Database Implementation on Cloud: Security Issues and Recommendations

Verified

Added on 2023/06/04

AI Summary

This report covers the implementation plan of a web-based database management system based on the conceptual schema or the ERD diagram. It also includes information about various security issues related to the project and recommendations for the same.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running head: ASSIGNMENT 2
Assignment 2

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

ASSIGNMENT 2
Table of Contents
Background......................................................................................................................................3
Database Implementation on Cloud.................................................................................................3
Security Issues.................................................................................................................................4
Recommendation.............................................................................................................................5
References........................................................................................................................................6
2

ASSIGNMENT 2
Background
Bruce is the volunteer soccer coach and he has made the conceptual schema of a database to
manage the session and player details so that he can send SMS to his players in different
conditions. The system will also help him to get accurate information about the number of player
coming to different sessions. He has planned to implement a web-based database management
system based on the conceptual schema or the ERD diagram he has.
In this report, the database implementation plan and the security issues related to web-based
database implementation projects have been covered. It also includes information about various
security issues related to the project.
Database Implementation on Cloud
A cloud database refers to a collection of structured and unstructured content stored, managed
and processed on a public, private or hybrid cloud computing infrastructure. There are two
choices for Bruch to implement the web database based on a cloud interface.
 The first option is the traditional cloud model. In that case, there will be a virtual machine
running on the cloud infrastructure of some third party solution like Google Cloud,
Amazon AWS etc. and then Bruch will implement the database on the cloud like a local
database (Quintero, Martins, Moya, Folco, & Redbooks, 2018). The management of the
database will be done by Bruce.
 The second option is the DBaaS or Database as a Service model. This is a process where
application owners like Bruch pay an external service provider to implement, launch, and
maintain a cloud-based database for the purpose of storage, management, and
3

ASSIGNMENT 2
manipulation of data. Bruce will be no control over the database (Antani, 2013). The
vendor will have the control. Bruce will be able to access data, and manipulate the same
as and when he wants, from any location and from any device (Cuppett, 2016). DBaaS
provides similar levels of functionalities for relational and non-relational databases.
This option is useful for Bruce as it will help him to avoid the configuration and
implementation details. He can focus on using the database and running different queries
based on this criteria. There is no need to think about maintenance, upgrading of the
database and so on (Bienko, Greenstein, Holt, Phillips, & Redbooks, 2015).
DBaaS is a subdomain that encompasses PaaS or Platform as a Service, SaaS or Software
as a Service, IaaS or Infrastructure as a Service model. An example of such a platform is
Caspio, Amazon Relational Database Service or RDS etc.
Security Issues
Even though there are benefits of implementing the database over a cloud, there are many
security issues also. The security issues for both of the options have been listed below.
 The safety of data storage is questionable as there is no provision to know the exact
physical locations where the data instances are stored by the cloud service vendor, it also
needs to consider the issues like how those data will be accessed, how users will log in
and report an issue, whether other tenants have direct access to data or not and so on
(Deka, 2014).
 In the case of the DBaaS, the service providers are able to access data of the consumers
as the service providers are liable to provide the management services.
 In the case of DBaaS, external users may have access in an unauthorized way (Malisow,
2017).
4

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

ASSIGNMENT 2
 There are challenges related to the regulatory compliances to run DBaaS solutions online
(Malisow, 2017).
 There may be performer attacks as DOS attacks on the databases (Deka, 2014).
 Attackers may find hidden patterns from data
 There are chances of SQL injection attacks.
 Authorised users may get involved in some data theft incidents.
 Tenants may access data (Bienko et al., 2015).
Before making a choice, Bruce must consider the security issues.
Recommendation
Based on the current requirements of Bruce, that he needs to have lesser hassles to implement the
database on a cloud, he wants a web-based database and he wants a modern technology-based
solution, it is recommended for him to use the DBaaS cloud-based solution. It will help to fulfill
all requirements, there is no need to think about the complications about the configuration and
other technical aspects of the database.
However, security can be an issue with the choice. The security will be controlled by the vendor
rather than the user Bruce. So, the effectiveness of the security implementations for the database
will depend on how well the vendor has implemented the database security.
5

ASSIGNMENT 2
References
Antani, V. (2013). Managing IaaS and DBaaS Clouds with Oracle Enterprise Manager Cloud
Control 12c: Packt Publishing.
Bienko, C. D., Greenstein, M., Holt, S. E., Phillips, R. T., & Redbooks, I. (2015). IBM Cloudant:
Database as a Service Advanced Topics: IBM Redbooks.
Cuppett, M. S. (2016). DevOps, DBAs, and DBaaS: Managing Data Platforms to Support
Continuous Integration: Apress.
Deka, G. C. (2014). Handbook of Research on Securing Cloud-Based Databases with Biometric
Applications: IGI Global.
Malisow, B. (2017). CCSP (ISC)2 Certified Cloud Security Professional Official Study Guide:
Wiley.
Quintero, D., Martins, F., Moya, E. L. C., Folco, R. C. S., & Redbooks, I. (2018). IBM Open
Platform for DBaaS on IBM Power Systems: IBM Redbooks.
6