Synonyms
Database protection
Definition
Database security is a discipline that seeks to protect data stored into a DBMS from intrusions, improper modifications, theft, and unauthorized disclosures. This is realized through a set of security services, which meet the security requirements of both the system and the data sources. Security services are implemented through particular processes, which are called security mechanisms.
Historical Background
Research in database security has its root in operating system security [6], whereas its developments follow those in DBMSs. Database security has many branches, whose main historical developments are summarized in what follows:
-
Access control. In the 1970s, as part of the research on System R at IBM Almaden Research Center, there was a lot of work on access control for relational DBMSs [2]. About the same time, some early work on Multilevel Secure Database Management Systems (MLS/DBMSs) was reported, whereas much of the development on...
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Recommended Reading
Air Force Studies Board and Committee on Multilevel data management security. Multilevel data management security. Washington, DC: National Academy; 1983.
Bertino E, Sandhu RS. Database security: concepts, approaches, and challenges. IEEE Trans Depend Secure Comput. 2005;2(1):2–19.
Bertino E, Laggieri D, Terzi E. Securing DBMS: characterizing and detecting query flood. In: Proceedings of the 9th Information Security Conference; 2004. p. 195–206.
Brainard J, Juels A, Rivest RL, Szydlo M, Yung M. Fourth-factor authentication: somebody you know. In: Proceedings of the 13th ACM Conference on Computer and Communications Security; 2006.
Carminati B, Ferrari E, Thuraisingham BM. Access control for web data: models and policy languages. Ann Telecommun. 2006;61(3–4):245–66.
Castano S, Fugini MG, Martella G, Samarati P. Database security. Reading: Addison-Wesley; 1995.
Colombo P, Ferrari E. Enforcement of purpose based access control within relational database management systems. IEEE Trans Knowl Data Eng. 2014;26(11):2703–16.
Damiani ML, Bertino E. Access control systems for geo-spatial data and applications. In: Belussi A, Catania B, Clementini E, Ferrari E, editors. Modelling and management of geographical data over distributed architectures. Springer; 2007. p. 189–214.
Ferraiolo DF, Sandhu RS, Gavrila SI, Kuhn DR, Chandramouli R. Proposed NIST standard for role-based access control. ACM Trans Inf Syst Secur. 2001;4(3):224–74.
Ferrari E, Thuraisingham BM. Secure database systems. In: Diaz O, Piattini M, editors. Advanced databases: technology and design. London: Artech House; 2000.
Grandison T, LeFevre K. Hippocratic database. In: Encyclopedia of cryptography and security. 2nd ed. Springer; 2010.
Orso A. SQL injection attacks. Encyclopedia of cryptography and security. Springer; 2011.
Pang H, Tan KL. Verifying completeness of relational query answers from online servers. ACM Trans Inf Syst Secur. 2008;11(2): article no. 5.
Pfleeger CP, Pfleeger SL. Security in computing. 3rd ed. Upper Saddle River: Prentice-Hall; 2002.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Section Editor information
Rights and permissions
Copyright information
© 2018 Springer Science+Business Media, LLC, part of Springer Nature
About this entry
Cite this entry
Ferrari, E. (2018). Database Security. In: Liu, L., Özsu, M.T. (eds) Encyclopedia of Database Systems. Springer, New York, NY. https://doi.org/10.1007/978-1-4614-8265-9_111
Download citation
DOI: https://doi.org/10.1007/978-1-4614-8265-9_111
Published:
Publisher Name: Springer, New York, NY
Print ISBN: 978-1-4614-8266-6
Online ISBN: 978-1-4614-8265-9
eBook Packages: Computer ScienceReference Module Computer Science and Engineering