|
Database security issues:
Aggregation -
When a user does not have the clearance or permission to access specific information, but she does have the permission to access components of this information. She can then figure out the rest and obtain restricted information.
Inference -
Happens when a subject deduces information that is restricted from data he has access to. This is seen when data at a lower security level indirectly portrays data at a higher level.
Content-dependents access control -
Looks at the content of a file when it makes an access control decision. This type of access control increases processing overhead, but it provides higher granular control.
Cell suppression -
Is a technique used to hide or not show specific cells that contain information that could be used in inference attacks.
Partitioning -
Involves dividing the database into different parts, which makes it much harder for an unauthorized individual to find connecting pieces of data that can be brought together and other information that can be deduced or uncovered.
Noise and perturbation -
Is a technique of inserting bogus information in the hope of misdirecting an attacker or confusing the matter enough that the actual attack will not be fruitful.
Database views -
Permit one group or a specific user to see certain information, while restricting another group from viewing it altogether.
Polyinstantiation -
Enables a relation to contain multiple tuples with the same primary keys with each instance distinguished by a security level.
OLTP / On Line Transaction Processing -
Provides mechanisms that watch for problems and deal with them appropriately when they do occur.
- Two-phase commit service: Will make sure that a transaction is not complete until all databases receive and reflect a change
Data warehousing -
Combines data from multiple databases into a large database with the purpose of a fuller extent of information retrieval and data analysis
Data mining -
Is the process of messagining the data held in the data warehouse into more useful information.
- Metadata: Data produced by data mining tools to find associations and correlations.
OODB / Object-Oriented Data Bases -
Have the characteristics of ease of reusing code and analysis, reduced maintenance and an easier transition from analysis of the problem to design and implementation.
Its main disadvantages are a steep learning curve and high overhead of hardware and software required for development and operation.
Object-Relational Databases -
Combines the attributes of object-oriented and relational technologies.
|
|
