type manager can release an object for later retrieval and authentication [»gligVD11_1979]

Subtopic: atomicity up

Quote: 'ForceOut' writes a space to the backing file; for use in providing transactional atomicity

Related Topics up

Group: database   (27 topics, 665 quotes)

Topic: archives (19 items)
Topic: database consistency and reliability (15 items)
Topic: database implementation (18 items)
Topic: error safe systems (76 items)
Topic: implementing distributed systems and applications (41 items)
Topic: password protection (44 items)
Topic: power fail recovery (6 items)
Topic: replicated data (51 items)
Topic: security by audit trail (18 items)
Topic: security leaks and weaknesses (67 items)
Topic: self-identifying data structures (18 items)
Topic: trust
(21 items)

Updated barberCB 5/04
Copyright © 2002-2008 by C. Bradford Barber. All rights reserved.
Thesa is a trademark of C. Bradford Barber.