Data has become part and parcel of our lives. There is so much important data that its security becomes an issue for us. To secure data, we need certain data-centric security mechanisms.
Data-centric Security Mechanism is way of countering any attack or threat that might occur to data by emphasizing on data rather than the network.
Let us discuss certain general data-centric security measures.
- Cryptology –
Communication always happens between two parties – One which sends message and others who receive it. Sometimes, sender wants message only reaches receiver and is not leaked in process of sharing. To avoid other parties from viewing or understanding message, sender and receiver perform some safety measures. Cryptology is tudy and implementation of encryption and decryption. Encryption and decryption techniques are used to secure data.
The message is sent in following steps:
- Sender has a message in a readable and understandable format. This message is called plain text.
- Sender converts this message into a non-readable format so that anyone other receiver would not understand message. The process is called encryption and message in plain text is now converted into cipher text.
- Ciphertext then is to be sent to receiver. This can happen only through a secure channel or medium.
- When data reaches receiver side, it is in ciphertext form.
- Ciphertext is then changed into a readable format through decryption process. After completion of decryption process, receiver gets plain text, which is actual message sent by sender.
- Data Access Controls and policies –
Data Access Controls refer to restrictions on access and use of data. This means that data should be accessible to only people who have proper authorization to use it. This requires knowledge of information, its storage, its importance, and authorized people. Then, controls are set such that other unauthorized people shall not be able to view, use or manipulate data.
- Data Masking –
Data masking is a technique by which data can be hidden within a database relation (table) or cell so that people without access cannot handle it. This can be achieved in many ways such as by duplication or dynamically. This is so done because sensitive information needs to hide from people (developers, unauthorized users, third party, outsourcing vendors, etc.).
- Data Auditing –
This refers to assessment of data controls and activities in data layer. There should be timely auditing so as to look out for any security breaches to data. There are several companies that lack this important factor and it results in stealing or manipulation of important data. The assessment must be performed at regular intervals. The regularity minimizes data breaches and they can be easily handled.
Attention reader! Don’t stop learning now. Get hold of all the important CS Theory concepts for SDE interviews with the CS Theory Course at a student-friendly price and become industry ready.
- Difference between Cyber Security and Information Security
- Difference between Network Security and Cyber Security
- Difference between Information Security and Network Security
- How Security System Should Evolve to Handle Cyber Security Threats and Vulnerabilities?
- General Packet Radio Service (GPRS)
- What is Information Security?
- Hash Functions in System Security
- Active and Passive attacks in Information Security
- Port Security in Computer Network
- Adaptive security appliance (ASA) features
- Threats to Information Security
- Risk Management for Information Security | Set-1
- Risk Management for Information Security | Set-2
- Basic configuration of Adaptive Security Appliance (ASA)
- TELNET and SSH on Adaptive Security Appliance (ASA)
- System Security
- IP security (IPSec)
- Types of DNS Attacks and Tactics for Security
- Privacy and Security in online social media
- Port Address Translation (PAT) on Adaptive Security Appliance (ASA)
If you like GeeksforGeeks and would like to contribute, you can also write an article using contribute.geeksforgeeks.org or mail your article to email@example.com. See your article appearing on the GeeksforGeeks main page and help other Geeks.
Please Improve this article if you find anything incorrect by clicking on the "Improve Article" button below.