The database security is broadly classified into physical and logical security. Database recovery is the way of restoring a database to a correct state in the event of a failure.
Physical security − Physical security refers to the security of the hardware that is associated with the system and the protection of the site where the computer resides. The natural events like fire, floods, and earthquakes can be considered as some of the physical threats. It is advisable to have backup copies of databases in the face of massive disasters.
Logical security − Logical security refers to the security measures present in the operating system or the DBMS designed to handle threats to the data. Logical security is far more difficult to accomplish.
Database security is performed at different levels. This is explained below −
It is necessary to take care of the database security at the stage of database design. Some guidelines to implement the most secure system are −
The database design should be simple.
The database must be normalized.
Create a unique key for each user or group of users.
Once the database is designed, the administrator is playing an important role in the maintenance of the database. The security issues at maintenance level can be classified into the following −
Operating system issues and availability
Confidentiality and accountability through authorization rules
A database for an enterprise contains a great deal of information and usually has several groups of users. Most users need to access only a small portion of the database which is allocated to them. DBMS should provide mechanisms to access the data. Especially, it is a way to control the data accessible by a given user.
The mechanisms for access control at the DBMS level are as follows −
Discretionary access control
Mandatory access control