0% found this document useful (0 votes)
2 views6 pages

Database Administration

The document outlines the roles of data administration and database administration, highlighting their responsibilities in managing corporate data and database systems. It discusses database security, common threats, and countermeasures to protect databases from various attacks. Additionally, it emphasizes the importance of views in databases for reducing complexity and enhancing security.

Uploaded by

mwanchaduke33
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
2 views6 pages

Database Administration

The document outlines the roles of data administration and database administration, highlighting their responsibilities in managing corporate data and database systems. It discusses database security, common threats, and countermeasures to protect databases from various attacks. Additionally, it emphasizes the importance of views in databases for reducing complexity and enhancing security.

Uploaded by

mwanchaduke33
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 6

Data Administration and database administration

Data administration includes the management and control of the corporate data including
database planning, development and maintenance of standards, policies and procedures, and
logical database design.

Database administration involves the management and control of the physical realization of
the corporate database system including physical database design and implementation, setting
security and integrity controls, monitoring system performance, and reorganizing the database
as necessary

Data Administration

• A high level management function (E.g. Director)

• Determination of overall information needs from a management perspective

• Developing & administering the policies, procedures, practices & plans for definition,
organization, protection & efficient utilization of data

• Encompasses all corporate data whether computerized or not

Database Administration

• Normally responsible for computerized systems only

• Management & Co-ordination function

• Technical function responsible for:

– physical database design

– security

– backup

– Recovery

– Performance
COMPARISON OF ROLES

DATABASE SECURITY

Database security refers to the range of tools, controls, and measures designed to protect the
database against intentional or unintentional threats. A database represents an essential
corporate resource that should be properly secured using appropriate controls.

No matter how reliable your database management system is, you cannot guarantee successful
transactions every time. There are a number of failures that affect database processing.

Some failures may affect the disk storage, while some may only affect the data items of the
database residing in the main memory during the transaction processing. Some of the
common failures include:

 System Crash- refers to any kind of bugs or hardware malfunction in the operating
system or the database software. It can bring the processing of transaction to a halt and
can even cause the loss of content residing on the volatile storage such as main
memory, cache memory, RAM, etc.
 Statement failure- refers to the inability of database system to execute the given SQL
statement.
 Media failure- can be disk, CPU, network failures among others.
 Application software errors- can be as a result of several factors such as bad input,
resource limit exceeded, or any such factors related to the application software. The
logical or internal errors are also included in this category that causes the transaction
to fail.
Database security is considered in relation to the following outcomes:

 Theft and fraud


 Loss of confidentiality
 Loss of privacy
 Loss of integrity
 Loss of availability

Database security must address and protect the following:

 The data in the database


 The database management system (DBMS)
 Any associated applications
 The physical database server and/or the virtual database server and the underlying
hardware
 The computing and/or network infrastructure used to access the database

Database Security Attacks

a. Insider threats

An insider threat is a security threat from any one of three sources with privileged access to
the database:

 A malicious insider who intends to do harm


 A negligent insider who makes errors that make the database vulnerable to attack
 An infiltrator—an outsider who somehow obtains credentials via a scheme such as
phishing or by gaining access to the credential database itself

Insider threats are among the most common causes of database security breaches due to
allowing too many employees to hold privileged user access credentials.

b. Human error
Accidents, weak passwords, password sharing, and other unwise or uninformed user
behaviors continue to be the cause of nearly half (49%) of all reported data breaches.

c. DBMS vulnerabilities
Hackers make their living by finding and targeting vulnerabilities in all kinds of software,
including database management software. All major commercial database software vendors
and open source database management platforms issue regular security patches to address
these vulnerabilities, but failure to apply these patches in a timely fashion can increase your
exposure.

d. SQL/NoSQL injection attacks


Involve the insertion of arbitrary SQL or non-SQL attack strings into database queries served
by web applications or HTTP headers. Organizations that don’t follow secure web application
coding practices and perform regular vulnerability testing are open to these attacks.
e. Buffer overflow attacks
Buffer overflow occurs when a process attempts to write more data to a fixed-length block of
memory than it is allowed to hold. Attackers may use the excess data, stored in adjacent
memory addresses, as a foundation from which to launch attacks.

f. Denial of service attacks


In a denial of service (DoS) attack, the attacker deluges the target server (database server)
with so many requests that the server can no longer fulfill legitimate requests from legitimate
users, and, in many cases, the server becomes unstable or crashes.
In a distributed denial of service attack (DDoS), the overflow comes from multiple servers,
making it more difficult to stop the attack.

g. Malware
Malware is software written specifically to exploit vulnerabilities or otherwise cause damage
to the database. Malware may arrive through any endpoint device connected to the database.

h. Backup Attacks
Backup data should be protected with the same strong controls used to protect the database
otherwise the backup will be vulnerable to attacks making it difficult for an organizations to
recover incase attacked.

Database threats have been enhanced by the following:


a. Growing data volumes: Data capture, storage, and processing continues to grow
exponentially across nearly all organizations. Any data security tools or practices need
to be highly scalable to meet near and distant future needs.
b. Infrastructure sprawl: Network environments are becoming increasingly complex,
particularly as businesses move workloads to multicloud or hybrid cloud architectures,
making the choice, deployment, and management of security solutions ever more
challenging.
c. Increasingly stringent regulatory requirements: The worldwide regulatory compliance
landscape continues to grow in complexity, making adhering to all mandates more
difficult.
d. Cybersecurity skills shortage: there is an increasing shortage of experts in
cypersecurity to counter cyber-attacks.

Countermeasures to Database attacks


The types of countermeasures to threats on database system range from physical controls to
administrative procedures. They include:

 Physical security: Whether your database server is on-premise or in a cloud data


center, it must be located within a secure, climate-controlled environment. (If your
database server is in a cloud data center, your cloud provider will take care of this for
you.)
 Administrative and network access controls: A minimum number of users should have
access to the database, and their permissions should be restricted to the minimum
levels necessary for them to do their jobs. In addition network access should be limited
to the minimum level of permissions necessary.
 End user account/device security: Always be aware of who is accessing the database
and when and how the data is being used. Data monitoring solutions helps alert if data
activities are unusual or appear risky. All user devices connecting to the network
housing the database should be physically secure and subject to security controls at all
times.
 Encryption: All data including data in the database, and credential data should be
protected with the best encryption algorithms while at rest and in transit. All
encryption keys should be handled in accordance with best-practice guidelines.
 Database software security: Always use the latest version of your database
management software, and apply all patches as soon as they are issued.
 Application/web server security: Any application or web server that interacts with the
database can be a channel for attack and should be subject to ongoing security testing
and best practice management.
 Backup security: All backups, copies, or images of the database must be subject to the
same security controls as the database itself.
 Auditing: Record all logins to the database server and operating system, and log all
operations performed on sensitive data as well. Database security standard audits
should be performed regularly.

Data protection tools and platforms


Nowadays, a number of vendors offer data protection tools and platforms. A good solution
should include a number of the following capabilities:

Discovery: Look for a tool that can scan for and classify vulnerabilities across all your
databases whether they’re hosted in the cloud or on-premise and offer recommendations for
remediating any vulnerabilities identified. Discovery capabilities are often required to
conform to regulatory compliance mandates.

Data activity monitoring: The solution should be able to monitor and audit all data activities
across all databases, regardless of whether the deployment is on-premise, in the cloud, or in
a container. In case of any suspicious activities an alert should be issued in real-time so that
you can respond to threats more quickly.

Encryption and tokenization capabilities: In case of a breach, encryption offers a final line
of defense against compromise. Any tool you choose should include flexible encryption
capabilities that can safeguard data in on-premise, cloud, hybrid, or multicloud environments.
Look for a tool with file, volume, and application encryption capabilities that conform to your
industry’s compliance requirements, which may demand tokenization (data masking) or
advanced security key management capabilities.

Data security optimization and risk analysis: A tool that can generate contextual insights
by combining data security information with advanced analytics will enable you to
accomplish optimization, risk analysis, and reporting with ease. Choose a solution that can
retain and synthesize large quantities of historical and recent data about the status and security
of your databases, and look for one that offers data exploration, auditing, and reporting
capabilities through a comprehensive but user-friendly self-service dashboard.
VIEWS

With the functionality provided by the DBMS, it means a DBMS is an extremely powerful
and complex tool. However end users are not interested in how complex a task can be. Users
can see more data than they actually need to do their job. View mechanism allows each user
to have their own customised view of the database. A view is some subset of the database.

A view is usually defined as a query that operates on the base tables to produce another virtual
table.

Importance of views

 Reduces complexity by letting users see the data in the way they want to see it.
 Provides a level of security. Views can be set up to exclude data that some users should
not see.
 Views provide a mechanism to customize the appearance of the database. For example,
the Stock Control Department may wish to call the Daily Rental Rate column for videos
by the simpler name, Daily Rental.
 A view can present a consistent, unchanging picture of the structure of the database, even
if the underlying database is changed (for example, columns added or removed,
relationships changed, data files split, restructured, or renamed). If columns are added or
removed from a data file, and these columns are not required by the view, the view is not
affected by this
 change. Thus, a view helps provide additional data independence to that provided by the
system catalog.

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy