You are on page 1of 3

Introduction Databases have permeated the information systems in business installations over the years.

As the size and complexity of data has increased, companies have increasingly chosen to switch from flat file storage to relational databases to better and more efficiently organize their data. There are many advantages to databases some of which are reduction in data redundancy, increased data consistency, more data integrity and increase in data security. Relational database systems use an English like Structured Query Language for data storage and retrieval .SQL allows for flexibility in data retrieval which was not available in using application programs for retrieving data from file based storage. While database systems are inherently more secure than flat file based systems, with the increasing amount of data being stored in databases ,crackers are finding new vulnerabilities and exploits to crack into databases and steal sensitive information .Therefore ,there is also an urgent need to secure databases and fix security loopholes. Oracle Database: Oracle Database is an object -relational database that is used in Enterprise installations .It relies on a group of background processes running simultaneously and cooperating together to implement database operations. It is the first database designed for the purpose of enterprise grid computing and is one of the most flexible and cost effective way to manage information and applications. The server side memory structure of an Oracle database is known as System Global Area. It typically holds cache information such as SQL query data and data buffers. Storage in The Oracle database is handled in the form of table spaces logically and in the form of data files physically. The default Oracle database schema is called SCOTT. Security in the Oracle database -Security in the Oracle database is handled by controlling simultaneous access to data resources through locks. Oracle DB also uses latches to protect shared resources in the system global area. It is a fairly secure database option since it supports the following options-Virtual Private Database support, Fine-grained Auditing support for DML Uniform Audit Trail. The new version of Oracle also comes with a PL/SQL Encryption package called DBMS_CRYPTO (Oracle Database Security Guide,Oracle)

IBM DB2 IBM DB2 is the database solution by IBM. Its first version came out in 1983 for the MVS Mainframe platform. It follows Oracle database closely as the second most preferred enterprise database solution. DB2 has innovated constantly and has many salient features that differentiates it from its competitors, these are-greater concurrency for data management ,access and definition. Improved security and very fine grained data auditing capabilities, pure XML and SQL enhancement s and optimizations to offer faster data access and simplify portability. Security in IBM DB2

IBM DB2 also offers many features to fine tune security so that enterprise users can store data and operate in a secure environment. It offers the following security featuresAuthentication-Before opening DB2 instance users must authenticate via a LDAB server or via Kerberos. Authorization-It is the process of verifying whether the user has the privilege and authorization to perform certain operations on the database. Trusted Contexts-This addresses security concerns in a three tier application model. Auditing- Auditing allows the administrator to monitor data access and provides options for data analysis and for tracing he data flow.(DB2 Security, IBM) Microsoft Access: Microsoft Access is a basic database that is designed for basic database purposes. It has a GUI based record insertion, deletion and querying. It is based on Microsoft's Jet database engine and can import data stored in other databases directly into it. Access can also be used as a front end with other more robust database servers such as Microsoft SQL Server acting on the backend. Security in Microsoft Access: Microsoft Access supports the following security operations. Database Encryption-Encryption compacts the database file and makes it inaccessible to utility programs and disallows casual users from accessing it. Database password Using a password enables users to provide access level security to their data. Setting a Module password-Standard modules or class modules can be protected using a module password. Using MDE file-A database file can be converted to an MDE file to prevent unauthorized access to it.(Exploring Microsoft Access Security, July 2002) Conclusion: Security can be a big factor when choosing between database products and in a database there always needs to be a tradeoff between security and performance. When only lightweight data needs to be supported a lightweight database such as Microsoft Access can be used. Those databases provide basic security mechanisms. However when a database needs to be designed for an enterprise system a more robust database such as Oracle or DB2 needs to be used. Although database software plays a large role in how secure a database is, it is the users who need to be educated about database security in order to prevent the database from being accidentally or purposefully compromised.

Reference: IBM DB2 9.5 Information Center for Linux, UNIX, and Windows. (n.d.). IBM Support Portal: Support home. Retrieved July 1, 2012, from http://publib.boulder.ibm.com/infocenter/db2luw/v9r5/index.jsp?topic=%2Fc

om.ibm.db2.luw.admin.sec.doc%2Fdoc%2Fc0021804.html Ibm Db2 Security Primer. (n.d.). Welcome to SecurityTube.net. Retrieved July 1, 2012, from http://www.securitytube.net/video/966 Introduction to the Oracle Database. (n.d.). Oracle Documentation. Retrieved July 1, 2012, from http://docs.oracle.com/cd/B19306_01/server.102/b14220/intro.htm Keeping Your Oracle Database Secure. (n.d.). Oracle Documentation. Retrieved July 1, 2012, from http://docs.oracle.com/cd/B28359_01/network.111/b28531/guidelines.htm Rice, F. (n.d.). Exploring Microsoft Access Security. MSDN Explore Windows, Web, Cloud, and Windows Phone Software Development. Retrieved July 1, 2012, from http://msdn.microsoft.com/enus/library/aa139961(v=office.10).aspx Strategic Benefit Solutions- Database Security. (n.d.). Strategic Benefit SolutionsPartnering With Employers. Retrieved July 1, 2012, from http://www.benefitscom.com/security.htm