What is the principles of database security in information security?

Database security defines the collective measures used to protect and secure a database or database management software from unauthorized use and malicious cyber threats and attacks. There are various principles of database security which are as follows −

Security models − A security model creates the external element for the examination of security problems in general, and supports the context for database considerations, such as implementation and operation.

Access control − The objective of access control should always be clear. Access control is costly in terms of analysis, model and operational costs. It can be used to known situations, to known standards, to obtain known purposes.

Authentication − The client has to create the identity of the server and the server has to create the identity of the client. This is completed using shared secrets (either a password/user-id set, or shared biographic and biometric information). It can also be produced by a system of higher authority which has previously established authentication.

In client-server systems where data is distributed, the authentication can be adequate from a peer system. Authentication does not provide some privileges for specific tasks. It can only create that the DBMS trusts that the user is claimed to be and that the user trusts that the DBMS is also the predetermined system.

Authorisation − Authorisation relates to the permissions granted to an authorised user to carry out specific transactions. Therefore, the change the state of the database (writeitem transactions) and receive information from the database (readitem transactions). The result of authorisation, which required to be on a transactional basis, is a vector − Authorisation (item, auth-id, operation). A vector is a series of data values at a known area in the system.

At a logical level, the system structure require an authorisation server, which required to co-operate with an auditing server. There is a problem of server-toserver security and an issue with amplification as the authorisation is transmitted from system to system. Amplification defines that the security problem become larger as a higher number of DBMS servers are contained in the transaction.

Access philosophies and management − Discretionary control is where definite privileges are created on the basis of specific assets, which authorised users are enabled to use in a specific way. The security DBMS has to make an access matrix such as objects like relations, data, views and operations for each user - each entry separating create, read, insert and update privileges.

This matrix becomes very complex as authorisations will change from object to object. The matrix can also become very high, because its implementation frequently requires the type of physical implementation related to sparse matrices. It cannot be possible to save the matrix in the computer’s main memory.