Freeessaysample

Data Integrity in regards to database security.

 Research Paper Criteria: You will be required to write a research paper this semester. Your research paper topic should have been proposed and outlined by the end of Week 2. The research paper specifications are as follows: 8-10 pages (double-spaced) Times New Roman 12 pt font. Must have Abstract, Table of Contents, Introduction, Conclusion and section headings Use at least five references outside of your textbook (you may use your textbook too, but are not required to). In addition to the required number of pages for the assignment, you must also include a reference page (bibliography), written in APA style and a title page. Be sure to give all of your papers a descriptive title! Typewritten in double-spaced format with a readable style and font and submitted inside the electronic classroom (unless classroom access is not possible and other arrangements have been approved by the professor). Page margins Top, Bottom, Left Side and Right Side = 1 inch, with reasonable accommodation being made for special situations Your paper must be in your own words, representing original work. Paraphrases of others’ work must include attributions to the authors. Limit quotations to an average of no more than 3-5 lines, and use quotations sparingly! It is always better to paraphrase than to directly quote.

Data integrity in regards to database security

Name

University

Date

Contents

ABSTRACT. 3

Data integrity in regards to database security. 4

Introduction. 4

Sources of threats to data integrity. 4

Practices and techniques  to enhance data integrity. 6

Data integrity principles and mechanisms. 6

Database security architecture. 7

Validation of data integrity. 8

Conclusion. 8

References. 9

ABSTRACT

Data integrity is a critical component that allows an organization to keep track of all the confidential information related to its operation.  Database security issues currently affect all the organizations across the globe, which compromises the integrity of data. This research focuses on the analysis of data integrity in regard to databases security. The achievement of data integrity is possible through the identification of database security threats such as cyber threats, human errors, transfer of data, SQL injection, and the use of compromised hardware. Data integrity is achieved through the application of techniques that enhanced databases security, which includes access control, input validation, backup, and encryption of data.  Also, the use of a data integrity mechanism plays a central role in enhancing databases security, which includes least privileges, well-informed transactions, separation of duties, among others. When database errors occur in a database, it is usually checked through the use of the DB CHECKDB procedure that allows detection of errors that are undetectable by the server. Therefore, data integrity is achieved through investment in a well-designed architecture database system that is less vulnerable to attacks.

Data integrity in regards to database security

Introduction

An organization’s core activities such as transactions, customers and employees information, and financial information among others are often stored in databases. Therefore, the database is an element that needs maximum security from threats that face it.  However, the risks that face the databases system compromise the security system, which affects the integrity of data.  The maintenance of a secure database poses a challenge to many organizations. With the rise in the use of the internet and network, maintenance of the integrity of data gets more complicated, calling for the need to develop efficient ways of protecting database security, which ensure the integrity of data. This research will analyze the integrity of data in regard to database security.

Data integrity is divided into various types.  Understanding the multiple categories of data integrity is central in the protection of data and allowing for maximum security of data.  Entity integrity is a database element that consists of rows, tables, and columns in which the details should either be the same or null (Mariuţa, 2014).  Referential integrity is the foreign keys in databases that can either be shared or null. The other type is domain integrity in which contains all the categories and values of a dataset, which allows for input and reading of data(Mariuţa, 2014).  The user defines integrity are sets of data that are created by users.  It is through this type of data integrity that databases security is achieved efficiently.

Sources of threats to data integrity

The widespread use of distributed client/server architecture increases the complexity of the issue that face4s the security of the database. The database is the central source of information that maintains the firms and therefore calling for the need to protect the integrity of data that is contained in the database.  Many security threats to the database are connected to the use of the internet and network.

Data integrity is achieved when there are accuracy and consistency of data over its life cycle. When the data of a company has been compromised, it affects the operation of a company. Enhancing the integrity of data boosts the performance of an organization while ensuring increased productivity.  Understanding the sources of compromise to data integrity is central to strengthening the security of databases. Human errors have been recorded to be among the threats that compromise the integrity of data in a database of an organization. According to Malik & Patel, more than   45% of human errors have been linked to the compromise of data integrity is a databases system (2016).

Additionally, data transfers have been recorded to cause compromise of data integrity. Studies show that more than 39% of the cases that compromise on data integrity are linked to data transfer among various companies (Malik & Patel, 2016).  Data transfers range from unintentional alteration of data or the transfer of data from one device to another.  When data is being transferred from one device to another, it is possible to be exposed to viruses and other mechanisms that result in the compromise of its integrity.  It is essential that companies put in place necessary precautions to prevent understanding of data while being transferred.  With the implementation of this strategy, many companies will be exposed to safe database systems.

 Also, cyber threats tend to affect the integrity of data (Kulkarni & Urolagin, 2012). Through the extensive network and internet, digital criminals find a way into the databases of a company and extract confidential information. The cyber threats range from hacking, bugs, malware, and viruses that attack the databases system.  There are many experts in coding and programming computers who use the skill in accessing the database information of a company which affects the integrity of confidential data of a company.  According to Kulkarni & Urolagin, more than 67% of cases of breaching databases are associated with cyber security threats (2012).  This shows that databases required advanced skills to protect them from cyber threats. Cyber threats are related to having a weak authentication system in place to protect the database system. The authentication process protects the system from illegal access and therefore protecting the integrity of information.

Additionally, structured query language (SQL) injections are also another common threat that faces databases security ((Kulkarni & Urolagin, 2012).  The SQL injection is performed within the database and the web application of the database.  Having unsanitized input before execution into databases creates an opportunity for the SQL to infect the databases.   Also, when attackers create malicious information, it increases the chances of the database being attacked by SQL.  SQL injection has been on the rise in the recent past, which presents a threat to the security of the database and therefore interfering with the integrity of data.  Studies show that more than 60% percent of databases across the globe have reported incidences of SQL injection at one point of their operation.  The attacker usually bypasses the web authentication, which allows them to inject the SQL into the databases and th4rfore interfering with the information stored in databases.

Moreover, the use of compromised hardware such as disk crashes and devices poses a threat to data security and integrity (Kulkarni & Urolagin, 2012). The hardware devices that are being used to exchange information can interfere with the integrity of database systems.  Studies show that more than 30% of the databases insecurity system reported are associated with the use of compromised hardware devices (Kulkarni & Urolagin, 2012). There is a need for companies to be careful in the handling of hardware devices that come in contact with the databases system to protect the integrity of data in a databases system of an organization.

Also, elevation privileges pose a risk to the security of the database affecting the integrity of data. Elevation privileges occur where users tend to convert extra opportunities from ordinary users to administrators through the use of software vulnerability (Kulkarni & Urolagin, 2012). This is a misuse of the databases system where a user will be granted access to confidential information after conversion to an administrator.  Therefore, the software system of databases needs to be protected to prevent the transformation of the user to administrative privileges.  The elevation privileges have been common among many companies where more than 200 companies across the globe have reported incidences of elevation privileges.

Practices and techniques  to enhance data integrity

Data encryption allows data to be protected through locking data by a cipher (Basharat et al.,  2012).  The data encryption restricts unauthorized personnel from accessing and utilizing information. Through encryption, information is coded in a language that is understandable to the users only while preventing third parties from accessing data. Data encryption is a development that was introduced recently due to the increase in the use of digital information. Studies show that databases that store information in encrypted form are more secure than those that are not encrypted.

Also, data backup is an efficient way of enhancing the integrity of data. Through data backup information is stored in an alternative location to be used in cases of loss of the information. The use of backup allows companies to retrieve private information in events such as the inversion of viruses to the databases system.

Access control is also a practice that plays a central role in protecting the integrity of data in a database (Mariuţa, 2014).  Access control is achieved through the assignment of read and writes privileges.  Studies show that through the use of access control, the maintenance of the integrity of data is achieved.  Access control limits the number of users who can access the database system and therefore enhancing the security of databases.  With the increase in the use of information technology, the integration of steganography is an efficient way of controlling access to a database.  This technique prevents unauthorized access from accessing information.  This technique works by hiding information in LSB’s pixel value. Sensitive data are usually protected using individual bits.

Additional data integrity can also be achieved through the use of input validation to prevent the input of incorrect data (Mariuţa, 2014).  Data entry is a critical process that ensures the integrity of data is achieved efficiently.  Therefore through the use of input validation, the integrity of data is maintained as the correct information is stored in databases.  Also, input validation prevents the input of unnecessary information into the system and therefore acts as a mechanism that prevents databases from intrusion by unauthorized persons.  Together with the integration of data validation, it becomes easier to protect the integrity of data for unverified sources.

Data integrity principles and mechanisms

The data principles outline the necessary steps that need to be taken to protect the integrity of databases. Making informed transactions is a convenient way of safeguarding the integrity of data (Burtescu, 2009). The informed transaction implies that the user of data is not allowed to make manipulation the data.  Users of databases are the people with access to data, and therefore, there is a need to monitor how the transactions are taking place to prevent possible manipulation of data.  It is critical for databases to ensure that updates are restricted within the transactions to prevent users from bypassing transactions and interfering with the security of data. Also, well-informed transactions encompass the use of enforcement of consistency constraints on the data. Consistency constraints which include entity integrity ensure that the primary key of a relation cannot have a null value and therefore allowing for the maintenance of the integrity of data. Thus, entity integrity, ensures that each entity in the system is uniquely identifiable. Also, referential integrity provides a reference from one entity to another.  Referential integrity ensures that all the foreign keys are null.  Therefore, through the use of well-informed transactions, the integrity of data is achieved.

Also, the users and programs should be allocated with the least privilege as a way of protecting the integrity of data. The least privilege restricts the number of tasks that users can do when they lock into the databases of a company (Burtescu, 2009).  Users need to be allowed to access only the information that they have requested in the system. To improve the system access mechanism, it is critical to incorporate the use of user names and passwords, use of security labels, list of access rights, test access paths as well as the restriction of time to spend in a system. The application of the different mechanisms is efficient in protecting the integrity of data. Studies show that companies that have incorporated the use of least privileges have higher data integrity.

Separation of duties is also another mechanism that supports the integrity of data (Malik & Patel, 2016). Segregation of duties is the application to the sequence of transactions. There is a need for a clear outline of responsibilities that are being performed by workers in a particular database. Through a clear overview of duties, it becomes possible to outline the intrusion of unauthorized transactions in a system.  Overlap of responsibilities in a database can interfere with the integrity of the system.

Reconstruction of events is an efficient way of achieving data integrity.  Improper behaviors in a database can be easily eliminated through the regular reorganization of activities (Malik & Patel, 2016). Through the reconstruction of events, the audit of information becomes easy, allowing for the system to detect unauthorized details and errors and therefore contributing to the protection of the integrity of the system.  The audit trail which is achieved through reconstruction allows the monitoring of all the events that take place in the system and therefore founded the history of all the activities that take place in the database. The audit trail thus leads to the maintenance of the integrity of the system. Through the audit trail, it becomes easier to restore the information that has been lost in the database.

The other principle is the continuity of operations (Malik & Patel, 2016).  The achievement of a consistent state is made possible by ensuring that the routine activities in databases are monitored regularly. Through continuity of operation, it becomes possible to identify interferences in the databases system, which may be a source of errors to the database system.

Database security architecture

The building of a robust system that is less vulnerable to attacks is an efficient way of enhancing databases security while ensuring data integrity (Almutairi & Alruwaili, 2012). The operating system of a database should be able to give access to authorized personnel only while allowing for the operation of accredited programs. The administrator of the databases is in charge of keeping the accounts of the user together with their passwords. The confidentiality and accountability of a database is a critical element in the maintenance of the integrity of information.  Having identified the possible threats to the security of databases it is crucial to building the architecture of a database that protects the database system. Therefore, the initial step towards the building of an architecture database is through the identification of security threats (Almutairi & Alruwaili, 2012).  The identification of risks is carried out by experts who identify the social engineering gaps in the database to d3evelope a mechanism for tackling them.

The next step is the designing and modeling of a database to counter the threats. The design involves prototyping security and the creation of policies that meet the needs of the business.  Developments of tools to reduce risks are generally developed as the next step during the designing process. The other step is deployment. During the deployment stage, the firewall and applications are installed and tested through a simulation process to access its vulnerability of attack by threats (Almutairi & Alruwaili, 2012).  The last step involves management and support, where the ability to counteract a danger is tested. It is through the development of robust database architecture that the security of data can be enhanced. A weak database exposes the data to the danger of attacks more often. Therefore there is a need to have stable database architecture in place to safeguard the integrity of data. Companies that have incorporates a robust database architecture have reported a reduction in database security threats.

Validation of data integrity

Databases may be attacked and cause errors in the system without being noticed; therefore, to check the databases against any mistake, the procedure of DBCC CHECKDB is used (Mariuţa, 2014).  This procedure is appropriate for the entire database to identify the error that has not been identified by the server, which enhances the integrity of data. This procedure is necessary for the events that the database fails to recognize specific errors.  Upon the identification of mistakes after the running of the system, it is appropriate to fix the faults without delay.  The use of this procedure allows for the verification of logical and physical object verification. Therefore, fixing errors in a database that are caused by database security threats is achieved through the running of the DBCC CHECKDB procedure. 

Conclusion

In conclusion, it is evident that databases security is under threat from various sources that affect the integrity of data. Data integrity is achieved through the understanding of the threats that affect it, such as human errors, cyber-crimes, SQL injection, among others. Through the application of the necessary techniques and mechanisms, then the integrity of data can be easily maintained. It is critical for an organization to incorporate tools that protect the databases from intrusion. The widespread use of the internet has caused an increase in attacks on the database since the attacker can easily bypass authorized and extract information from the databases.

References

Almutairi, A. H., & Alruwaili, A. H. (2012). Security in database systems. Global Journal of Computer Science and Technology Network, Web & Security12(17), 9-14.

Basharat, I., Azam, F., & Muzaffar, A. W. (2012). Database security and encryption: A survey study. International Journal of Computer Applications47(12).

Burtescu, E. (2009). Database security–attacks and control methods. Journal of applied quantitative methods4(4), 449-454.

Kulkarni, S., & Urolagin, S. (2012). Review of attacks on databases and database security techniques. International Journal of Emerging Technology and Advanced Engineering, SSN, 2250-2459.

Malik, M., & Patel, T. (2016). Database security attacks and control methods. International Journal of Information6(1/2), 175-183.

Mariuţa, Ş. (2014). Principles of security and integrity of databases. Procedia Economics and Finance, (15), 401-405.

Check a similar Topic here

  1. Conflict Style
  2. Cardiac output with Exertion
  3. Ethnocentrism Sample Essay Paper
  4. Mathematics and Statistics Essay Paper
  5. Hamlet Monologue Assignment
  6. Oceanography in the 21st Century Essay
  7. Bank Reconciliation Sample Essay
  8. Do Androids Dream of Electric Sheep
  9. Feminist Archaeology
  10. Carpe Diem & A Penny Saved Is A Penny Earned
  11. Race and Religion Sample Essay
  12. Sources of American law Sample Essay
  13. Quality Control and Problem Employees
  14. IT Strategic Objective Summary
  15. INVENTORY TURNOVER PAPER REVIEW

Leave a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.