database security Recently Published Documents
Total documents.
- Latest Documents
- Most Cited Documents
- Contributed Authors
- Related Sources
- Related Keywords
NETWORK DATABASE SECURITY WITH INTELLECTUAL ACCESS SUPERVISION USING OUTLIER DETECTION TECHNIQUES
Comparison of performance rot13 and caesar cipher method for registration database of vessels berthed at p.t. samudera indonesia.
Database security is a very important aspect of an information system. A general information is onlyintended for certain groups. Therefore, it is very important for a company to prevent database leakage sothat the information contained in it does not fall to unauthorized people. Cryptographic technique is an alternative solution that can be used in database security. One way to maintain the security of the database is to use encryption techniques. The method used to secure the database is encryption using the ROTI3 and Caesar Cipher methods. Both of these methods have advantages in processing speed. For thisreason, the author will compare the use of the two algorithms above in terms of the encryption and decryption process time
A Novel Framework for Efficient Multiple Signature on Certificate with Database Security
Abstract PKI gives undeniable degree of safety by transferring the key pair framework among the clients. By constructing, a PKI we combine digital identities with the digital signatures, which give an end-to-end trust model. Basically, PKI is an attempt, which can simulate the real-world human analyzation of identity and reliability in a computerized fashion. In any case, the existing applications are centered on a tight trust model which makes them inadequate as an overall device for trust examination. After years of research, development and deployment, PKI still facing strong technical and organizational challenges such as attacks against Certificate Authorities (CA). CAs are the primitive component of PKIs which plays powerful role in the PKI model. CA must be diligent, creditable and legitimate. In any case, a technocrat who picks up control on a CA can use CA's certificate to issue bogus certificate and impersonate any site, such as - DigiNotar, GobalSign, Comodo and DigiCert Malaysia. In this paper we proposed an approach to reduce the damage of compromised CA/CA’s key by imposing Multiple Signatures (MS) after verifying/authenticating user’s information. One single compromised CA is not able to issue a certificate to any domain as multiple signatures are required. Private key and other perceptive information are stored in the form of object/blob. Without knowing the structure of class no one can access the object and object output stream. Proposed MS achieve better performance over existing MS schemes and control fraudulent certificate issuance with more database security. The proposed scheme also avoids MITM attack against CA who is issuing certificate to whom which is using the following parameters such as identity of Sender, Receiver, Timestamp and Aadhar number.
A guiding framework for enhancing database security in state-owned universities in Zimbabwe
Technique for evaluating the security of relational databases based on the enhanced clements–hoffman model.
Obtaining convincing evidence of database security, as the basic corporate resource, is extremely important. However, in order to verify the conclusions about the degree of security, it must be measured. To solve this challenge, the authors of the paper enhanced the Clements–Hoffman model, determined the integral security metric and, on this basis, developed a technique for evaluating the security of relational databases. The essence of improving the Clements–Hoffmann model is to expand it by including a set of object vulnerabilities. Vulnerability is considered as a separate objectively existing category. This makes it possible to evaluate both the likelihood of an unwanted incident and the database security as a whole more adequately. The technique for evaluating the main components of the security barriers and the database security as a whole, proposed by the authors, is based on the theory of fuzzy sets and risk. As an integral metric of database security, the reciprocal of the total residual risk is used, the constituent components of which are presented in the form of certain linguistic variables. In accordance with the developed technique, the authors presented the results of a quantitative evaluation of the effectiveness of the protection of databases built on the basis of the schema with the universal basis of relations and designed in accordance with the traditional technology of relational databases.
Hybrid Security Approach for Database Security using Diffusion based cryptography and Diffie-Hellman key exchange Algorithm
Application of network database security technology based on big data technology, database security in a dynamic it world.
Databases are vulnerable. Public statements by Target, Home Depot, and Anthem following their extremely advertised data breaches are each uniform and succinct on how their breaches unfolded: unauthorized access to those systems that ultimately led to the extraction of sensitive information. A comprehensive strategy to secure a database is over data security. Usually, security events will be related to the later action: illegitimate access to data confidentiality damage, injury to the integrity of knowledge, loss of data accessibility (Discover). Loss of privacy of data, creating them accessible to others without a right of access is not visible within the database and does not need changes deductible database. This paper addresses these events to confirm database security.
A Review of Database Security Concepts, Risks, and Problems
Currently, data production is as quick as possible; however, databases are collections of well-organized data that can be accessed, maintained, and updated quickly. Database systems are critical to your company because they convey data about sales transactions, product inventories, customer profiles, and marketing activities. To accomplish data manipulation and maintenance activities the Database Management System considered. Databases differ because their conclusions based on countless rules about what an invulnerable database constitutes. As a result, database protection seekers encounter difficulties in terms of a fantastic figure selection to maintain their database security. The main goal of this study is to identify the risk and how we can secure databases, encrypt sensitive data, modify system databases, and update database systems, as well as to evaluate some of the methods to handle these problems in security databases. However, because information plays such an important role in any organization, understanding the security risk and preventing it from occurring in any database system require a high level of knowledge. As a result, through this paper, all necessary information for any organization has been explained; in addition, also a new technological tool that plays an essential role in database security was discussed.
Database protection model based on security system with full overlap
Security is one of the most important characteristics of the quality of information systems in general and databases, as their main component, in particular. Therefore, the presence of an information protection system, as a complex of software, technical, cryptographic, organizational and other methods, means and measures that ensure the integrity, confidentiality, authenticity and availability of information in conditions of exposure to natural or artificial threats, is an integral feature of almost any modern information system and database. At the same time, in order to be able to verify the conclusions about the degree of security, it must be measured in some way. The paper considers a database security model based on a full overlap security model (a covered security system), which is traditionally considered the basis for a formal description of security systems. Thanks to expanding the Clements-Hoffman model by including a set of vulnerabilities (as a separately objectively existing category necessary to describe a weakness of an asset or control that can be exploited by one or more threats), which makes it possible to assess more adequately the likelihood of an unwanted incident (threat realization) in a two-factor model (in which one of the factors reflects the motivational component of the threat, and the second takes into account the existing vulnerabilities); a defined integral indicator of database security (as a value inverse to the total residual risk, the constituent components of which are represented in the form of the corresponding linguistic variables); the developed technique for assessing the main components of security barriers and the security of the database as a whole, based on the theory of fuzzy sets and risk, it becomes possible to use the developed model to conduct a quantitative assessment of the security of the analyzed database.
Export Citation Format
Share document.
Database Security-Concepts, Approaches, and Challenges
New Citation Alert added!
This alert has been successfully added and will be sent to:
You will be notified whenever a record that you have chosen has been cited.
To manage your alert preferences, click on the button below.
New Citation Alert!
Please log in to your account
Information & Contributors
Bibliometrics & citations, view options.
- Devara S Azad C (2023) Improved Database Security Using Cryptography with Genetic Operators SN Computer Science 10.1007/s42979-023-01990-z 4 :5 Online publication date: 29-Jul-2023 https://dl.acm.org/doi/10.1007/s42979-023-01990-z
- Singh I Jindal R (2023) Trust factor-based analysis of user behavior using sequential pattern mining for detecting intrusive transactions in databases The Journal of Supercomputing 10.1007/s11227-023-05090-w 79 :10 (11101-11133) Online publication date: 21-Feb-2023 https://dl.acm.org/doi/10.1007/s11227-023-05090-w
- Jindal R Singh I (2022) Detecting malicious transactions in database using hybrid metaheuristic clustering and frequent sequential pattern mining Cluster Computing 10.1007/s10586-022-03622-2 25 :6 (3937-3959) Online publication date: 1-Dec-2022 https://dl.acm.org/doi/10.1007/s10586-022-03622-2
- Show More Cited By
Index Terms
Applied computing
Document management and text processing
Document preparation
Information systems
Data management systems
Database design and models
Relational database model
Query languages
Relational database query languages
Security and privacy
Intrusion/anomaly detection and malware mitigation
Social and professional topics
Computing / technology policy
Computer crime
Recommendations
New challenges in teaching database security.
Traditional Database Security has focused primarily on creating user accounts and managing user privileges to database objects. The wide spread use of databases over the web, heterogeneous client-server architectures, application servers, and networks ...
Database security: part 1: Database Security
''Why do I need to secure my database server? No one can access it - it's in a DMZ protected by the firewall!'' This is often the response when it is recommended that such devices are included within a security health check. In fact, database security ...
Conceptual database security access permissions
High-level conceptual database design is a widespread method in database built with conceptual models we will illustrate the "mini world" of the database via Database Management System (DBMS) in an independent form. The form will be mapped by the use of ...
Information
Published in.
IEEE Computer Society Press
Washington, DC, United States
Publication History
Author tags.
- Index Terms- Data confindentiality
- data privacy
- relational and object databases
- Research-article
Contributors
Other metrics, bibliometrics, article metrics.
- 64 Total Citations View Citations
- 0 Total Downloads
- Downloads (Last 12 months) 0
- Downloads (Last 6 weeks) 0
- Puri V Sachdeva S (2021) Examining Security for Different Data Models* Proceedings of the 2021 Thirteenth International Conference on Contemporary Computing 10.1145/3474124.3474195 (461-468) Online publication date: 5-Aug-2021 https://dl.acm.org/doi/10.1145/3474124.3474195
- Harley K Cooper R (2021) Information Integrity ACM Computing Surveys 10.1145/3436817 54 :2 (1-35) Online publication date: 9-Feb-2021 https://dl.acm.org/doi/10.1145/3436817
- Bogaerts J Lagaisse B Joosen W (2021) SEQUOIA: A Middleware Supporting Policy-Based Access Control for Search and Aggregation in Data-Driven Applications IEEE Transactions on Dependable and Secure Computing 10.1109/TDSC.2018.2889309 18 :1 (325-339) Online publication date: 1-Jan-2021 https://dl.acm.org/doi/10.1109/TDSC.2018.2889309
- Mohamed A Auer D Hofer D Küng J (2021) Extended Authorization Policy for Graph-Structured Data SN Computer Science 10.1007/s42979-021-00684-8 2 :5 Online publication date: 22-Jun-2021 https://dl.acm.org/doi/10.1007/s42979-021-00684-8
- Mohamed A Auer D Hofer D Küng J (2021) Authorization Strategies and Classification of Access Control Models Future Data and Security Engineering 10.1007/978-3-030-91387-8_11 (155-174) Online publication date: 24-Nov-2021 https://dl.acm.org/doi/10.1007/978-3-030-91387-8_11
- Samaraweera G Chang J (2020) Security and Privacy Implications on Database Systems in Big Data Era: A Survey IEEE Transactions on Knowledge and Data Engineering 10.1109/TKDE.2019.2929794 33 :1 (239-258) Online publication date: 7-Dec-2020 https://dl.acm.org/doi/10.1109/TKDE.2019.2929794
- Mohamed A Auer D Hofer D Küng J (2020) Authorization Policy Extension for Graph Databases Future Data and Security Engineering 10.1007/978-3-030-63924-2_3 (47-66) Online publication date: 25-Nov-2020 https://dl.acm.org/doi/10.1007/978-3-030-63924-2_3
View options
Share this publication link.
Copying failed.
Share on social media
Affiliations, export citations.
- Please download or close your previous search result export first before starting a new bulk export. Preview is not available. By clicking download, a status dialog will open to start the export process. The process may take a few minutes but once it finishes a file will be downloadable from your browser. You may continue to browse the DL while the export process is in progress. Download
- Download citation
- Copy citation
We are preparing your search results for download ...
We will inform you here when the file is ready.
Your file of search results citations is now ready.
Your search export query has expired. Please try again.
Academia.edu no longer supports Internet Explorer.
To browse Academia.edu and the wider internet faster and more securely, please take a few seconds to upgrade your browser .
Enter the email address you signed up with and we'll email you a reset link.
- We're Hiring!
- Help Center
Data Security and Privacy Concepts, Approaches, and Research Directions
—Data are today an asset more critical than ever for all organizations we may think of. Recent advances and trends, such as sensor systems, IoT, cloud computing, and data analytics, are making possible to pervasively, efficiently, and effectively collect data. However for data to be used to their full power, data security and privacy are critical. Even though data security and privacy have been widely investigated over the past thirty years, today we face new difficult data security and privacy challenges. Some of those challenges arise from increasing privacy concerns with respect to the use of data and from the need of reconciling privacy with the use of data for security in applications such as homeland protection, counterterrorism, and health, food and water security. Other challenges arise because the deployments of new data collection and processing devices, such as those used in IoT systems, increase the data attack surface. In this paper, we discuss relevant concepts and approaches for data security and privacy, and identify research challenges that must be addressed by comprehensive solutions to data security and privacy.
Related Papers
IBM Journal of Research and Development
zydan almaqtary
Jabu Mtsweni
Big data is a term that describes data of huge volumes, variable speeds, and different structures. Even though the rise of big data can yield positives, the nature of big data poses challenges as capturing, processing and storing becomes difficult. One of the challenges introduced by big data relates to its privacy and security. Privacy and security of big data is considered one of the most prominent challenges as it directly impacts on individuals. Through big data, individuals lose control over how their data is used and are unable to protect it. An invasion of privacy occurs when one’s data is used to infer aspects of one’s life without our consent. The prospect of data breaches in big data is also expected and can result in millions of records containing personal information being leaked. This paper aims to understand the privacy and security challenges that relate to big data. In order to gain this understanding, a systematic literature review is conducted to firstly identify t...
IEEE Internet of Things Journal
Sachin Shetty
Applied Sciences
George Drosatos
The protection of personal data and privacy is a timeless challenge which has intensified in the modern era. The digitisation that has been achieved in recent decades has radically changed the way we live, communicate and work, revealing various security and privacy issues. Specifically, the explosion of new technologies and the continuous developments of technologies, such as the Internet of Things (IoT) and Artificial Intelligence (AI), have led to the increased value of data, while it has raised demand and introduced new ways to obtain it. Techniques such as data analysis and processing provide a set of powerful tools that can be used by both governments and businesses for specific purposes. However, as with any valuable resource, as in the case of data, the phenomena of abuse, unfair practices and even criminal acts are not absent. In particular, in recent years, there have been more and more cases of sophisticated cyberattacks, data theft and leaks or even data trade, which violate the rights of individuals, but also harm competition and seriously damage the reputation of businesses. With this in mind, the present Special Issue of Applied Sciences on “Advanced Technologies in Data and Information Security” provides an overview of the latest developments in this field. Nineteen papers were submitted to this Special Issue, and nine papers [1–9] were accepted (i.e., an 47.4% acceptance rate). The presented papers explore innovative trends of data privacy and information security that enable technological breakthroughs in highimpact areas and cover several topics, mainly regarding blockchain technology, secure multi-party computation, threat detection, trusted execution environment, as well as cyberawareness, security level estimation and security policy compliance.
International Journal of Engineering Research and Technology (IJERT)
IJERT Journal
https://www.ijert.org/big-data-security-and-privacy https://www.ijert.org/research/big-data-security-and-privacy-IJERTV10IS070142.pdf Earlier if we talk about 15-20 years back, data(traditional data) was limited because Social media, Online Transactions, E-Commerce, etc. was not in that much use and it was easy to store, process and protect the data due to its small volume and structured format, but day by day technology evolved following the world and new services get introduced due to which data generation increases which leads to the development of many techniques that can be used to store and process this amount of data. These technologies with their ability to extract information from large data sets for better decision-making process have created ways to maintain data, process data and new growth opportunities. But if data is not well protected from threats like phishing, hacking etc. all these processing becomes futile as if data falls in wrong hands, it could be misused. There are many ways to maintain data security and privacy but still it could be violated if not carried out properly. So while dealing with data, Security and Privacy becomes prime concern in order to protect it from attacks. Our purpose in this paper is to discuss the challenges faced while maintaining big data security and privacy and to explore some techniques that are used to deal with these challenges.
2015 IEEE/ACM 37th IEEE International Conference on Software Engineering
Ilaria Matteucci
IAEME PUBLICATION
IAEME Publication
Big Data has become a research hotspot in academia and industry, and it is affecting people's daily life, work habits and ways of thinking. However, at present, big data faces many security risks in the process of collection, storage and use. The leakage of privacy caused by big data poses serious problems for the users, also the incorrect or false big data will lead to wrong or invalid analysis of results. This paper analyzes the technical challenges of implementing big data security and privacy protection, and describes some key solutions to address the issues related with big data security and privacy. It is pointed out that big data is an effective means to solve information security problems while introducing security issues. It brings new opportunities for the development of information security.
Kerry-lynn Thomson
The ongoing demand for new and faster technologies continues to leave consumers and business users to face the constant challenge of updating systems and software. This unrelenting pace of technological evolution has not always been matched with a commensurate focus on security and privacy matters. In particular, the obligatory move to embrace cloud and IoT that frequently result in the collection and analysis of large data lakes has raised challenges for sovereign data protection and privacy legislationwhere data at rest can change overnightwith © IFIP International Federation for Information Processing 2021 Published by Springer Nature Switzerland AG 2021 M. Goedicke et al. (Eds.): Advancing Research in Information and Communication Technology, IFIP AICT 600, pp. 383–401, 2021. https://doi.org/10.1007/978-3-030-81701-5_16 384 S. Furnell et al. mergers and acquisitions of service providers. This chapter examines the role of IFIP Technical Committee 11 (and its 14 underlyingWorkingG...
https://www.ijert.org/survey-securing-the-privacy-in-the-world-of-big-data https://www.ijert.org/research/survey-securing-the-privacy-in-the-world-of-big-data-IJERTV2IS70251.pdf As we know that with the increase in expansion of internet and data sets with the passage of time, big data has taken birth. As of 2012, the size of data sets has grown tremendously due to accumulation of information from unambiguous sensing like internet search, finance, microphones, software logs etc. The capacity to store data has roughly doubled every 30months since 1980's. Big data is difficult to manage by traditional RDBMS and needs massive parallel servers running in tens and hundreds number. What matters is how an organisation manages and analyses its data sets. Firms like Sloan digital sky survey (SDSS) stores about 140TB of astronomical data; NASA stores 32PB of climatic information and simulation. Big data has served a critical role for United State President Obama's 2012 re-election campaign. Amazon.com handles about 7.8TB of data; Walmart handles 2.5PB of customer transactions and information and Facebook handles around 50 billion photos of user database. The data stored by these crucial organisations is highly confidential and critical. So, there arises the need of securing this amount of vast data as Big Data is distributed in nature. In this paper we will throw some light on the sources of attack on the databases and methods to prevent such attacks.
Loading Preview
Sorry, preview is currently unavailable. You can download the paper by clicking the button above.
RELATED PAPERS
Computer Science & Information Technology (CS & IT) Computer Science Conference Proceedings (CSCP)
Saleha Saudagar
Supriya Madan
Advances in Information Security, Privacy, and Ethics
M Manikandakumar
INTERNATIONAL JOURNAL OF LATEST TRENDS IN ENGINEERING AND TECHNOLOGY
IEEE Internet of Things Magazine
Erin Kenneally
International Journal of Engineering & Technology
Rashmi Salpekar
International Journal of Distributed Sensor Networks
Junsheng Zhang
Zenodo (CERN European Organization for Nuclear Research)
mehdi gheisari
International Journal of Advance Research in Computer Science and Management Studies [IJARCSMS] ijarcsms.com
Anna-Marie Baker
Journal of Network and Computer Applications
Gonzalo Garrido
The 1st International Workshop on the Emerging Future Internet and Network Security (IEEE EFINS 2014) in conjunction with The 13th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (IEEE TrustCom-14)
Raja Naeem Akram
IJERD JOURNAL
Yadigar Imamverdiyev
Computer Standards & Interfaces
Vagelio Kavakli
Arosha Bandara
Jaouani Alaa
International Journal of Secure Software Engineering
- We're Hiring!
- Help Center
- Find new research papers in:
- Health Sciences
- Earth Sciences
- Cognitive Science
- Mathematics
- Computer Science
- Academia ©2024
- DOI: 10.1109/COMPSAC.2016.89
- Corpus ID: 206575207
Data Security and Privacy: Concepts, Approaches, and Research Directions
- Published in Annual International Computer… 10 June 2016
- Computer Science
43 Citations
2016 ieee international conference on big data (big data) data privacy for iot systems, internet of things: security perspective survey, context-driven granular disclosure control for internet of things applications.
- Highly Influenced
Defining, Enforcing and Checking Privacy Policies In Data-Intensive Applications
Enabling privacy-preserving sharing of cyber threat information in the cloud, big data - security and privacy, privacy-aware in the iot applications: a systematic literature review, privacy-aware data-intensive applications, data security: a systematic literature review and critical analysis, data protection & security challenges in digital & it services: a case study, 45 references, database security - concepts, approaches, and challenges, data protection from insider threats, data security and privacy in the iot.
- Highly Influential
Data Security
Access control for databases: concepts and systems, privacy preserving delegated access control in public clouds, dbmask: fine-grained access control on encrypted relational databases, the algorithmic foundations of differential privacy, privacy-preserving and content-protecting location based queries, related papers.
Showing 1 through 3 of 0 Related Papers
IEEE Account
- Change Username/Password
- Update Address
Purchase Details
- Payment Options
- Order History
- View Purchased Documents
Profile Information
- Communications Preferences
- Profession and Education
- Technical Interests
- US & Canada: +1 800 678 4333
- Worldwide: +1 732 981 0060
- Contact & Support
- About IEEE Xplore
- Accessibility
- Terms of Use
- Nondiscrimination Policy
- Privacy & Opting Out of Cookies
A not-for-profit organization, IEEE is the world's largest technical professional organization dedicated to advancing technology for the benefit of humanity. © Copyright 2024 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.
Database Security: An Overview and Analysis of Current Trend
International Journal of Management, Technology, and Social Sciences (IJMTS), 4(2), 53- 58. ISSN: 2581-6012, 2019
6 Pages Posted: 19 Dec 2019 Last revised: 20 May 2020
Prantosh Paul
Raiganj University
P. S. Aithal
Poornaprajna College
Date Written: October 30, 2019
Information is the core and most vital asset these days. The subject which deals with Information is called Information Science. Information Science is responsible for different information related affairs from collection, selection, organization, processing, management and dissemination of information and contents. And for this information related purpose Information Technology plays a leading role. Information Technology has different components viz. Database Technology, Web Technology, Networking Technology, Multimedia Technology and traditional Software Technology. All these technologies are responsible for creating and advancing society. Database Technology is concerned with the Database. It is worthy to note that, Database is concerned with the repository of related data in a container or base. The data, in Database normally stored in different forms and Database Technology play a lead role for dealing with the affairs related to database. The Database is very important in the recent past due to wider applications in different organizations and institutions; not only profit making but also nonprofit making. Today most organizations and sectors which deal with sensitive and important data keep them into the database and thus its security becomes an important concern. Large scale database and its security truly depend on different defensive methods. This paper talks about the basics of database including its meaning, characteristics, role etc. with special focus on different security challenges in the database. Moreover, this paper highlights the basics of security management, tools in this regard. Hence different areas of database security have mentioned in this paper in a simple sense.
Keywords: Database, Database Technology, Security Technology, IT Management, Information Networking, Privacy and Security Management, Trust Management, Cloud Computing
Suggested Citation: Suggested Citation
Raiganj University ( email )
Yogesh Bhawan; S/O Santi Ranjan Biswas; Ashok Pall Near Asha Cinema Hall; P.O.+ P.S. Raiganj Raiganj, West Bengal 733134 India
P. S. Aithal (Contact Author)
Poornaprajna college ( email ).
Poornaprajna Institute of Management Udupi District Karnataka India +919343348392 (Phone)
HOME PAGE: http://www.pim.ac.in
Do you have a job opening that you would like to promote on SSRN?
Paper statistics, related ejournals, sustainable technology ejournal.
Subscribe to this fee journal for more curated articles on this topic
Innovation & Management Science eJournal
Political economy - development: public service delivery ejournal.
Overview and Importance of Data Governance
- First Online: 12 September 2024
Cite this chapter
- Dimitrios Sargiotis 2
This chapter provides a comprehensive introduction to the concept of data governance, defining it as a critical organizational function that involves overseeing the availability, usability, integrity, and security of the data employed in an organization. The chapter emphasizes that data governance is not merely about data management; rather, it integrates data quality, data management, policies, risk management, and compliance with regulations to ensure that data serves the strategic needs of the organization effectively.
The chapter outlines the key components and objectives of implementing data governance, including ensuring data quality and reliability, enhancing decision-making capabilities, and achieving regulatory compliance and risk management. It also discusses the historical evolution of data governance, tracing its development from basic data storage and maintenance to a strategic tool essential for maintaining a competitive edge in the digital era, particularly under the stringent regulatory landscapes such as the GDPR in Europe.
Furthermore, the chapter underscores the benefits of robust data governance such as improved data quality, compliance with data protection laws, enhanced operational efficiency, and better decision-making. It concludes by illustrating these points through several figures that visually represent the key concepts, objectives, and benefits of data governance, thereby setting the stage for deeper exploration in subsequent chapters of the document.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Subscribe and save.
- Get 10 units per month
- Download Article/Chapter or eBook
- 1 Unit = 1 Article or 1 Chapter
- Cancel anytime
- Available as PDF
- Read on any device
- Instant download
- Own it forever
- Available as EPUB and PDF
- Compact, lightweight edition
- Free shipping worldwide - see info
Tax calculation will be finalised at checkout
Purchases are for personal use only
Institutional subscriptions
Abraham R, Schneider J, Vom Brocke J (2019) Data governance: a conceptual framework, structured review, and research agenda. Inf Manag
Google Scholar
Ahmad K, Maabreh M, Ghaly K, Khan J, Qadir J (2022) Developing future human-centered smart cities: critical analysis of smart city security, data management, and ethical challenges
Ahsan M, Tushar FI, Islam M (2022) Machine learning in cybersecurity: techniques and applications. J Cybersecur
AIM Consulting (2023) Gaining executive-level buy-in for data governance strategy. AIM Consulting
Airbyte (2023) Data integration best practices
Aivazpour M, Smith J, Sheth A (2022) Data privacy in the age of big data: challenges and solutions. Journal of Data Privacy and Security 15(2):145–160
Alation (2023) How to deliver data quality with data governance
Almulihi A, Alassery F, Khan W (2022) Implications of healthcare data breaches in the big data era. Health Informatics J
Alsousi A, Shah A (2022) Data governance for SME: systematic literature review. J Inf Syst Digital Technol 4(2)
Analytics8 (2023) How to improve data quality: guide to effective data quality governance
arXiv (2023) Healthcare data governance, privacy, and security—A conceptual framework
Ashraf N (2022) Corporate governance and data breaches: the role of peer events. J Corp Gov
Atlan (2023a) Data quality in data governance: how & why it is important?
Atlan (2023b) Data governance and metadata management: understanding their synergy for data-driven success. Atlan
Barlette Y, Baillette P (2022) Big data analytics in turbulent contexts: towards organizational change for enhanced agility. Prod Plan Control
Batini C, Scannapieco M (2016) Data and information quality: dimensions, principles and techniques. Springer
Book Google Scholar
Baumgartner C, Harer J, Schröttner J (2023) Risk Management for Medical Devices in Compliance with EN ISO 14971. In Medical Devices and In Vitro Diagnostics
Brous P, Janssen M, Herder P (2019) Internet of Things adoption for reconfiguring decision-making processes in asset management. Bus Process Manag J
Cai L, Zhu Y (2015) The challenges of data quality and data quality assessment in the big data era. Data Sci J
Carlton M, Levy Y (2017) Mitigating advanced persistent threats through cybersecurity skills. J Inf Syst Secur
Carter, H. (2022). Big Data technologies: extracting value from data. J Big Data
Chand R, Bhushan B, Jain S (2023) Role of blockchain technology in digital currency security. J Cryptogr Eng
Chen YY, Li CM, Liang JC, Tsai CC, published in the Journal of Medical Internet Research in 2018
ClickUp (2023) Enhancing productivity through effective data governance
Coyle D, Diepeveen S, Wdowin J, Kay L, Tennison J (2020) Informing the global data future: benchmarking data governance frameworks. Data & Policy, Cambridge Core
Dankan Gowda D, Rao P, Naik S (2023) The role of AI in enhancing data governance practices. Int J Inform Manage 63, 10245
Data Governance Institute (2020) Data governance framework. Data Governance Institute
Data Governance Institute (2022) The Data Governance Framework and Components
DataOpsZone. (2023). How to perform a data quality audit, step by step
DataQG (2023) Data Governance Communication Plan
Delacroix S, Lawrence ND (2019) Bottom-up data trusts: disturbing the ‘one size fits all’ approach to data governance. International Data Privacy Law
Deloitte (2018) GDPR benchmarking survey. Deloitte
Deloitte (2019) Data governance in the new world of digital business. Deloitte
Dixon BE, Feldman SS (2023) Engaging and sustaining stakeholders: toward governance. In: Health information exchange networks. ScienceDirect, pp 89–111
Chapter Google Scholar
DLA Piper (2020) Total cost of GDPR fines
Duggineni SS (2023) “Data Integrity as a Code (DIAC)”
Eckerson J (2023) The role of the data steward in agile data governance. Eckerson Group
Egnyte (2023) Data Auditing—Improve Data Quality
European Commission (2018a) 2018 reform of EU data protection rules. European Commission
European Commission (2018b) General data protection regulation (GDPR). European Commission
Experian (2020) State of Data Quality
Experian (2022) State of Data Quality
Fan W, Geerts F (2012) Foundations of data quality management. Morgan & Claypool Publishers
Fan W, Geerts F (2022) Foundations of data quality management. Springer
Forbes Insights and KPMG (2016) Building trust in analytics: breaking the cycle of mistrust in D&A. Forbes Insights and KPMG
Gartner (2020) Magic quadrant for metadata management solutions. Gartner
Gartner (2021a) Data quality solutions. Gartner
Gartner (2021b) Data governance key initiative overview. Gartner
GDPR.eu (2020) GDPR Fines: lessons learned. GDPR.eu
Golightly D, Sloan D, Sime J (2022) The impact of GDPR on data protection and privacy. J Data Protection & Privacy
Górka M (2022) Cybersecurity policies of the Visegrad Group. Int J Cybersecur
GRC Capability Model (2017) OCEG
Griffin GW, Holcomb D (2023) Data literacy and skills development. In: Building a data culture: the usage and flow data culture methodologies
Gudivada V, Apon A, Ding J (2017) Data quality considerations for big data and machine learning: going beyond data cleaning and transformations. Int J Adv Softw
Hamdare S, Kulkarni R, Singh A (2023) Cybersecurity risks in electric vehicle charging systems. J Electr Veh Technol
Harvard Business Review Analytic Services (2018) The new decision makers: equipping frontline workers for success. Harvard Business Review
Hassani H, MacFeely S (2023) Driving excellence in official statistics: unleashing the potential of comprehensive digital data governance. Big Data Cogn Comput 7(3):134
Article Google Scholar
Haug A, Zachariassen F, Van Liempd D (2011) The costs of poor data quality. J Ind Eng Manag 4(2):168–193
Health Data Stewardship and Governance (2011) Journal of the American Medical Informatics Association
Hendrawan F (2023) Analysis of design & implementation guidelines for data governance management based on DAMA-DMBOKv2. ResearchGate
Hoeren T, Pinelli C (2020) The California consumer privacy act: a comparative analysis with GDPR. Calif Law Rev
Hopkin P (2018) Fundamentals of risk management: understanding, evaluating and implementing effective risk management
IBM (2019) The future of data governance is now. IBM
IBM (2023) A step-by-step guide to setting up a data governance program. IBM
IBM (2024) What is data governance? IBM
IDC (2018) Data age 2025: the digitization of the world from edge to core. IDC
Identity Theft Resource Center (2020) 2019 Data Breach Report. Identity Theft Resource Center
IEEE (2020) Ethical issues related to data privacy and security: why we must balance ethical and legal requirements in the connected world. IEEE Digital Privacy
Improvado (2023) Data governance: definition, benefits, challenges & solutions. Retrieved from Improvado
Janssen M, Van Der Voort H, Wahyudi A (2017) Factors influencing big data decision-making quality. J Bus Res
Janssen M, Brous P, Estevez E, Barbosa LS, et al (2020) Data governance: organizing data for trustworthy Artificial Intelligence
Jordan M (2022) Big Data as a complex system. J Big Data
KAIZEN (2023) Building a continuous improvement culture. KAIZEN
Karkouch A, Mousannif H, Al Moatassime H, Noel T (2016) Data quality in internet of things: a state-of-the-art survey. J Netw Comput Appl. Elsevier
Kaur G, Kaur P (2017) Implementing data governance: a step-by-step approach. Int J Data Manage 27(1):34–42
Khatri V, Brown CV (2010) Designing data governance. Commun ACM 53(1):148–152. https://doi.org/10.1145/1629175.1629210
Kimachia K (2023) Data governance frameworks: definition, importance & examples. TechRepublic
Kimball R, Ross M (2013) The data warehouse toolkit: the definitive guide to dimensional modeling. John Wiley & Sons
Kirchmer M (2021) Digital transformation of business process governance. Bus Process Manag J
Knapp L (2022) Big data tools and management. J Big Data
KPMG (2020a) Guardians of trust: the global chief data officer report. KPMG International Cooperative
KPMG (2020b) The power of data governance. KPMG
Ladley, J. (2019a). Data governance: how to design, deploy, and sustain an effective data governance program
Ladley J (2019b) Data governance: how to design, deploy, and sustain an effective data governance program. Elsevier
Ladley J (2019c) Data governance: how to design, deploy, and sustain an effective data governance program. Morgan Kaufmann
Laney D (2022) Characteristics of big data. Technol Forecast Soc Chang
Liu Y, Lu H, Xu X (2022) Data security in medical data using federated learning and neural architecture search. J Med Syst
Magalhaes G (2021) The global trend towards data protection laws. J Inf Policy
Mahanti R (2021) Data governance components and framework. In: Data Governance Success. Springer, pp 127–166
Mansfield-Devine S (2017) Data governance: going beyond compliance. Comput Fraud & Secur 2017:12–15
Marcucci C, Rossi P, Bianchi M (2023) Governance in the digital age: the impact of data policies on organizations. J Bus Res 153:134–142
Masuch K, Ozcelebi O, Rieck K (2022) The effect of data breach response actions on stock value. J Financ Mark
McKinsey (2024) Designing data governance that delivers value
McKinsey & Company (2014) Big data: the next frontier for innovation, competition, and productivity. McKinsey Global Institute
McKinsey & Company (2019a) The state of data science and machine learning. McKinsey & Company
McKinsey & Company (2019b) Driving impact at scale from automation and AI. McKinsey & Company
McKinsey & Company (2022) Reducing data costs without sacrificing growth
McKinsey & Company (2023a) Designing data governance that delivers value
McKinsey & Company (2023b) Designing data governance that delivers value. McKinsey & Company
MEASURE Evaluation (2017) Data quality assurance: data quality auditing and routine data quality assessment tools
Medeiros, M. M., & Maçada, A. C. G. (2022). Competitive advantage of data-driven analytical capabilities: the role of big data visualization and organizational agility. Manag Decis 60(4), 953-975
Micheli M, Ponti M, Craglia M, Suman AB (2020) Emerging models of data governance in the age of datafication. Big Data Soc 7(2). https://doi.org/10.1177/2053951720948087
Merino A, Torres J, Castro R (2016) Data governance frameworks for big data analytics: An overview. J Inform Sys Manage 33(4):251–262
Mikalef P, Boura M, Lekakos G, Krogstie J (2020) The role of information governance in big data analytics driven innovation. Inf Manag
Minkkinen M, Hasan S, Vetter G (2022) Continuous auditing of artificial intelligence: a conceptualization and assessment of tools and frameworks. AI and Ethics. Springer, Cham. https://doi.org/10.1007/978-3-319-68993-7_11
Monte Carlo Data (2023) Data governance frameworks: 5 lessons from McKinsey. Microsoft & More
Nikkhah M, Grover V (2022) Company response to data breaches: an empirical investigation. J Inf Syst
OECD (2019) Data governance in the public sector. The Path to Becoming a Data-Driven Public Sector. OECD iLibrary
Offner S, Kraus S, Marquardt K (2020) Cybersecurity threats in healthcare: challenges and solutions. Health Informatics J
Oliveira MIS et al (2019) Data cleansing framework for large data sets. J Data Inf Qual 11(1)
O'Neill A (2014a) An action framework for compliance and governance. Clin Govern Int J
O'Neill T (2014b) Compliance management system. Springer
Ostrom E (2012) Governing the commons: the evolution of institutions for collective action. Cambridge University Press
Otto B (2011) A morphology of the organization of data governance. In: Proceedings of the 19th European conference on information systems (ECIS)
Pansara R (2023a) Cultivating data quality to strategies, challenges, and impact on decision-making
Pansara R (2023b) Unraveling the complexities of data governance with strategies, challenges, and future directions. Trans Latest Trends IoT
Papathanasiou T, Nikolopoulos S, Mitrokotsa A (2023) Business email compromise: threats and countermeasures. J Cybercrime
Pedroso S, Silva M, Cruz F (2021) GDPR compliance and its implications for businesses. Eur J Law Technol
Pew Research Center (2019) Americans and privacy: concerned, confused, and feeling lack of control over their personal information. Pew Research Center
Pipino LL, Lee YW, Wang RY (2002) Data quality assessment. Commun ACM 45(4):211–218
Plotkin D (2020) An actionable guide to effective data management and data governance
Ponemon Institute (2020) Cost of a data breach report 2020. Ponemon Institute
Redman TC (2017) The impact of bad data on the bottom line. Harv Bus Rev
Risk.net (2016) Bank of England: changing the way banks think about data. Risk.net
Roumani Y (2022) Monetary impact of data breaches and detection time. Inf Manag
Sakura Sky (2023) Cloud data management strategies
Sarker IH (2023) AI-based modeling and adversarial learning for cybersecurity. J Artif Intell Res
Scheepers H, McLoughlin S, Wijesinghe R (2022) Aligning stakeholders perceptions of project performance: the contribution of Business Realisation Management
ScienceDirect (2020) The impact of GDPR on global data privacy practices.
Sharma V, Liu H, Chen J (2023) Balancing security and accessibility in big data environments. Big Data Research
Shi L, Zhang X, Zhang Y (2023) Traffic detection model for IIoT network security. IEEE Trans Industr Inform
Sivarajah U, Kamal MM, Irani Z, Weerakkody V (2017) Critical analysis of Big Data challenges and analytical methods. J Bus Res
Smart City Hub (2018) How Amsterdam became a Smart City. Smart City Hub
Stallings W, Brown L, Bauer M (2012) Computer security: principles and practice. Pearson
Stastny V, Stoica A (2022) Cybersecurity threats to aviation safety and air traffic management. J Aviat Manag
Tallon PP, Ramirez RV, Short JE (2013) The information artifact in IT governance: toward a theory of information governance. J Manag Inf Syst 30(3):141–178
TCS (2024) Data quality issues & governance: strategies to overcome hurdles
TechRepublic (2022) Data governance frameworks: definition, importance & examples
The Institute of Internal Auditors (2023) Best practices in data governance.
Tikkinen-Piri C, Rohunen A, Markkula J, published in the Computer Law & Security Review in 2018. EU General Data Protection Regulation: changes and implications for personal data collecting companies
Tweneboah-Koduah E, Asante F, Boateng P (2022) Cybersecurity threats to smart metering systems: a comprehensive review. J Energy Secur
United Nations High Commissioner for Human Rights (UNHCHR) (2018) 2030 agenda for sustainable development. United Nations
UNM Data Governance (2023) Data Owners. University of New Mexico
Vassiliadis P (2009) Data warehouse modeling and quality issues. Springer
Venkatraman S, Abraham A, Paprzycki M (2004) Significance of steganography in data security. Int J Comput Syst Sci Eng
Verizon (2020) Data Breach Investigations Report
Vidgen R, Shaw S, Grant DB (2017) Management challenges in creating value from business analytics. Eur J Oper Res
Voss WG (2019) Cross-border data flows, the GDPR, and data governance. Washington International Law Journal
Wang Y, Hajli N (2022) Big data analytics for improved healthcare decisions. BMC Health Serv Res
Wang RY, Strong DM (1996) Beyond accuracy: what data quality means to data consumers. J Manag Inf Syst 12(4):5–33
Wang Y, Kung LA, Byrd TA (2018) Big data analytics: understanding its capabilities and potential benefits for healthcare organizations. Technological Forecasting and Social Change
Weber K, Otto B, Österle H (2009) One size does not fit all—A contingency approach to data governance. ACM Journal of Data and Information Quality 1(1):Article 4
Wei Y, Zhang Q (2018) Data security in cloud computing environments. IEEE Trans Cloud Comput
Whitman ME, Mattord HJ (2018) Principles of information security. Cengage Learning
Winig L (2016). GE’s Big Bet on data and analytics. MIT Sloan Manag Rev. Retrieved from MIT Sloan Management Review
World Economic Forum (WEF) (2021) Authorized public purpose access (APPA). World Economic Forum
Yang P, Xiong N, Ren J (2020) Data security and privacy protection for cloud storage: a survey
Yu W et al (2022) Big data analytics and supply chain integration in healthcare. J Supply Chain Manag
Zeiringer JP, Thalmann S (2022) Knowledge sharing and protection in data-centric collaborations: an exploratory study
Zhang X, Shi L (2023) Traffic detection model for IIoT network security. IEEE Trans Industr Inform
Zorrilla M, Yebenes J (2022) A reference framework for the implementation of data governance systems for Industry 4.0. Springer
Zulkarnain N, Anshari M, Hamdan M, et al (2021) Big data in business and ethical challenges
Download references
Author information
Authors and affiliations.
National Technical University of Athens, Marousi, Greece
Dimitrios Sargiotis
You can also search for this author in PubMed Google Scholar
Rights and permissions
Reprints and permissions
Copyright information
© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this chapter
Sargiotis, D. (2024). Overview and Importance of Data Governance. In: Data Governance. Springer, Cham. https://doi.org/10.1007/978-3-031-67268-2_1
Download citation
DOI : https://doi.org/10.1007/978-3-031-67268-2_1
Published : 12 September 2024
Publisher Name : Springer, Cham
Print ISBN : 978-3-031-67267-5
Online ISBN : 978-3-031-67268-2
eBook Packages : History History (R0)
Share this chapter
Anyone you share the following link with will be able to read this content:
Sorry, a shareable link is not currently available for this article.
Provided by the Springer Nature SharedIt content-sharing initiative
- Publish with us
Policies and ethics
- Find a journal
- Track your research
Database security refers to the range of tools, controls and measures designed to establish and preserve database confidentiality, integrity and availability. Confidentiality is the element that’s compromised in most data breaches.
Database security must address and protect the following:
- The data in the database.
- The database management system (DBMS).
- Any associated applications.
- The physical database server or the virtual database server and the underlying hardware.
- The computing or network infrastructure that is used to access the database.
Database security is a complex and challenging endeavor that involves all aspects of information security technologies and practices. It’s also naturally at odds with database usability. The more accessible and usable the database, the more vulnerable it is to security threats; the more invulnerable the database is to threats, the more difficult it is to access and use. This paradox is sometimes referred to as Anderson’s Rule (link resides outside ibm.com).
Get insights to better manage the risk of a data breach with the latest Cost of a Data Breach report.
Register for the X-Force Threat Intelligence Index
By definition, a data breach is a failure to maintain the confidentiality of data in a database. How much harm a data breach inflicts on your enterprise depends on various consequences or factors:
- Compromised intellectual property: Your intellectual property—trade secrets, inventions, proprietary practices—can be critical to your ability to maintain a competitive advantage in your market. If that intellectual property is stolen or exposed, your competitive advantage can be difficult or impossible to maintain or recover.
- Damage to brand reputation: Customers or partners might be unwilling to buy your products or services (or do business with your company) if they don’t feel they can trust you to protect your data or theirs.
- Business continuity ( or lack thereof): Some businesses cannot continue to operate until a breach is resolved.
- Fines or penalties for non-compliance: The financial impact for failing to comply with global regulations such as the Sarbannes-Oxley Act (SAO) or Payment Card Industry Data Security Standard (PCI DSS), industry-specific data privacy regulations such as HIPAA, or regional data privacy regulations, such as Europe’s General Data Protection Regulation (GDPR) can be devastating, with fines in the worst cases exceeding several million dollars per violation .
- Costs of repairing breaches and notifying customers: In addition to the cost of communicating a breach to customer, a breached organization must pay for forensic and investigative activities, crisis management, triage, repair of the affected systems and more.
Many software misconfigurations, vulnerabilities or patterns of carelessness or misuse can result in breaches. The following are among the most common types or causes of database security attacks.
Insider threats
An insider threat is a security threat from any one of three sources with privileged access to the database:
- A malicious insider who intends to do harm.
- A negligent insider who makes errors that make the database vulnerable to attack.
- An infiltrator, an outsider who somehow obtains credentials via a scheme, such as phishing or by gaining access to the credential database itself.
Insider threats are among the most common causes of database security breaches and are often the result of allowing too many employees to hold privileged user access credentials.
Human error
Accidents, weak passwords, password sharing and other unwise or uninformed user behaviors continue to be the cause of nearly half (49%) of all reported data breaches .
Exploitation of database software vulnerabilities
Hackers make their living by finding and targeting vulnerabilities in all kinds of software, including database management software. All major commercial database software vendors and open source database management platforms issue regular security patches to address these vulnerabilities, but failure to apply these patches in a timely fashion can increase your exposure.
SQL or NoSQL injection attacks
A database-specific threat, these involve the insertion of arbitrary SQL or non-SQL attack strings into database queries that are served by web applications or HTTP headers. Organizations that don’t follow secure web application coding practices and perform regular vulnerability testing are open to these attacks.
Buffer overflow exploitation
Buffer overflow occurs when a process attempts to write more data to a fixed-length block of memory than it is allowed to hold. Attackers can use the excess data, which is stored in adjacent memory addresses, as a foundation from which to start attacks.
Malware is software that is written specifically to take advantage of vulnerabilities or otherwise cause damage to the database. Malware can arrive via any endpoint device connecting to the database’s network.
Attacks on backups
Organizations that fail to protect backup data with the same stringent controls that are used to protect the database itself can be vulnerable to attacks on backups.
These threats are exacerbated by the following:
- Growing data volumes: Data capture, storage and processing continues to grow exponentially across nearly all organizations. Any data security tools or practices need to be highly scalable to meet near and distant future needs.
- Infrastructure sprawl : Network environments are becoming increasingly complex, particularly as businesses move workloads to multicloud or hybrid cloud architectures, making the choice, deployment and management of security solutions ever more challenging.
- Increasingly stringent regulatory requirements: The worldwide regulatory compliance landscape continues to grow in complexity, making adhering to all mandates more difficult.
- Cybersecurity skills shortage: Experts predict there might be as many as 8 million unfilled cybersecurity positions by 2022 .
Denial of service (DoS and DDoS) attacks
In a denial of service (DoS) attack, the attacker deluges the target server—in this case the database server—with so many requests that the server can no longer fulfill legitimate requests from actual users, and, often, the server becomes unstable or crashes.
In a distributed denial of service attack (DDoS), the deluge comes from multiple servers, making it more difficult to stop the attack.
Because databases are network-accessible, any security threat to any component within or portion of the network infrastructure is also a threat to the database, and any attack impacting a user’s device or workstation can threaten the database. Thus, database security must extend far beyond the confines of the database alone.
When evaluating database security in your environment to decide on your team’s top priorities, consider each of the following areas:
- Physical security: Whether your database server is on-premises or in a cloud data center, it must be located within a secure, climate-controlled environment. If your database server is in a cloud data center, your cloud provider takes care of this for you.
- Administrative and network access controls: The practical minimum number of users should have access to the database, and their permissions should be restricted to the minimum levels necessary for them to do their jobs. Likewise, network access should be limited to the minimum level of permissions necessary.
- User account and device security: Always be aware of who is accessing the database and when and how the data is being used. Data monitoring solutions can alert you if data activities are unusual or appear risky. All user devices connecting to the network housing the database should be physically secure (in the hands of the right user only) and subject to security controls at all times.
- Encryption: All data, including data in the database and credential data, should be protected with best-in-class encryption while at rest and in transit. All encryption keys should be handled in accordance with best practice guidelines.
- Database software security: Always use the latest version of your database management software, and apply all patches when they are issued.
- Application and web server security: Any application or web server that interacts with the database can be a channel for attack and should be subject to ongoing security testing and best practice management.
- Backup security: All backups, copies or images of the database must be subject to the same (or equally stringent) security controls as the database itself.
- Auditing: Record all logins to the database server and operating system, and log all operations that are performed on sensitive data as well. Database security standard audits should be performed regularly.
In addition to implementing layered security controls across your entire network environment, database security requires you to establish the correct controls and policies for access to the database itself. These include:
- Administrative controls to govern installation, change and configuration management for the database.
- Preventive controls to govern access, encryption, tokenization and masking.
- Detective controls to monitor database activity monitoring and data loss prevention tools. These solutions make it possible to identify and alert on anomalous or suspicious activities.
Database security policies should be integrated with and support your overall business goals, such as protection of critical intellectual property and your cybersecurity policies and cloud security policies . Ensure that you have designated responsibility for maintaining and auditing security controls within your organization and that your policies complement those of your cloud provider in shared responsibility agreements. Security controls, security awareness training and education programs, and penetration testing and vulnerability assessment strategies should all be established in support of your formal security policies.
Today, a wide array of vendors offer data protection tools and platforms. A full-scale solution should include all of the following capabilities:
- Discovery: Look for a tool that can scan for and classify vulnerabilities across all your databases—whether they’re hosted in the cloud or on-premises—and offer recommendations for remediating any vulnerabilities that are identified. Discovery capabilities are often required to conform to regulatory compliance mandates.
- Data activity monitoring: The solution should be able to monitor and audit all data activities across all databases, regardless of whether your deployment is on-premises, in the cloud, or in a container . It should alert you to suspicious activities in real-time so that you can respond to threats more quickly. You’ll also want a solution that can enforce rules, policies and separation of duties and that offers visibility into the status of your data through a comprehensive and unified user interface. Make sure that any solution you choose can generate the reports you need to meet compliance requirements.
- Encryption and tokenization capabilities: Upon a breach, encryption offers a final line of defense against compromise. Any tool that you choose should include flexible encryption capabilities that can safeguard data in on-premises, cloud, hybrid or multicloud environments. Look for a tool with file, volume and application encryption capabilities that conform to your industry’s compliance requirements, which might demand tokenization (data masking) or advanced security key management capabilities.
- Data security optimization and risk analysis: A tool that can generate contextual insights by combining data security information with advanced analytics will enable you to accomplish optimization, risk analysis and reporting with ease. Choose a solution that can retain and synthesize large quantities of historical and recent data about the status and security of your databases, and look for one that offers data exploration, auditing and reporting capabilities through a comprehensive but user-friendly self-service dashboard.
Continuous edge-to-edge cloud protection for your data and applications with regulatory compliance.
Wide visibility, compliance and protection throughout the data security lifecycle.
Comprehensive data protection for the most critical enterprise data.
Learn more about data organization in the cloud.
Now in its 17th year, the 2022 Cost of a Data Breach report shares the latest insights into the expanding threat landscape and offers recommendations for how to save time and limit losses.
In this introduction to networking, learn how computer networks work, the architecture used to design networks, and how to keep them secure.
Learn how the IBM Security Guardium family of products can help your organization meet the changing threat landscape with advanced analytics, real-time alerts, streamlined compliance, automated data discovery classification and posture management.
IMAGES
VIDEO
COMMENTS
Other challenges arise because the deployments of new data collection and processing devices, such as those used in IoT systems, increase the data attack surface. In this paper, we discuss relevant concepts and approaches for data security and privacy, and identify research challenges that must be addressed by comprehensive solutions to data ...
co ver from hardw are and softw are failure as well as mec hanisms to m itigate. Database Security: Concepts and Approaches 5. malicious data access denials which make the database system una v ...
In this paper, we first survey the most relevant concepts underlying the notion of database security and summarize the most well-known techniques. We focus on access control systems, on which a large body of research has been devoted, and describe the key access control models, namely, the discretionary and mandatory access control models, and ...
protection and privacy [4]. A Review of Database Security Concepts, Risks, and Problems. Ramyar Abdulrahman Teimoor*. Department of Computer, College of Science, University of Sulaimani ...
This paper first survey the most relevant concepts underlying the notion of database security and summarize the menaces to databases and different categories of vulnerabilities in database, and focuses on Virtual private database, which allows fine - grained access control down to the tuple level using VIEWS. Expand. 2.
The paper also discusses the impact of emerging trends such as cloud computing, big data, and the Internet of Things on database security. By synthesizing existing research, this review aims to ...
A Review on Database Security. Shelly, Gurleen Kaur. Published 2017. Computer Science. International Journal of Engineering and Management Research. TLDR. This paper is all about the security of database management systems, as an example of how application security can be designed and implemented for specific task, and the challenges and ...
Encrypted data is the referral to cipher or encoded text. In a database, there are two states for data security. Data is in two statuses: at rest and in motion - data stored in a database, on a backup disk, or a hard drive. Once transiting through the network, it necessitates the use of various encryption solutions.
The value of data to a company means that it must be protected. When it comes to safeguarding their local and worldwide databases, businesses face a number of challenges. To systematically review the literature to highlight the difficulties in establishing, implementing, and maintaining secure databases. In order to better understand database system problems, we did a systematic mapping study ...
Protecting this confidential and sensitive data from any kind of attack at any level is resolved by database security [1]. Optimizing solutions to security attacks entail safeguarding, conserving, shielding and defending the database from threats, unauthorized access and malicious attacks. It has a distinct range of data security controls [4].
The main goal of this study is to identify the risk and how to secure databases, encrypt sensitive data, modify system databases, and update database systems, as well as to evaluate some of the methods to handle these problems in security databases. Currently, data production is as quick as possible; however, databases are collections of well-organized data that can be accessed, maintained ...
One way to maintain the security of the database is to use encryption techniques. The method used to secure the database is encryption using the ROTI3 and Caesar Cipher methods. Both of these methods have advantages in processing speed. For thisreason, the author will compare the use of the two algorithms above in terms of the encryption and ...
Hence different areas of database security have mentioned in this paper in a simple sense. Database security such as confidentiality, integrity, and availability of data/information stored in a database is one of the most crucial and major challenges in the world of Information and Communication Technology.
In this paper, we first survey the most relevant concepts underlying the notion of database security and summarize the most well-known techniques. We focus on access control systems, on which a large body of research has been devoted, and describe the key access control models, namely, the discretionary and mandatory access control models, and ...
CONCLUSIONS This paper has discussed research directions in big data confidentiality and privacy, and IoT data security. Another relevant research area which has been the focus of intense research in the past ten years is the area of data security and privacy on the cloud. ... Bertino, R. Sandhu, "Database Security - Concepts, Approaches ...
relevant concepts and approaches for data security and privacy are discussed, and research challenges that must be addressed are identified by comprehensive solutions to dataSecurity and privacy. Data are today an asset more critical than ever for all organizations we may think of. Recent advances and trends, such as sensor systems, IoT, cloud computing, and data analytics, are making possible ...
Most database security features have to be developed to secure the database environment. The aim of the paper is to underline the types of threats and challenges and their impact on sensitive data and to present different safety models. The assumption underpinning this study is that it understands the weaknesses, threats and challenges faced by ...
This paper talks about the basics of database including its meaning, characteristics, role etc. with special focus on different security challenges in the database. Moreover, this paper highlights the basics of security management, tools in this regard. Hence different areas of database security have mentioned in this paper in a simple sense.
This paper presents a comprehensive review of security measures in database systems, focusing on authentication, access control, encryption, auditing, intrusion detection, and privacy-enhancing ...
This paper focuses on the concepts and mechanisms particular to securing data. Within that context, database ... Somtoochukwu et al. World Journal of Engineering Research and Technology 538 Data security is determined primarily by the level of security you want for the data in your database. For example, it might be acceptable to have little ...
agement, have increased the exposure of data and made security more difficult. In this paper we briefly discuss open issues, such as data protection from insider threat and how to reconcile security and privacy, and outline research directions. 1 Introduction Issues around data confidentiality and privacy are under greater focus than ever before
Data security, a critical pillar of Data Governance, involves protecting data from unauthorized access and breaches, ensuring confidentiality, integrity, and availability of data. This section examines the significance of data security, the challenges it faces, and effective strategies to safeguard data. The Significance of Data Security
This research paper delves into the critical realm of database security, a pressing concern for modern organizations with sensitive data. It explores various security threats faced by database ...
Database security refers to the range of tools, controls and measures designed to establish and preserve database confidentiality, integrity and availability. Confidentiality is the element that's compromised in most data breaches. Database security must address and protect the following: The data in the database.