Database Management Systems Security

DBMS Identification, Authentication and Authorization Administration Responsibilities

In order to secure a database, a database administrator must focus on several layers and types of information security. These layers include access control, auditing, authentication, encryption, and integrity controls (Gupta, Sharma & Swaroop, 2011). All of the aforementioned security layers have their own place in a comprehensive effort to keep a database’s sensitive data secure. However, all databases, whether the database is a simple single-site processing, single-site data type of database management system or a complex multiple-site processing, multi-site data fully distributed database management system, require one to several forms of identification, authentication and authorization. One of the most common database administration responsibilities is creating and managing database users (Coronel, Morris & Rob, 2011). All database administrators must be familiar with the various forms and methods of administering user access control, and the best practices for user identification, authentication and authorization.

DBMS Identification, Authentication and Authorization Associated Security Issues

A cornerstone in the foundation of database security is controlling how database management systems are accessed so they can be protected from unauthorized modification or disclosure (Harris, 2010). The chief security concern for a database administrator is the question of “Who has the ability to access my database management system?”

Both hackers and authorized users have breached access controls in attempts at database theft. Database security breaches may come in a variety of ways. These breaches could include hackers outside of the organization gaining access to the database management system. The hacker gains access by breaking into a privileged user’s access controls. Another breach could occur when an authorized user from inside the organization gains access to...