Database Private Security Jurisprudence: A Case Study using Oracle

Oracle is one of the largest vendors and the best DBMS solution of Object Relational DBMS in the IT world. Oracle Database is one of the three market-leading database technologies, along with Microsoft SQL Server's Database and IBM's DB2. Hence in this paper, we have tried to answer the million-dollar question “What is user’s responsibility to harden the oracle database for its security?” This paper gives practical guidelines for hardening the oracle database, so that attacker will be prevented to get access into the database. The practical lookout for protecting TNS, Accessing Remote Server and Prevention, Accessing Files on Remote Server, Fetching Environment Variables, Privileges and Authorizations, Access Control, writing security policy, Database Encryption, Oracle Data Mask, Standard built in Auditing and Fine Grained Auditing (FGA) is illustrated with SQL syntax and executed with suitable real life examples and its output is tested and verified. This structured method acts as Data Invictus wall for the attacker and protect user’s database.

Database Encryption for Balance Between Performance and Security

In an increasingly digital world, information security is a very recurring theme and a growing concern for companies. This involves the protection of data and confidential or non-confidential information of a company, which transit between all its sectors and between the organization and its stakeholders.

Investigation of User Data Security for Android-based «Signal» Messenger

The article presents the security analysis of locally stored enduser data, as well as the specifics of working with them in the application called “Signal” based on Android OS. The investigated version 5.3.12 was the most recent one up to the time of writing this article. According to a certain scenario, test user data was generated in the application, and then the sources information with critical data was extracted from this data. Using the open-source code available, the mechanisms of the application's operation, including the implementation of protection measures, wit the specified critical data were identified and analyzed. A qualitative assessment of implementing protection mechanisms for locally stored critical data was made to distinguish the data with typical protection measures inherent for any mobile applications, and the one specific for applications of this particular class of messengers. As a result, the flaws were discovered related to the inaccessibility of certain protective mechanisms on specific versions of the Android operating system, which could compromise the user data. As an advantage of the messenger protection, the database encryption module could be specified, which provides strong protection against unauthorized access to information due to the lack of a specific version of the assembly for personal computers. This article also proposes an approach to decrypt messenger databases, which requires either an emulator of an Android-based device, or a real mobile device with a specially developed application

DATABASE SECURITY AND STUDY OF DATA ENCRYPTION METHODS IN CLOUD STORAGE

Purpose of the article is discusses the importance of database encryption and makes an in depth review of various encryption techniques. Security of Data is the most important task in today’s world. Governments, companies and other organizations have lost a lot of money and many others have closed down due to the activities of dubious hackers and attackers. Over the years various encryption schemes have been developed in order to protect the database from various attacks by the intruders. As data is the life wire of every organization, there is the need to remotely and securely store the data generated daily by these organizations in order to enable them recover quickly in the event of attach and hack. Cloud storage is needed here for the remote data storage. For many establishments, data security is one of their major concern when sending their files into the cloud. They worry about their files being seen or even compromised by malicious and dubious people because that’s what happened in the past. Data encryption techniques are required to protect the integrity of the stored data. In the past, many businesses felt comfortable allowing the cloud providers to manage all their data, believing that security risks could be managed through contracts, controls and audits. Over time it has become apparent, however, that cloud providers cannot honor such commitments when responding to government requests for information. This paper discuses, the importance of database encryption and makes an in depth review of various encryption techniques