General Data-centric Security Mechanisms

Data has become part and parcel of our lives. There is so much important data that its security becomes an issue for us. To secure data, we need certain data-centric security mechanisms.

Data-centric Security Mechanism is way of countering any attack or threat that might occur to data by emphasizing on data rather than the network.

Let us discuss certain general data-centric security measures.

  1. Cryptology
    Communication always happens between two parties – One which sends message and others who receive it. Sometimes, sender wants message only reaches receiver and is not leaked in process of sharing. To avoid other parties from viewing or understanding message, sender and receiver perform some safety measures. Cryptology is tudy and implementation of encryption and decryption. Encryption and decryption techniques are used to secure data.



    The message is sent in following steps:

    • Sender has a message in a readable and understandable format. This message is called plain text.
    • Sender converts this message into a non-readable format so that anyone other receiver would not understand message. The process is called encryption and message in plain text is now converted into cipher text.
    • Ciphertext then is to be sent to receiver. This can happen only through a secure channel or medium.
    • When data reaches receiver side, it is in ciphertext form.
    • Ciphertext is then changed into a readable format through decryption process. After completion of decryption process, receiver gets plain text, which is actual message sent by sender.

  2. Data Access Controls and policies –
    Data Access Controls refer to restrictions on access and use of data. This means that data should be accessible to only people who have proper authorization to use it. This requires knowledge of information, its storage, its importance, and authorized people. Then, controls are set such that other unauthorized people shall not be able to view, use or manipulate data.


  3. Data Masking
    Data masking is a technique by which data can be hidden within a database relation (table) or cell so that people without access cannot handle it. This can be achieved in many ways such as by duplication or dynamically. This is so done because sensitive information needs to hide from people (developers, unauthorized users, third party, outsourcing vendors, etc.).


  4. Data Auditing –
    This refers to assessment of data controls and activities in data layer. There should be timely auditing so as to look out for any security breaches to data. There are several companies that lack this important factor and it results in stealing or manipulation of important data. The assessment must be performed at regular intervals. The regularity minimizes data breaches and they can be easily handled.

Attention reader! Don’t stop learning now. Get hold of all the important CS Theory concepts for SDE interviews with the CS Theory Course at a student-friendly price and become industry ready.

My Personal Notes arrow_drop_up

I am an Information Technology final year student I have done professional Digital Marketing(including Blogging) course from Lurn Inc, Rockville, USA I love learning and teaching Do Let me know how you like my articles Improvements are most welcome

If you like GeeksforGeeks and would like to contribute, you can also write an article using contribute.geeksforgeeks.org or mail your article to contribute@geeksforgeeks.org. See your article appearing on the GeeksforGeeks main page and help other Geeks.

Please Improve this article if you find anything incorrect by clicking on the "Improve Article" button below.


Article Tags :
Practice Tags :


Be the First to upvote.


Please write to us at contribute@geeksforgeeks.org to report any issue with the above content.