The database security community has developed multiple techniques and approaches to ensure that there is data confidentiality, availability, and integrity.
The principal database security concepts include authentication, encryption, authorization and change tracking. AuthenticationIt is the process of identifying or confirming the identity of a person. The method of confirming the identity of an individual can be capitalized through validating their documents and through verifying the authenticity of the digital certificate. Authentication involves testing the validity of at least a specific identification. There are different types of identification, which includes single-factor verification, multi-factor validation, two- factor authentication and secure authentication. All these kinds of authentication play a similar role of confirming the identity of a person. Besides, due to the factor that counterfeit products are offered to the customers, there is the need for product authentication. There is the involvement of secure key storage device, which has the capacity of authentication of consumer electronics, supply chain management, and network authentication.
Therefore, authentication has helped in confirming the identity of people and authenticity of products (Johnson & Smith, 2006).EncryptionEncryption is the progression of indoctrinating posts and data in such a way that only the accredited individuals can have access to the information or messages. The scheme of encryption employs pseudo-random key generated by algorithms to prevent intruders from assessing unauthorized data and messages. There are two categories of encryption including symmetric key and public key. The difference between symmetric key and the public key is that public key is free while the symmetric key is private and it is purchasable. Encryption has been capitalized in government and military agencies to facilitate crucial secret communication.
AuthorizationIt is the progression of permitting or rejecting admission to a secure system. Mostly, the computer safety schemes are based on verification and authorization. It is the purpose of stipulating admits to rights to assets interrelated to computer safety. The detailed interpretation related to authorization include public policy, banking and at the same time, publishing.
In public policy, authorization is employed for security control. Additionally, in banking, authorization is placed in customer account when purchasing either by credit or debit cards. Therefore, authorization is vital in ensuring that security systems are kept secure and free from interruption from intruders (Johnson & Smith, 2006).Change trackingThe trivial clarification provides mechanisms for applications. To ensure that implementation of the query for changes of data and access to information is related to changes, it is essential for application developers to implement custom change tracking.
Applications capitalize change tracking in determining the type of rows that have been changed for a user table. To configure change tracking, there is the usage of SQL Server management studio. To track changes, there is the need of enabling change tracking and then would allow tables to be tracked within the database (Silberschatz, Korth & Sudarshan, 2007).