A good DBMS will let all the working users and applications in an organization to perform well. However, on the one hand, the current databases may hardly solve the problems with data duplication, inconsistency, and application dependencies of data disappearing.
On the other hand, more dangerous security threats may pop up. So, the design of a high-performing and secured DBMS needs proper identification of the possible security risks and selecting the right policies and procedures for the neutralization of all these hazards.
Any secured database management system must satisfy three fundamental data protection requirements: security, integrity, and availability.
– Ensuring data security –This is by detecting, deterring, or preventing any improper data disclosure. This is crucial in the highly protected and confidential data environments like defense, finance, healthcare tec.
– Ensuring data integrity is by detecting, deterring, or any improper or undesirable changes to the given data. The successful functioning of any enterprise is based on the availability of accurate data.
– Ensuring availability –Systems availability is another crucial aspect of determining database effectiveness. Proper availability will prevent any unwelcomed denial of services offered by the DBMS to the users.
Table of Contents
An overview of data security policies
Data or information security policies are the fundamental guidelines that describe all desirable and undesirable actions about an enterprise information system. Logical access control management belongs to this, and so the security policies must define the principles on which a secured DBMS is housed. Generally, data security policies must give satisfactory answers to the fundamental questions related to security. Security policies can be further divided into two types as minimal and maximal privileges. A system with minimal privileges is closed, and those with maximum privileges are called open systems.
While considering access control for database security, different administration of the access rules must be determined in advance. Some of these are:
- Hierarchical decentralized access – In this model, an authorizer will distribute the dependents (users).
- Ownership based access –The author (owner) of a specific object can determine whom to access the item.
- Cooperative authorization – The member can approve the approval of the particular right for the predefined group’s custom set resources.
Database security mechanisms
Security mechanisms are both external as well as internal, as suggested by RemoteDBA. Let us explore different control mechanisms as below.
This control mechanism model will regulate the distribution, i.e., the flow of the data or information among different objects available. For example, reading of data from the X object and writing it directly to the Y object. Policies for flow control need a custom list of useful information flows and the constraints of the same. These flow constraints are usually based on the system elements classifications and definition of the acceptable flows at different levels.
The objective of inference control is to eradicate the risk of any indirect disclosure of data. For example, the set of X data can be read by the authorized user, which can be further used to determine the Y data set. Usually, there are three different ways to disclose unauthorized data as:
– Correlated data –the visible X data is semantically related to invisible Y data.
– Missing data –The query returns NULL values, which will mask the most sensitive data. However, this can denote the existence of data.
– Statistical inference –for the DBs providing statistical info about entities in it.
The statistical databases usually do not let any direct access to the underlying data where the users can query only for statistical information. The potential attacks in such database management systems can be tackled through two different approaches as:
– Data perturbation –in this, reliable data is replaced with the statistical interpretation of the same.
– Query control –As the most frequently used control mechanism, it is based on the minimum and maximum number of items concerned with the given query. This can ensure better control, but query control is more expensive and difficult in administration.
The objective of database security modeling with access control is to create an abstract, conceptual, and independent model based on the given requirements specification for database projection. Any such security model must be able to provide a semantic representation that will let the description of the structural and functional properties of the security system. It also needs to provide proper definitions for the security requirements and the system policies. It is also a fact that the level of access control we are deciding to describe may broadly differ based on the use case.
Access control models
Database security models can be classified based on different aspects. Say, for example, you build a security model based on the type of security policies followed, already addressed parts of security, the kinds of control needed, and more.
Two of the basic models of control go derived very soon as the concept came into the picture. These are discretionary and mandatory controls. The data owner governs access to the discretionary control model. This is adopted as the most common authorization administration (ownership-based, as we have seen above). With this, the policy is made flexible but difficult to control from a universal perspective. The mandatory access control model, on the other hand, is meant to enforce a global policy based on the flow control, as we had seen above, among various different security levels that are assigned to multiple objects.
Different access control models are accommodated by various new definitions of subjects, objects, and access rights based on the OO data models of inheritance and composite objects. Above all these, the access matrix, which is ideal for the relationship model of data management, has also stayed, but this may not be doing anything with the object model. For example, the ORION model belongs to this type. ORION model was introduced back in 1991 by Rabitti, which enforces a discretionary access control by taking the characteristics as inheritance, versioned objects, composite objects, etc. into mind.
On exploring this further, you can find any other access control models, which can serve different objectives based on various enterprise database objectives. While considering this, it is essential to thorough requirement analysis and assessment to identify the right model for you.