Security of Database
As the importance of database systems increases and their usage grows, it becomes necessary to ensure that the information entrusted to these systems is protected. Institutions, such as banks, hospitals, governments, corporate organizations and even individuals who deal with sensitive information, cannot be expected to consign their secrets to a computer system if they are not absolutely certain of confidentiality.
The security of a database can be thought of as a barrier which prevents unauthorized access of data. Simultaneously, we must also guarantee access to all relevant data to legitimate users. Thus, identification and proper authentication of valid users are two most important aspects of any security enforcing mechanism. When the number of users is small, the security can be enforced by physical recognition of the users by a guard, together with appropriate protection of storage devices against theft or destruction. Even when the number of users is large, physical protection of stored data still remains an important factor. In a multi-user environment, instead of physical recognition of users the usage of passwords, acts as guards. The database schema is yet another object of protection. Since schema declaration defines access rights to different path objects related to the schema as well as privacy locks (or passwords) needed for such access, anyone having access to schema declaration can eventually attain access rights to different data items also. Hence, schema declaration as an object should have the highest level of security and normally would be accessible only to the owner of the database. Some database systems maintain schema declaration in a separate file and use the file to find the access right of users.