DATABASE AND DATA SECURITY2 PART A Introduction The advanced and the frequent use of information system has forced many organizations to look for alternative sources in terms of securing their data and databases from third parties (Lee, 2000). As a result, the need for data protection has become fundamental in order for the organization to work effectively. Data and database security has become a key challenge for many organizations due to cyber-attacks and security breaches. Many vendors have resorted to various techniques for safeguarding the organization sensitive data and thus reducing the data breaches significantly. Data masking is one of the imperative techniques that vendors use in ensuring the privacy and authorized access to sensitive data or databases (Radhakrishnan, Kharrazi, & Memon, 2005). This is the process of hiding sensitive data and exposing data that mimics the original data with the intention of encapsulating original data from third-party access. The exposed data is used to serve diverse intended purposes while ensuring the integrity of the sensitive data is kept untouched or unaltered. For instance, it can be used in software testing and training purposes. Key to note, it is not recommendable to use the original copy of data from such organization due to security attacks which could jeopardize organizational data and the entire database. Nowadays the sensitive data has become an integral part of on every organization and there is need to protect it from replication and usage in various activities and in different environments for training and testing because the exposure of sensitive data exposes the organization to cyber-related attacks (Gumpel, & Chaughule, 2010).It is therefore, essential for the organization to mitigate risk by deploying some practices which ensure the exposure of the
DATABASE AND DATA SECURITY3 sensitive data is null and the organizational data and database are impeded from unnecessary access. Consequently, masking is used due to obfuscate the data and meet the compliance standard set the security regulatory bodies regarding with data security and intruders. Data masking involves the alteration of the real data and coming up with the data that resemble the same data which serves for different usage in the organization like software testing and training purposes (Ebrahimi, Hassan, Singh, Kuppuswamy, & Chidambaram, 2012).This allows the sensitive data from alteration or access by different users and the integrity of the data which serve as fundamental decision-making tool and organization is kept safe. Such exposures are prevented from using various methods suchas substitution of the data where applicable, encryptions and reshuffling of data or the database. These methods are chosen and based on the organization choice and preference. Data masking through these techniques denies any chance of reverse engineering which may be used to reverse the existing data into its original form as a way of trying to gain unauthorized access (Pomroy, Lake, & Dunn, 2011). Use of real data in the testing environment poses many security breaches which many organizations are naïve. Consequently, they end up being experiencing frequently attacks. Gumpel & Chaughule (2010) reiterated thatseveral business enterprises are constantly being attacked due to such novice use and allowing the use of their sensitive data and databases in testing and development phases of various softwares. The data used in this scenarios are totally plain and attack-prone Data breaches sometimes take place in software testing processes and takes different diverse forms which cannot be easily identified. Data breaches can be neglected although they enable the third part terrorize the organization by manipulating their data unknowingly. Computers and laptops handled by the third parties or the data or storage shared with the third parties act as through pass point for intruders and the organization will not evade
DATABASE AND DATA SECURITY4 from security attack on their data. This has suggested the data masking which allows the simulation of data is mainly used for the testing process to avoid data breaches. User training, on the other hand, involves the use of data as a training tool. Use of real data while training staff and employees should be discouraged because research shows that most of the attacks on data are caused by the use of the organization data in facilitating training processes (Boukobza, 2014).Alternatively, the organization should embrace techniques of generating virtual data which can serve the same purposes as the original data in order to safeguard the organization from reckless attack. The simulation of data and the modification of the existing can be precisely used in training sessions thus preventing third party intrusion. The fictitious data is precisely advocated for use in training and testing processes because such data have no close relationship with the organization data thus eradicates the third party access. Data masking takes two forms- static and dynamic masking. The static data masking aims at manipulating data that is in a stationary state whiledynamic data masking, on the other hand, is appliedto change the data that is in the mobile state and keepthe original data unchanged(Fergusson, 2006).These forms of data masking has been of great significance in combating data and database security breaches by denying unauthorized access of the data in the database or the data that is shared in a communication situation. Both data security is essential and many organization which have implemented the two have mitigated the vulnerabilities of the data breaches. The idea of the data masking has been recognized by the many organization as a form of security of their data and the organization entire database. The technique has been imperative to protecting the data using the methods and has boosted the security concerns of the organization. Cisco, however, recognized this concept of data masking in order to protect their data and
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
DATABASE AND DATA SECURITY5 databases from exponential attacks. In addition, they are also able to meet the standard compliance of data security privacy laws and regulations. Sensitive information in Cisco is protected and they are not used in occasions such as training of the users and the software development practices which require some set of data. The originality of the user data is altered through the deployed the techniques such as substitutions and reshuffling to mitigate the risk of exposure of their data and ensuring that the data is safe from third-party access (Fujiwara, Lochowitz, & Kehrer, 2003).Data masking technique has enabled the organization to duplicate data which fit their use in different scenarios and meet their expectation while keeping the original data safe and unchanged. The sensitive data which entails customer information and their details are integrated into Oracle database and security features arearticulated for security purposes (Brodersen, Rothwein, Malden, Chen, & Annadata, 2004). Before the use of the data masking technique, Cisco was facing many challenges in terms of data security and the realization and deployment of this data privacy idea has enabled the organization eradicate various security difficulties which impacted negatively the running of the organization because the novice users within the organization was using the original data performing various activities which were not the primary goal of the data in the databases of the organization(Santos,Bernardino, & Vieira, 2011). Data masking, therefore,has served many roles in the company. Some of the roles played by the data masking include the prioritizing the crucial data in the organization, encryption of the sensitive data, monitoring data usingdata masking software tools, the creation of the altering and manipulation rules used in data masking (Youn,& Wong, 2013). Benefits of data masking to the organization
DATABASE AND DATA SECURITY6 Data masking has been fundamental and important to organizations in many ways. It has aided organizations in protecting their sensitive data and databases which are prone to attacks. The concept has also been used in automation of the processes which enable the privacy of the data and increases assuranceto the organization that their data and databases are safe from third- party access (Gopinath, Sastry, Sethumadhavan,& Kizhakkel, 2011). Another vendor which pioneered data masking is the MENTIS Software vendor. The company was the first to implement the concept of data masking and it is one of the manufacturing company which comprises of the huge database. Due to this amount of data they have expertise in data masking to benefit in protecting their data at the same time they protect the data for various client which they are naive on the masking as a way of preventing data breaches. They provide the static data masking and dynamic data masking and the unstructured data masking The organization has been in a position to mitigate data breaches thus enabling it to focus on the business activities hence transforming their business due to reduced risk and the idea of risk-taking is eliminated due to presence complete data security through data masking and other security measures which augur well with the data masking (Johnson et al., 2004). MENTIS data security mitigation techniques handle the security issues. For instance, the masked data is used to substitute the original data and exposure of the backbone is inhibited through various cycles which involves the static and dynamic masking. The software vendors is also evolving and advancing with the aim of ensuring a high level of security is maintained and data masking is stated to be one of the key points of focus. (Greenwood, & McGrath, 2001).Their masking techniques align with the static and dynamic data masking hence protecting data in a rest state and in transit .respectively. Such protection helps in avoiding the misuse of the sensitive data at the same time the originality of the data is also maintained.
DATABASE AND DATA SECURITY7 MENTIS being the pioneer in data masking, it has advanced in its services in making sure that the organization data is safe and control access to the data and the databases. Their services have even expanded and they can also train the organizations on the data masking usage, application and the importance of data security. Their platforms anticipate wholly protection and mitigation of data breaches which comprises the mask and scramble of data. The solution is applicable in diversified information technology environment- both productive and non- productive and pre-productive environments. In addition, the organization is visionary on the data masking technique which helps the company to expand and adopt the latest advancement in technology and endorse such changes in dynamic and static data masking in order to combat the evolving attack on data and the databases to the organization and their clients. The third is the Oracle data masking. This is venture from the Oracle enterprise for protecting any unauthorized access to its data. The sensitive data is replaced with the scramble data. The data masking pack is used to aid the organization to meet the regulatory requirement and comply with the privacy of the data. The usage of data, in this case, is testing purposes, for instance, the developers need some data in testing the application developed. The data generated for this purpose is innocuous but seems to be real and personally identifiable information is hidden from any access. Data masking in Oracle is dedicated to serving two main purposes; they are used to provide confidentiality of the data by denying data exposure and producing data which resembles the real data (Rizvi, & Haritsa, 2002). The Oracle has three types of masking. First, compound masking which ensures the integrity of the columns when the database is masked (O'flaherty et al., 2001).The content of the column relationship is maintained thus making the masked data function just like the original data due to the enabled relationship.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
DATABASE AND DATA SECURITY8 Second is the deterministic making. This takes care of repeated data in the columns and database is repeated as they’re in the real database. Therefore, this ensures the values are repeated based on the database values. Key-based reversible masking is another type of data masking in Oracle. This is used when there some data to be shared between the organization and the third party. Data is sent to a third party in encrypted masked form. When data is received by the intended third party, it is decrypted using the reversible (decryption) keys and then converted to its normal form (Ludwig et al., 2004).This is possible when the organization needs their data to be analyzed for the organizational decision-making process. When the third party is through with the analysis the data is shared using the same technique. In conclusion, data breaches are inexorable thus practices such a data masking which boost security data and prevent the third part from interacting with the real data should be embraced by the organization to improve their data security andcomply with the security standards. The three organization and others who have realized the importance of the data masking have been able to protect their sensitive data and the data of their clients.
DATABASE AND DATA SECURITY9 Part B Encryption is a technique used in data security to enhance integrity and privacy of data (Mao 2003).Data privacy and protection is a fundamental requirementdue to advancements and wide use of the technology. The data circulating within and even external sources should be protectedand encryption and cryptography has played a crucial role in protecting the data flow processes. Encryption entails encoding of the plain data into the ciphertext which cannot be understood by a third party. Such data is encrypted using laid down algorithms. At the recipient’s end, data is safe and is decoded to its original data using encryption keys. Therefore, the encryption process is applicable in various organizational setups ranging from the profit and nonprofit organizations, large and small enterprises and government agencies in order to protect them from cyber-crimes and related attacks (Stallings, 2003). Cryptography is a technique used to enhance the security of communicating data and information (Hellman et al., 2000).Just like the encryption, cryptography is deployed to prevent security breaches and ensure communication between the sender and recipient is secured. Cryptography techniques are commonly used nowadays to aid in security and embracing security. It is therefore indispensable for any organization in this era of intensified use of technology to deploy the cryptographic methodologies as a way of combating security issues. Having proper cryptographic technics is paramount in dealing with the data security (Tang, 2007). Methods of cryptographic techniques
DATABASE AND DATA SECURITY10 Various cryptographic techniques are applicable in different platforms though not all enterprises require the same level of security since there are large disparities in data security methodologies. These cryptographic methods vary depending on the complexity or simplicity of each. Consequently, these methods are deployed depending on the complexity and the size of the organization (RoblingDenning, 2002).For instance, an organization that encompasses with small and simple data use simple methods while organizations that handle huge data (and are large in nature) require complex cryptographic methods to secure their data and database. Substitution method This is one of the simple methods which is commonly used by small companies or organization that don’t hold much data. The method involves swapping of the alphabetical letters to hide the true meaning of data. The method can also allow substituting of existing letters with non-existing ones (Feistel, 2003).The only intention here is to encapsulate data by preventing the third person from snatching and understanding data before reaching the recipient end. Additionally, the data can be substituted with integers. For example, the first letter of the alphabet can be replaced with one and others respectively. The main challenge of the substitution method is that the encoded data can’t be cracked with ease by the third party. Reciprocal Method This is a more advanced method as compared to substitution method. It necessitates the creation of the of the ciphertext using a machine that is dedicated to creating cryptographic data. After the machine has converted the plain text, the text is substituted depending on the letter the machine mapped the letters (Sharma, & Kumar, 2017).For instance, ifletter A is replaced with letter Z then the all the letter A in the plaintext is replaced with Z as per the machine generation.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
DATABASE AND DATA SECURITY11 As compared with the substitution method, this is more secure and is recommendable for middle size and small size business organization. When the ciphertext is inputted to the machine, the text is transformed into the plain text. Symmetric Method This is more advanced method compared to the first two methods as described by (Hosseinkhani, & Javadi, 2012). The method usesthe same key for encryption and decryption process. The encryption and decryption key is similar thus the ender and the recipient should share the key so that when data reached has the recipient’s end, it is decrypted and reconverted to the original format. The encryption/decryption key is shared only by the sender and recipient. This technique is ideal for the middle size and large organization that is composed of a large database. Banking institutions and business enterprises that transact online use this method and the asymmetric method as well. Asymmetric Method This is the most advanced method compared with the three methods. This method involves the use of the private and public keys. The private key is known by the individual users and the public key is handed to the intended recipient. The asymmetrical method allows the encryption of data or file using the received public key which will be readable only by the intended recipient unless the person having the private key of the reception end (Rogaway, & Coppersmith, 2003). This results in protection of the organization data and the entire database. Open GPG is a true example of the asymmetric method. The method is used by
DATABASE AND DATA SECURITY12 telecommunication companies and database organization like Oracle in order to keep the data and database private and the request is genuine and disables the suspicious request and access. Information Right Management (IRM) Merkle(2000) definedInformation Right Management (IRM) as Information Technology security techniquethat is used for the protection of sensitive data that should not be exposed to unauthorized persons. The main role played by the Information Right management is the protection of sensitive data and encryption is such one way. Thus, encryption is beneficial to the Information Right management in that it aids in keeping the privacy of the sensitive data. In most cases, encryption techniques are applied in Information Right Management to safeguard the privacy of the data from the unauthorized access. The encryption concept is however beneficial to the information Right Management since it supplements privacy of data they are trying to protect the public and unintentional access (Reaz et al., 2007). Encryption is necessary for Information Right Management because it isa method that is used to deny the copying manipulation sending and printing of prohibited files. The documents and data may be stored in the form of a file for example excel or word document. Security of such stored file is only enhanced through encryption in order to protect from any alteration. However, encryption is pre-eminent in Information Right management in the protection of data and data. Software and Hardware Encryption Encryption is crucial due to escalating attacks of data. And this fact has forced many organizations to strengthen their security measures on the software and hardware components.
DATABASE AND DATA SECURITY13 Both encryptions boost the securityof data and even the entire organization. Furthermore, the two are crucial in the current situation where data terrorism is evolving rapidly. Software Encryption Software Encryption uses the software encrypting tools in protecting data from third- party access. Some of these tools include the Bitlock drivers, Veracrypt, Diskcryptor which are used to encrypt and decryption of data (Harper,& Athanas, 2004).This type of encryption relies on passwords as a way of authentication or the encryption and decryption keys when the data is shared over the internet. The user password which matches the scrambled data stored in a drive will have an access when there is a mismatch, the authentication is denied. The software encryption has the algorithm that scrambles the data for security protection and scrambles back the data into its original form when it is required. Software encryption is cheap. As compared with the hardware encryption, it doesn’t demand any additional components thus makingit easy to implement. Although its software security is cheap, Passwords can be easily cracked and the intruders can easily access the data by cracking the passwords. Furthermore, the software encryption and decryption process slow down the normal operation of the computers. This is applicable mostly to the computers and online platforms where interaction with the system need authentication. Example is the encryption of data shared over the email where the sender and the recipient has the encryption and decryption keys respectively. Hardware Encryption Hardware encryption entails the use of a processor in encryption. The processor has set of instruction which are used in sending request for data .This can be encrypted using cryptography
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
DATABASE AND DATA SECURITY14 techniques or the finger scanners where the authentication process uses fingerprints technology to permit access to critical organizational hardware resources (Cruzado et al., 2011).This method has substituted the use of passwords and the Personal Identification Numbers (PIN). Hardware encryption is considered to be safer compared to software encryption. The authentication process is more advanced and there are rare cases of impersonation. On the other hand, it is said to be more expensive and it is unaffordable for many organizations, unlike the software which is cheap. Example of hardware encryption is the IBM.Hardware encryption is widely used in telecommunication where the encoding and decoding of the signal is necessary.
DATABASE AND DATA SECURITY15 Reference Boukobza, E. (2014).U.S. Patent No. 8,826,370. Washington, DC: U.S. Patent and Trademark Office. Brodersen, K., Rothwein, T. M., Malden, M. S., Chen, M. J., & Annadata, A. (2004).U.S. Patent No. 6,732,100. Washington, DC: U.S. Patent and Trademark Office. Cruzado, E. D., Dalzell, W. J., & Bernier, B. R. (2011).U.S. Patent No. 8,011,005. Washington, DC: U.S. Patent and Trademark Office. Ebrahimi, F., Hassan, W., Singh, S., Kuppuswamy, S., & Chidambaram, K. T. (2012).U.S. Patent No. 8,156,159. Washington, DC: U.S. Patent and Trademark Office. Feistel, H. (2003). Cryptography and computer privacy.Scientific American,228(5), 15-23. Fergusson, I. (2006).U.S. Patent Application No. 10/957,971. Fujiwara, S., Lochowitz, J., & Kehrer, M. (2003).U.S. Patent Application No. 09/816,640. Gopinath, A., Sastry, K. V. S. N., Sethumadhavan, R., & Kizhakkel, S. (2011).U.S. Patent No. 7,917,770. Washington, DC: U.S. Patent and Trademark Office. Greenwood, J. M., & McGrath, M. J. (2001).U.S. Patent No. 6,215,748. Washington, DC: U.S. Patent and Trademark Office. Gumpel, D., & Chaughule, R. D. (2010).U.S. Patent No. 7,836,508. Washington, DC: U.S. Patent and Trademark Office. Gumpel, D., & Chaughule, R. D. (2010).U.S. Patent No. 7,836,508. Washington, DC: U.S. Patent and Trademark Office. Harper, S., & Athanas, P. (2004). A security policy based upon hardware encryption. InSystem Sciences, 2004. Proceedings of the 37th Annual Hawaii International Conference on(pp. 8-pp). IEEE.
DATABASE AND DATA SECURITY16 Hellman, M. E., Diffie, B. W., & Merkle, R. C. (2000).U.S. Patent No. 4,200,770. Washington, DC: U.S. Patent and Trademark Office. Hosseinkhani, R., & Javadi, S. H. H. S. (2012). Using image as cipher key in AES.International Journal of Computer Science Issues (IJCSI),9. Johnson, D. B., Matyas, S. M., Le, A. V., & Wilkins, J. D. (2004). The commercial data masking facility (CDMF) data privacy algorithm.IBM Journal of Research and Development,38(2), 217- 226. Lee, J. H. (2000).U.S. Patent No. 6,034,916. Washington, DC: U.S. Patent and Trademark Office. Ludwig, W., Strunk, O., Westram, R., Richter, L., Meier, H., Yadhukumar, & Förster, W. (2004). ARB: a software for sequence data.Nucleic acids research,32(4), 1363-1371. Mao, W. (2003).Modern Cryptography: theory and practice. Prentice Hall Professional Technical Reference. Merkle, R. C. (2000). Fast software encryption functions. InConference on the Theory and Application of Cryptography(pp. 477-501). Springer, Berlin, Heidelberg. O'flaherty, K. W., Stellwagen Jr, R. G., Walter, T. A., Watts, R. M., Ramsey, D. A., Veldhuisen, A. W., & Ozden, R. K. (2001).U.S. Patent No. 6,253,203. Washington, DC: U.S. Patent and Trademark Office. Pomroy, S. P., Lake, R. R., & Dunn, T. A. (2011).U.S. Patent No. 7,974,942. Washington, DC: U.S. Patent and Trademark Office. Radhakrishnan, R., Kharrazi, M., & Memon, N. (2005). Data masking: A new approach for steganography?Journal of VLSI signal processing systems for signal, image and video technology,41(3), 293-303.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
DATABASE AND DATA SECURITY17 Reaz, M. B., Ibrahim, M. I., Mohd-Yasin, F., Wei, C. S., & Kamada, M. (2007). Single core hardware module to implement encryption in TECB mode.Informacije MIDEM,37(3), 165-171. Rizvi, S. J., & Haritsa, J. R. (2002). Maintaining data privacy in association rule mining. InVLDB'02: Proceedings of the 28th International Conference on Very Large Databases(pp. 682-693). Robling Denning, D. E. (2002).Cryptography and data security. Addison-Wesley Longman Publishing Co., Inc. Rogaway, P., & Coppersmith, D. (2003). A software-optimized encryption algorithm. InInternational Workshop on Fast Software Encryption(pp. 56-63). Springer, Berlin, Heidelberg. Santos, R. J., Bernardino, J., & Vieira, M. (2011). A data masking technique for data warehouses. InProceedings of the 15th Symposium on International Database Engineering & Applications(pp. 61-69). ACM. Sharma, B., & Kumar, P. U. (2017). Privacy Enhanced Data De-Duplication Using RSA and AES for Managing Data into Cloud. Stallings, W. (2003).Cryptography and network security: principles and practice. Pearson Education India. Tang, L. (2007). Methods for encrypting and decrypting MPEG video data efficiently. InProceedings of the fourth ACM international conference on Multimedia(pp. 219-229). ACM. Youn, P., & Wong, D. M. (2013).U.S. Patent No. 8,375,224. Washington, DC: U.S. Patent and Trademark Office.