Databases Reference
In-Depth Information
data typically have been curated and maintained over many years, and their
loss or corruption would be much more dicult (and costly) to compensate
for than the failure of some other infrastructure components.
Over the past twenty years, there have been significant advancements in
database security (see, e.g., [12, 50, 51]), ranging from sophisticated, expres-
sive access control models to privacy and trust management. Although some
of these concepts have found their way into today's (primarily commercial)
DBMSs, database systems are still facing numerous security threats aimed at
tampering with the integrity, availability, and confidentiality of the data.
There are several reasons for this situation. First, there is a substantial
time lag between the proposal of a better database security technique and its
realization in a new release of a DBMS. Even then, the new technologies need
to be learned and used appropriately to further secure a database. Second,
and more importantly, the shortcomings of appropriately securing databases
stem from circumstances that are also found all too often in other computer
security settings. These include
•
Lack of clearly defined security policies.
If security policies are not well
understood or not clearly stated, they cannot be effectively implemented
using database security mechanisms, leaving the database system open to
security threats.
•
Poor security design.
As with many other types of computing systems, for
databases too security is often an afterthought. Security policies are for-
mulated and implemented in an ad-hoc fashion, leading to an incoherent
overall database security design and thus resulting in potential vulnerabil-
ities that can be exploited by malicious users and intruders.
•
Dynamic nature of applications and user tasks/roles.
Over time, database
users are added or removed and applications are added, upgraded, or re-
moved, often leaving the implementation of associated security policies at
the database back-end untouched. Outdated and obsolete security policies
and corresponding enforcing security mechanisms pose a critical threat to
database security.
Several other reasons can be given, such as the evolution of database struc-
tures and schemas to accommodate new applications and associated security
requirements or simply the incorrect usage of the database and its (adminis-
trative) tools.
One of the most significant problem contributing to the current situation in
better securing databases is that of
insider misuse
. That is, legitimate users
of an application or database who (maliciously) tamper with the integrity
and confidentiality of the data. As stated in [26, 48], insider misuse is still
the biggest threat to security not only in database systems. Clearly, if secu-
rity policies are not designed and implemented in a coherent and consistent
fashion, intrusions and insider misuse pose a great threat to database security.
As becomes evident from the above observations, in order for an organi-
zation to strengthen the security of its database (potentially using new secu-
