Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Database security
1. NEGATIVE DATABASE
FOR DATA SECURITY
Shivnandan Singh Chauhan
Mtech (CSE)
1201102021
5/27/2014
1
ShivnandanSingh
2. DATABASE
A database is an organized collection of data.
The data is typically organized to model relevant
aspects of reality in a way that supports
processes requiring this information.
5/27/2014
2
ShivnandanSingh
3. NEGATIVE DATABASE
A negative database can be defined as a
database that contains huge amount of data
which consists of counterfeit data along with the
actual data.
A few approaches that describe this concept have
been proposed but have not yet been
implemented to work for real world databases.
5/27/2014
3
ShivnandanSingh
4. DATABASE SECURITY IMPORTANCE
Database Security has become an important
issue in today’s world. Organizations have
become highly dependent on the database for
their daily operations.
The objective of database security is to prevent
undesired information disclosure and
modification of data while ensuring the
availability of the necessary service. With the
increase in the use of World Wide Web in recent
years emphasize the web database security.
5/27/2014
4
ShivnandanSingh
5. CLASSIFICATION SCHEME
In best of my knowledge database security are
classified based on the type of information security and
models.
Encryption
Negative Database
Web-based Database Security
Authentication and Access Control
Timeliness and Security in Real-time Database
Systems
Testing Schemes for SQL Injections
5/27/2014
5
ShivnandanSingh
6. ENCRYPTION
This is the process of transforming plain text
information using encryption algorithms (called
cipher) to make it unreadable to anyone except
those possessing special knowledge, usually
referred to as a key.
The traditional database systems using plain
text have many threats of data corruption and
collapse of database. To avoid these threats, the
data is stored in encrypted form in the database.
5/27/2014
6
ShivnandanSingh
7. WEB-BASED DATABASE SECURITY
Some Methods are proposed to establish security
of Web database against illegitimate intrusion.
The data transmission from server to the client
should be in a secured way (use Secure Socket
Layer).
Host identity of an end system should be
authenticated.
5/27/2014
7
ShivnandanSingh
8. TESTING SCHEMES FOR SQL
INJECTIONS
SQL injection is a code injection technique that
exploits a security vulnerability occurring in the
database layer of an application.
5/27/2014
8
ShivnandanSingh
9. TESTING SCHEME TO STOP SQL INJECTIONS
IN THE BEGINNING
Database Security Testing Scheme to detect
potential input points of SQL injection,
automatically generate test cases and find
vulnerability of databases by running these test
cases to make a simulation attack to an
application.
5/27/2014
9
ShivnandanSingh
10. CONCEPT OF NEGATIVE DATABASE TO
HELP PREVENT DATA THEFT
A framework which manipulates the original
data and stores it in a database. This framework
mainly consists of four modules
Database catching
Virtual database encryption
Database Encryption algorithm
Negative Database conversion algorithm.
5/27/2014
10
ShivnandanSingh
12. DATABASE CACHING
In our framework we are using system-derived
timestamps as keys. Thus the complexity of the
database caching algorithm O(n), when the whole
database needs to be searched for a particular
tuple.
5/27/2014
12
ShivnandanSingh
13. VIRTUAL DATABASE ENCRYPTION
This layer depends on the timestamp generation
and the conversion of the data into ASCII values.
Thus the computation time is O(n) where n is the
length of the used password.
5/27/2014
13
ShivnandanSingh
14. AUTHENTICATION AND ACCESS
CONTROL
Authentication is used to check properly the
identity of the user and Access Control controls
the user actions or operations. Access Control
gives different privileges to different
authenticated users.
5/27/2014
14
ShivnandanSingh