Data Structure
Networking
RDBMS
Operating System
Java
MS Excel
iOS
HTML
CSS
Android
Python
C Programming
C++
C#
MongoDB
MySQL
Javascript
PHP
Physics
Chemistry
Biology
Mathematics
English
Economics
Psychology
Social Studies
Fashion Studies
Legal Studies
- Selected Reading
- UPSC IAS Exams Notes
- Developer's Best Practices
- Questions and Answers
- Effective Resume Writing
- HR Interview Questions
- Computer Glossary
- Who is Who
What are the types of threats in a database?
There are various types of threats which are as follows −
Unauthorised modification − It can be changing data values for reasons of sabotage, crime or ignorance which can be allowed by inadequate security structure, or sharing of passwords or password guessing.
Unauthorised disclosure − When the information should not have been revealed. A general problem of central importance, which can be accidental or deliberate.
Loss of availability − When the database is not available it acquire a loss. Therefore any threat that provides rise to time offline, even to check whether something has appeared, is to be avoided.
Commercial sensitivity − Some financial losses through fraud appear from employees. Access controls supports both protection against criminal acts and evidence of attempts (strong or otherwise) to carry out acts detrimental to the organisation, whether fraud, extraction of sensitive information or loss of availability.
Personal privacy and data protection − Personal information is data about a detectable individual. Often the individual has to be alive but the approach of identification is not defined. Therefore a postal code for a home may in some cases recognize an individual, if only one person is living at an address with the postal code. Such data require careful managing and control.
Computer misuse − There is also usually measure on the misuse of computers. Misuse involves the violation of access controls and tries to cause damage by changing the database state or presenting worms and viruses to interfere with useful operation. These violation are often extraditable.
Audit requirements − These are operational constraints built around the need to understand who did what, who attempt to do what, and where and when everything appeared. They contain the detection of events (such as CONNECT and GRANT transactions), supporting evidence for detection, assurance and either defence or prosecution.
In considerations of logical access to the database, it is simply to lose sight of the fact that some system access imposes risks. If there is access to operating system service, it becomes possible to access the disk storage precisely and copy or damage the entire database or its components.
A complete consideration has to take some access into account. Most analysts can be viewing to minimise communications (direct, network and telecommunications) and separate the system from useless threats. It is also acceptable that encryption can be used both on the data and the schema. Encryption is the procedure of transforming text and data into a form that can only be read by the recipient of that information or text, who has to understand how to transform it end to a clear message.
453 Views
