Challenges of database security in DBMS
Seeing the vast increase in volume and speed of threats to databases and many information assets, research efforts need to be consider to the following issues
such as data quality, intellectual property rights, and database survivability.
Let’s discuss them one by one.
1. Data quality –
- The database community basically needs techniques and some organizational solutions to assess and attest the quality of data. These techniques may include the simple mechanism such as quality stamps that are posted on different websites. We also need techniques that will provide us more effective integrity semantics verification tools for assessment of data quality, based on many techniques such as record linkage.
- We also need application-level recovery techniques to automatically repair the incorrect data.
- The ETL that is extracted transform and load tools widely used for loading the data in the data warehouse are presently grappling with these issues.
2. Intellectual property rights –
As the use of Internet and intranet is increasing day by day, legal and informational aspects of data are becoming major concerns for many organizations. To address this concerns watermark technique are used which will help to protect content from unauthorized duplication and distribution by giving the provable power to the ownership of the content.
Traditionally they are dependent upon the availability of a large domain within which the objects can be altered while retaining its essential or important properties.
However, research is needed to access the robustness of many such techniques and the study and investigate many different approaches or methods that aimed to prevent intellectual property rights violation.
3. Database survivability –
Database systems need to operate and continued their functions even with the reduced capabilities, despite disruptive events such as information warfare attacks
A DBMS in addition to making every effort to prevent an attack and detecting one in the event of the occurrence should be able to do the following:
We should take immediate action to eliminate the attacker’s access to the system and to isolate or contain the problem to prevent further spread.
- Damage assessment:
Determine the extent of the problem, including failed function and corrupted data.
Recover corrupted or lost data and repair or reinstall failed function to reestablish a normal level of operation.
Reconfigure to allow the operation to continue in a degraded mode while recovery proceeds.
- Fault treatment:
To the extent possible, identify the weakness exploited in the attack and takes steps to prevent a recurrence.