What are the strategy of mobile database system in information security?

There are various strategy of mobile database system which are as follows −

  • Perfecting the Authentication Mechanism − It can avoid illegal terminal access deceptively and background information can be damaged, it is required for identity authentication, when mobile user and service database operating synchronous in the mobile database system.

    When it required to connect or disconnect mobile user, the mobile database needs to carry on identity verification itself, because the users input their user name and password, so can query, change the local caching after verification in mobile user. But the mobile user is needed to verify identity in the database server when the mobile user and the database server communicating.

  • Further Strengthen Storage Access Control − The access control needs protection data decide to grant and implement authority. It can be flexible control database security, database management system should support dynamic security mechanisms, including dynamic authorization.

    Data processing is directed by mobile devices, thus database system allows database administrator and specific access users selectively dynamically grant access to multiple users. But if users required to access the resources of mobile database, it should register to the user assign a password and grant their visit corresponding system resources rights. Unauthorized arbitrary users cannot use the database resource. It can enhance database security, it can continually change user password.

  • Strengthen the Encryption of Data − Access control alone is not adequate to improve privacy, and the mobile database system stored data is essential, therefore it is required to be encrypted to avoid leakage. Firstly it require to set a password encryption, as per the functional modules of multiple database to set different levels of passwords, and password must be encrypted.

    Password security can use the approach of zero, therefore that the genuine authorized user of the password cannot be pretending to copy or damage. Secondly, it can use multiple encryption methods, including the use of elliptic curve cryptography (ECC).

    It depends on the intractability of the definition of point group in the elliptic curve discrete logarithm problem, therefore enhancing the database data security, and there are no efficient approach of attack break. In addition it can also need triple encryption authentication of the class of Kerberos or other encryption methods.

  • Taking the Audit trail and Attack Detection into Account − The authentication and access control can efficiently guarantee the security of the system, but there will continually be system security vulnerabilities, the audit trail and attack detection is essential. The operation data of database can be recorded in the audit log automatically when the database is running, therefore to monitor the operation to database of each user.

  • To Improve the Backup and Recovery Capabilities of Mobile Database − The data of mobile database are generally very important, thus the tape backup, hot backup, manual backup methods have to be used for safety backup of the database to provide that the system has been destroyed for several reasons, can be rapidly put into use again.

Updated on: 07-Mar-2022


Kickstart Your Career

Get certified by completing the course

Get Started