Database Security
The focus of this study is that of database security. Databases and database technology are such that play critical roles in the use of computers whether it be in business, electronic commerce, engineering, medicine, genetics, law, education or other such entities requiring the use of computer technology. A database is quite simply a collection of data that is related such as a database containing customer information, supplier information, employee information, project databases, and the sort. Some databases are small while others are of a great size and quite complex. A database management system is "a general purpose software system that facilitates the processes of defining, constructing, manipulating, and sharing databases among various users and applications." (Oracle Security, 1998, p.1) Defining a database is reported to involve "specifying the data types, structures and constraints of the data to be stored in the database." (Oracle Security, 1998, p.1)

I. Database Security Plan

Securing…...

mla

Bibliography

Database Security Best Practices (2012) Applicure Technologies Ltd. Retrieved from:  http://www.applicure.com/blog/database-security-best-practice 

Developing a Database Security Plan (1998) Oracle Security. Chapter 7. Retrieved from:  http://oreilly.com/catalog/orasec/chapter/ch07.html 

Murray, MC (2010) Database Security: What Students Need to Know. Journal of Information Technology Education: Innovations In Practice. Vol. 8. Retrieved from:  http://www.jite.org/documents/Vol9/JITEv9IIPp061-077Murray804.pdf 

Yang, L. 2009. Teaching database security and auditing. Proceedings of the 40th ACM Technical Symposium on Computer Science Education, Chattanooga, TN, USA.

Database Security Plan and equirements Definition for a University Department
The database security plan and requirements definition were developed. The plan included, at the outset, the inclusion of major stakeholder at the University and described their roles in initiating, implementing, and maintaining the plan. Individuals responsible for daily and other periodic tasks were developed. A major consideration in planning the security was the policy that governs granting of access. The need-to-know, combined with the users' roles provided the guiding principles. Physical security, backing up of data and the periodic exercise of restoring data were not overlooked in the plan. Plans were set in place to ensure that attention was paid to the dynamic nature of the document since the security environment must continually change in order to discourage system attackers and to keep pace with the rapidly changing technology.

The Business Environment

We are an entrepreneurial business department in the faculty of engineering…...

mla

References

Bond, Rebecca, Kevin Yeung-Kuen See, Carmen Ka Man Wong, and Yuk-Kuen Chan (2007). Understanding DB2 9 Security. Indianopolis: IBM Press.

Bustamante, M., (2008, January 10). Designing Role-based Security Models for .NET. Available:   [5 February 2012]http://www.codeguru.com/csharp/.net/net_security/authentication/article.php/c19575/Designing-Role-Based-Security-Models-for-NET.htm 

Ferrari, E. (2010). Access Control in Data Management Systems. Varese: Morgan & Claypool.

Haigh, J.T. (1987). Modeling Database Security Requirements. In C.E. Landweir (Ed.) Database Security: Status and Prospects (pp. 45-66). Amsterdam: Elsevier.

With optimistic concurrency control, the database checks resources to determine if any conflicts have occurred only when attempting to change data. If a conflict occurs, the application must read the data and attempt the change again. Pessimistic concurrency, on the other hand, control locks resources as they are required, for the duration of a transaction. Unless deadlocks occur, a transaction is assured of successful completion
5.5 Audit Tracking

Although auditing does not prevent system attacks, it is a vital aid in identifying intruders, attacks in progress, and to diagnose attack footprints (Meier, Mackman, Dunner, Vasireddy, Escamilla and Murukan). It is important to enable Windows operating system level auditing and SQL Server login auditing. SQL Server also offers an auditing capability that complies with the U.S. Government C2 certification. C2 level auditing provides substantially more audit information at the expense of increased disk storage requirements.

5.6 Encryption

SQL Server 2005 will support native database…...

mla

Bibliography

Ambler, S. (2004, April 1), "Concurrency Control," Available:

  (Accessed 2005, January 5).http://www.agiledata.org/essays/concurrencyControl.html#Collisions 

Backup," Available:

(Accessed 2005, January 5).http://msdn.microsoft.com/library/default.asp?url=/library/en-us/tsqlref/ts_ba-bz_35ww.asp

Database designers and administrators can work concomitantly with it professionals and researchers to implement the security measures necessary to mitigate risks to data.
I have been a database user at my company for a number of years. As such, I am allowed access from only a limited number of locations; one static connection at home, one at work, and one laptop connection that I carry with me when traveling. Each connection has its own password, which is updated on a daily basis. I create the passwords myself, and nobody else has access to these. The it department has provided me with training in optimizing the strength and security of my passwords. ecurity at my company is extremely important, as data leak could for example lead to a compromise of our competitive edge.

ources

Chapple, Mike. Database ecurity: A Fine Balance Between Roles and Rights. About.com http://databases.about.com/od/security/a/databaseroles.htm

Chapple, Mike. QL Injection Attacks on Databases.…...

mla

Sources

Chapple, Mike. Database Security: A Fine Balance Between Roles and Rights. About.com http://databases.about.com/od/security/a/databaseroles.htm

Chapple, Mike. SQL Injection Attacks on Databases. About.com. http://databases.about.com/od/security/a/sqlinjection.htm

Strengths vs. Weaknesses

The article 2007 Survey on Database Security; highlights the most pressing issues that could be facing an organization (someone from within who could have access to the data). Where, this strength points out a situation that many it managers are overlooking. However, the weakness of the article is that it points out the problem, while at the same time saying there is no effective solution. In many ways this is the equivalent of point out a fire and then not having the tools to put it out. (Ponemon, 2010)

The article How to Secure Sensitive Data in a Cloud Environment; highlights how many businesses are turning to virtual networks to perform many functions. The biggest strengths of the article are: the overall dangers it points with this type of it protocol and how an organization can address these issues. The main weakness of the article is that it only…...

mla

Bibliography

Markovich, S. (2010). How to Secure Sensitive Data in a Cloud Environment. Retrieved May 14, 2010 from E. Week website:  http://www.eweek.com/c/a/Cloud-Computing/How-to-Secure-Sensitive-Data-in-Cloud-Environments/ 

Ponemon, L (2007). 2007 Survey on Database Security. Retrieved May 14, 2010 from Appsec Inc. website:  http://www.appsecinc.com/techdocs/whitepapers/2007-Ponemon-Database-Security-Study-Sponsored-by-Application-Security-Inc.pdf

Database Security Case Study
Database Security: Case Study

The objective of this study is to answer specific questions following have read the case study which is the focus of this work in writing including naming the concepts which are illustrated in the case study and why a customer database is useful for companies related in the case study under review. This work will additionally answer as to what would occur if the companies did not keep their customer data in databases. Secondly this study will determine the effectiveness of the SAS statistical modeling software that is described in the case study and will answer as to how better data management and analytics improve each company's business performance and provide two examples of improvement realized through mining customer databases. This study will additionally describe some of the weak points of predictive analytics and answer as to what management, organization, and technology factors are…...

mla

Bibliography

Asking the Customer by Asking the Database: Case Study (nd) Chapter 6 -- Foundations of Business intelligence; Databases and Information Management.

Eckerson, WW (2007) Predictive Analytics: Extending the Value of Your Data Warehousing Investment. TDWI Best practices report. Retrieved from:  http://www.sas.com/events/cm/174390/assets/102892_0107.pdf 

Effective Response Modeling (2014) SAS.com. Retrieved from:  http://www.sas.com/success/pdf/ing.pdf 

Fule, P. (2004) Detecting Privacy and Ethical Sensitivity in Data Mining. Researchgate. Retrieved from: www.researchgate.net/...Ethical...Data_Mining.../3deec51f7...

Design citeia exist at the levels of the technical, system integation aspects of the database to othe systems though XML. This integation is citically impotant to ensue that the applications ceated can be effectively used ove time and not have any scalability issues. Thee is also the need fo designing the databases at the pesentation laye to povide fo scalability and flexibility of being able to ceate applications elatively quickly at the potal level. This is especially impotant fom a Business Pocess Management (BPM) standpoint as databases must be able to suppot the vaious pocess wokflows as defined as pat of business pocess e-engineeing effots ove time. Thee is also the need fom a design standpoint to have a continued development initiative going to captue use needs ove time and include them into the next geneation of database updates. The use of councils to ceate update plans and define the…...

mla

references and real-time workload in information services. Information Systems Research, 11(2), 177-196.

Pangalos, George (1994). A tutorial on secure database systems. Information and Software Technology, 36(12), 717.

Gerald Post & Albert Kagan (2001). Database management systems: Design considerations and attribute facilities. The Journal of Systems and Software, 56(2), 183-193.

Ji Ma, Mehmet A Orgun. (2008). Formalising theories of trust for authentication protocols. Information Systems Frontiers, 10(1), 19-32.

Reagan, J., & Rowlands, I.. (2007, January). Key Technologies Enabling a Seismic Shift in Enterprise Data Management. Business Intelligence Journal, 12(1), 17-25.

y grouping related database queries into transactions, DMS systems can guarantee that each transaction satisfies the ACID properties: Atomicity, Consistency, Isolation, and Durability. However, if a database application is decomposed into transactions in an incorrect manner, the application may fail when executed concurrently.
Concurrency control deals with the issues involved with allowing multiple people simultaneous access to shared entities (Ambler, 2004). A collision occurs when two activities, which may or may not be full-fledged transactions, attempt to change entities within a system of record. A database administrator can either devise ways to avoid collisions or detect and then resolve them. Transactions are collections of actions that potentially modify two or more entities. The easiest way for an application to implement transactions is to use the features supplied by the database. Transactions can be started, attempted, then committed or aborted via SQL code. Also, database APIs such as Java Database Connectivity…...

mla

Bibliography

Ambler, S. (2004, April 1). Concurrency Control. Retrieved November 27, 2004 from Agile Data Web site:  http://www.agiledata.org/essays/concurrencyControl.html#Collisions 

Database Administrator. Retrieved November 27, 2004 from TechTarget Web site:  http://searchdatabase.techtarget.com/sDefinition/0,sid13_gci214169,00.html 

Database Management System. Retrieved November 27, 2004 from TechTarget Web site:  http://searchdatabase.techtarget.com/sDefinition/0,sid13_gci213669,00.html 

Database Security and Administration (2001). Retrieved November 27, 04 from Web site: http://www.urgrgcc.edu/shastri/.%5CDatabase%20Course%5Cdb1-2a.htm

Databases in the Work Place
We are in the information age and the effective management of data is paramount in almost all aspects of our life. All businesses today thrive on the availability of vast pool of data pertaining to their domain and thus databases constitute an indispensable aspect of all businesses. Having access to a huge database and the intelligent interpretation of the data therein holds the key to business success. I am working as a database engineer for "Intelligent Email Solutions," a company which specializes in offering email based intelligent customer relationship management solutions. Let us have a brief overview of the use and the importance of databases in our company.

Database

Our clientele are big corporations like Nike, Citibank, ANZ Grindlays, Jc penny etc. We provide automated email-based customer relationship management using our novel 'semantic engine' which scans through thousands of customer emails and categorizes them and routes them back…...

These laws also emphasize that obtaining such personal information and how it will be used should be made with the individual's knowledge and consent. Moreover, individuals also have the additional rights of viewing, correcting, and deleting the information pertaining to them. ut do we really have access to all information that is being taken from us? We can never tell and we might end waking up one day being accused by actions we haven't taken or worst waking up with a different identity.
II. Security of the Data Gathered

Database Systems are designed and programmed by no less than humans. Securing these databases involves the protection against unauthorized disclosures, alteration and destruction. Security that focuses on stopping people without database access from having any form of access at all and stopping people with access to perform any data manipulation that are not part of their duties or not included in the…...

mla

Bibliography:

ALR (Feb 06, 2006) Regulation of Data Brokerage Retrieved June 03, 2006 at http://courseblog.cs.princeton.edu/spring06/wws528f/?author=15

Computer Underground Digest #6.27 (Mar 27, 1994). Retrieved June 03, 2006 from "Ethical issues in hacking and piracy"

Data Protection Act 1998. Retrieved June 03, 2006 at  http://www.opsi.gov.uk/ACTS/acts1998/19980029.htm 

Right of self-decision, self-control on one's own personal information" Retrieved June 03, 2006 at  http://rights.jinbo.net/english/privacy.html

Databases and their relational file structures have also progressed to the point of being open in architectural structure enough to allow for real-time updates via XML calls and integration points throughout individual and shared files (oth, Hernandez, Coulthard, Yan, et al., 2006). This open architecture-based approach to XML integration is also making databases ideally suited for transaction-intensive environments throughout e-commerce websites and throughout complex transactions involving multiple selling partners through a supply chain as well (Smyrlis, 2005). As a result, databases are the foundation of distributed order management, enterprise content management, enterprise resource planning (EP) and Customer elationship Management (CM) systems.

Databases and Security

Databases in organizations and governments often hold the most confidential data that exists and therefore need to be protected extremely well. The dominant standard for database security is ACID (atomicity, consistency, isolation, durability) compliance (Dolgicer, 1993). When an ACID test of compliance is completed on a database these…...

mla

References

Dolgicer, Max (1993, June). The ACID test for distributed transactions. Data Communications, 22(9), 25.

Araby Greene (2008). Managing subject guides with SQL Server and ASP.Net. Library Hi Tech, 26(2), 213-231.

Margo Hanna (2004). Data-mining algorithms in Oracle9i and Microsoft SQL Server. Campus - Wide Information Systems, 21(3), 132-138.

Ken Krizner. (2002, May). Turning inventory into profits. Frontline Solutions, 3(5), 16-20.

Database Administrator, Manager of IT, and the value of a college education
As a result of swift distribution of computers and information technology, a necessity for well trained workers to design and promote new hardware and software systems and to integrate new technologies. These workers comprises of computer systems analysts, database administrators, and computer scientists. Based on the choices and procedures of employers and on development of new areas of specialization or alterations in technology, the job responsibilities and professional titles relating these workers change quickly. An ever-increasing level of talent and education from the employees is demanded by the speedily shifting technology. Organization's expectation on professionals is broadening from wholesome technical knowledge to communication and other interpersonal skills. Hence, workers who can manage various tasks are in great need.

Though employers favor workers with technical degrees, persons with degrees in a range of majors also get employment in these computer jobs.…...

mla

References

Allen, Gemmy. (1998) "Managerial Roles" retrieved from Accessed on 7 May 2005http://ollie.dcccd.edu/mgmt1374/book_contents/1overview/managerial_roles/mgrl_roles.htm

"Career guide for Database Administrator" retrieved from Accessed on 7 May 2005http://jobs.state.va.us/careerguides/DataBaseAdmin.htm

"Computer Database Analysts & Administrators" (5 May, 2005) Retrieved from Accessed on 7 May 2005http://www3.ccps.virginia.edu/career_prospects/briefs/A-D/DatabaseAdmin.shtml

"Computer Systems Analysts, Database Administrators, and Computer Scientists" (May 18, 2004) U.S. Department of Labor: Bureau of Labor Statistics. Retrieved from   Accessed on 7 May 2005http://www.bls.gov/oco/ocos042.htm 

The authors have expertise with Oracle databases and use examples from the enterprise products this software vendor provides to make their point regarding security of highly distributed networks. One of the more valuable aspects of this specific paper is the focus on how to create a multilevel secure environment in an enterprise. The authors have done enterprise-level database security work in their careers and this article and research communicate their expertise clearly.
In the article Data Security: A Security Implementation for elational Database Management Systems (Nilakanta, 1989) the author contends that information architectures must rely on a stable database management system (DBMS) to scale securely and reliably across an enterprise. The author provides insights into several different security procedures and approaches to defining a secured operating environment for enterprise-wide DBMS implementations and use. There are also guidelines for defining security clearances and recommendations on hwo best to use encryptions for…...

mla

References

Feeney, T.R. (1986). Security issues and features of database management systems. Information Age, 8(3), 155-155.

Fulkerson, C.L., Gonsoulin, M.A., & Walz, D.B. (2002). Database security. Strategic Finance, 84(6), 48-53.

Harris, D., & Sidwell, D. (1994). Distributed database security. Computers & Security, 13(7), 547-547.

Nilakanta, S. (1989). Data security: A security implementation for relational database management systems. Computers & Industrial Engineering, 17(1-4), 415-415.

Security management 1. In a civil action, how can a claim of negligent hiring have a greater chance of succeeding?
Jurisdictions have been increasingly putting laws in place pertaining to what makes organizations a potential target for a lawsuit on negligent hiring. Though in most instances, claims of negligent hiring may be effectively fended off, it proves increasingly tricky in the following cases:
· If the individual harming or injuring another is an employee of the company.
· If the employee is found guilty of harming, injuring or doing any damage to the complainant.
· If the organization was aware of, or ought to have been aware of, the employee’s tendency to inflict harm or injury.
· If the organization was inattentive when hiring the individual and failed to carry out a proper background check which could have identified the individual’s tendency to cause harm to clients or colleagues (McCrie, 57-60).
2. What is the risk to security…...

Security Plan: Pixel Inc.
About Pixel Inc.

We are a 100-person strong business dedicated to the production of media, most specifically short animations, for advertising clients worldwide. Our personnel include marketing specialists, visual designers, video editors, and other creative staff.

This security plan encompasses the general and pragmatic characteristics of the security risks expected for our business and the specific actions that aim to, first and foremost, minimize such risks, and, if that's not possible, mitigate any damage should a breach in security happen.

Scope

The measures to be taken and the assigned responsibilities stated in this document apply to all the departments that make up the company. Exemptions can be given but will be only under the prerogative of the CEO under the consultation of the Chief Security Officer that will be formally assigned after the finalization of this document. Otherwise, there will be no exception to the security measures stated in this document.

Section…...

mla

Bibliography

Internet Securit Alliance. (2004). Common sense guide to cyber security for small businesses. Retrieved from:  http://www.ready.gov/business/_downloads/CSG-small-business.pdf .

Microsoft. (2004). Step-by-step guide to securing Windows XP Professional in Small Businesses. Retrieved from:  http://www.microsoft.com/downloads/en/details.aspx?FamilyID=9faba6ed-2e9c-44f9-bc50-d43d57e17078 .

Noriega, L. (24 May 2011). Seven Cyber Security Basics Every Small Business Needs. Retrieved from:  http://www.openforum.com/articles/7-cyber-security-basics-every-small-business-needs .

Teixeira, R. (4 June 2007). Top Five Small Business Internet Securit Threats. Retrieved from:  http://smallbiztrends.com/2007/06/top-five-small-business-internet-security-threats.html .