Saturday, December 7, 2019
Case Study on Database Management System-Free-Samples for Students
Question: Discuss about the Case study on Database Management System. Answer: Introduction Being a graduate with a degree in IT, database designing and administration, I have been employed by the IT start-up company. Here the focus is mainly on handling the database which is stored to connect to each other and to make a relationship between the data. The database should provide a proper security when the multiple users are accessing the system where each user will have the own level of rights to see the database. Some of them will be allowed to see the whole database like the managers to keep a check on the services and the maintenance history. (Zahid, Masood Shibli, 2014). With this, there is a proper evaluation of the database performance for determining the software requirements, evaluation criteria and the performance features. Security Factors affecting company database performance There are different database security risks which are a major concern to identify the risks factors and are considered to have a major effect on the security and the efficient functioning. The data tampering is harming the privacy of communication to ensure that the data could not easily be modified or viewed when set in transit. For this, the data modification attack need to handle the unauthorised party on the network intercepts with changing it before retransmission. The data theft is where the data is stored and then transmitted in a secured manner. There is a need to handle the valuable data which is open to view the interested parties and LAN environment is set with the insiders to access the physical wiring that could view the data that is not intended for the users[1]. The falsification of user identities and then focusing on how the user is able to satisfy the identity to gain access to any type of sensitive information. One can steal other personal data and setup any type o f credit accounts. The password related threats need to be handled where the users must be able to remember the different passwords for the applications. This is done through selecting the easy-to-guess password with choosing a standardised password. (Modi et al., 2013). The unauthorised access to the tables and columns need to be handled to protect the data at different levels. The unauthorised access to data rows tend to contain all the information which is important and available to users to access the table. The example for this is the shared environment business to access the data where the customers would be also able to see the orders. The lack of accountability is there with inability to track the user activities where the users cannot be held responsible for any type of actions. (Modi et al., 2013). There is a need to check on the complex user management requirements where the system support a larger number of users and are scalable as well. The larger scale environment is set with the burden to handle the management of user accounts and passwords that make a system vulnerable to the error and the attacks. There are issues related to the operating system vulnerability where the system and the services are mainly related to handle the unauthorised access. The issues are related to the weak auditing trials where the stringent regulatory compliance is set to handle the logging of the sensitive or the unusual transactions which are happening in the database. The focus is mainly on the operations where the database users are provided with the access to the abusing intentionally or unintentionally. Mitigation Strategies The physical environment needs to be maintained with increased database security that is set at the network level. It also presents the opportunities which is for bad actors and to compromise the physical devices as well. (Malik et al., 2016) The security issues are related to the network and assessing the weak points in the network and how the company tends to connect with the database. Access Control: the access control is the ability to handle different proportions of the database so that one can access to the data. With this, the focus is on the differentiated forms of tables, views, rows and the columns that are set for handling the authorisation process. If the access goes in the hands of the wrong people, then the entire database of the company can be leaked which can cause problems to the owner as well as the employees (Alassafi et al., 2016). Auditing: This is important to handle the performance of the security vulnerability scans and then reviewing the applications and other operating system with their access control. The database auditing logs needs to be handled with no misuse of the same. It also requires overseeing the database privileges and then handling the update of the user access accounts. The auditor role is for providing granularity to allow a separation from the authority of the administrator. (Ondiege Clarke, 2017). The issues can be related to the events to record a specific subset. Authentication: There are times when the users are not authenticated, and they tend to hamper the security of the data. hence, it is important to look for the security system with the identity of the system users. (Li et al., 2015) It is important that the authentication is based on generating the passwords which should enforce certain passwords requirement like insisting to use special character. Encryption: The encryption and controls are based on protecting the information when it passes through the network and then resides on the computer. This is then preserved through the confidentiality and integrity of the data which enforce the specific paths for communication. Integrity control: The security of the system includes the data which is protected mainly from the deletion or the corruption. The system and the object privilege control access are based on application tables and commands so that referential integrity is maintained with valid relationships between the values and the database. (Kim et al., 2016). The database must be protected against the virus in order to corrupt the data. The network traffic must be protected from deletion, corruption (Singh et al., 2016). Backup: The storage is mainly responsible for the backups through the database performance with ensuring the systems from access controls to physical security. The assigning of backup of the software access rights tend to provide a backup access and then storing the backups offsite. The choice is set for the network attached storage or external drivers to be sure to control access. The corporation need to focus on the assigning of assessment risk, developing a data protection process and communicate the process. Application security: The measures need to be taken to handle the improvement of security and the finding, fixing and preventing the security standards. The focus is on the varied forms of security methods where the access control is mainly to create better policies for accessing different applications. (Mitra, 2016). Here, the database needs to be possessed with the proper access control with regulating the varied forms of the methods of security so that there is no safety risk. The focus is on post-upgrading evaluation where the database is set for the administrator and to handle the performance of the post-upgrades. Here, there is a need to ensure a proper security which is found to be consistent for the different programs. The failure is mainly about performing the operations and then handling the application spoofing where the hackers are capable of creating applications that tend to resemble the connection to database. The management of user passwords is also important so that the IT database security managers tend to forget or remove the IDs related to accessing the privilege of the former users. This leads to the vulnerabilit ies and so the passwords need to be enforced with proper rules to avoid any authorisation process. (Singh Attri, 2015). A proper security of the physical environment and strengthening the network security will help in limiting the access to the server. Along with this, there is a cut back or elimination of any unneeded features as well. With this, the denial of service attack could also be effective to handle the security patches. The Intrusion Prevention System is effective to avoid any type of periodical auditing trials. Conclusion The database security is important to handle the different loss or the corruption of data. With this, there is a possibility to work on the security measures, hardware and the software infrastructure. (Mathew et al., 2014). The major emphasis is on the decision-making process, customer service and the supply chain management. Here, the security standards are set for matching the levels where the users have access to the different resources along with transparency in the data encryption. This will enable the encryption of the sensitive data in database columns as they are stored in the operating system files. (Wang Rawal, 2017). Recommendations For handling the database, there is a need to focus on how the confidential or personal information is spread which tends to include the different trading secrets and other proprietary information about the products. It includes the details about confidentiality which has different aspects related to secured storage of sensitive data and authentication of the users. Th secured storage includes the integrity and the privacy which needs to be protected on the database. The major concern is about handling the presentation with authentication that could use the biometric or the face recognition system. This will lessen the discrepancy in the system where authorisation is also important for the system to obtain the information and work on the users who perform the data objects that the user access. The reading of authorization tends to allow a proper handling of data with inserting authorisation that allows the new data, update, deleting of the unwanted data as well. References Alassafi, M., Alharthi, A., Alenezi, A., Walters, R., Wills, G. (2016). Investigating the security factors in cloud computing adoption: towards developing an integrated framework.Journal of Internet Technology and Secured Transactions (JITST),5(2). Kim, H. B., Lee, D. S., Ham, S. (2013). Impact of hotel information security on system reliability.International Journal of Hospitality Management,35, 369-379. Li, S. H., Yen, D. C., Chen, S. C., Chen, P. S., Lu, W. H., Cho, C. C. (2015). Effects of virtualization on information security.Computer standards interfaces,42, 1-8. Malik, M., Patel, T. (2016). Database Security-Attacks and Control Methods.International Journal of Information,6(1/2). Matthew, O., Dudley, C., Moreton, R. (2014, April). A Review Of Multi-Tenant Database And Factors That Influence Its Adoption. InUKAIS(p. 22). Mitra, S. (2016).A quantitative investigation of the security factors affecting the use of IT systems in public networks(Doctoral dissertation, Trident University International). Modi, C., Patel, D., Borisaniya, B., Patel, A., Rajarajan, M. (2013). A survey on security issues and solutions at different layers of Cloud computing.The Journal of Supercomputing,63(2), 561-592. Ondiege, B., Clarke, M. (2017). Healthcare professionals perception of security of personal health devices. Singh, S., Attri, V. K. (2015). State-of-the-art Survey on Security Issues in Cloud Computing Environment. Singh, S., Jeong, Y. S., Park, J. H. (2016). A survey on cloud computing security: Issues, threats, and solutions.Journal of Network and Computer Applications,75, 200-222. Wang, Y., Rawal, B. (2017). Usability meets security: a database case study.Journal of Advanced Computer Science Technology,6(2), 33-39. Zahid, A., Masood, R., Shibli, M. A. (2014, June). Security of sharded NoSQL databases: A comparative analysis. InInformation Assurance and Cyber Security (CIACS), 2014 Conference on(pp. 1-8). IEEE
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.