You are here: UK Essays » Custom Essays » Computer Data Systems

Free Essays - Essays

Computer Data System

1. Introduction

Due to use of the computers and computer technologies in the 21^st century by all major organizations including the public and private sector, such as banks, libraries, hospitals, avionics, stock trading, military and many more, there needs to be an increased professional expertise and information specialist’s offering more reliability in hardware and software technologies. Furthermore due to the reduction of cost and availability of support tools, this has all contributed to encourage the wide spread use of computer services.

More than ever data will be stored in the database (A collection of permanent data) by computer system, or by the tools and techniques capable of supporting and meeting the application requirements, such are satisfied via employing the DBMS (Database Management System).

It is of the up most importance to develop a security system to protect data and programs from theft, intrusions, modifications and unauthorised disclosures. In this paper I am going to explain the issues related to the security in the database context, I will also go into different techniques being used to protect data especially encryption and decryption for database security as well as the extent to which it is successful or not.

2. Overview

A distributed database system is a database, fragments of which are stored on several independent computers linked through the communication network, means same data resides at different locations, whereas centralized database term is used to explain non-distributed database where data remains in the same computer machine.

There are different aspects of the distributed database are distribution transparency, redundancy control, integrity and security, data model, and etc….Database security has aspect common with computer security in general and has in addition features specific protection of database.

1. Physical security:- Protection of computer hardware/software and relational equipment against fire, flood, etc.. Protection of media like magnetic tap, hard drive, hard copy output, documentation against theft and destruction.
2. Hardware access control:- The operator terminal may be restricted varying degrees of access.
3. Operating System and computer interface:- Feature offer by OS to access the system recourses, data and program files, password, etc…should also protect against the malicious access or destructions by virus transmitted over network.

3. Security Issues and solutions

3.1 Issues or characteristics

In the distributed database, basic security measures imposed on a database have characteristics like, the secrecy, privacy, authenticity and integrity of information, performance, reasonable cost, accessibility and etc... Security means no unauthorised user can access the information, privacy means information only can be used for the particular purpose(s) for which it intended or shared, authenticity means there should be a possible way to verify the authenticity of the data and integrity means data should not be possible to destroy or corrupt.

Current methods of protecting database is not successful in one or more than one characteristics.

3.2 Solutions

A good solution to secure the database requires the three basic and important steps are policy, mechanism and assurance.

Policy means those requirements that are to be implemented within the computer hardware/software system and external entities like physical or personal or procedural controls. This lays down broad goals without specifying how to achieve them. (This is setting the goal without knowing of how to achieve them).

Mechanism is helpful to create solid security or privacy policy to implement the requirement of the policy. It becomes necessity to implement the requirement of the policy. It is so important that mechanism perform the intended function.

Assurance: making sure that mechanism meets all the policy requirements within the high level of assurance. Assurance is directly concerned to the effort required to subvert the mechanism, low assurance mechanism are easy to implement are easy to implement, but it’s also easy to subvert, on the other hand it is hard to implement.

3.3 Cryptography

Let’s have a glance of the history; Cryptography has a long and fascinated history. Kahn’s The codebreakertraces cryptography from its initial and times use by Egyptian somewhat 4000 years ago, to the 20^th century where it played a very important role in the outcome of both world wars. The predominant practitioners of art where those connected to military, the diplomatic services and government in general. Cryptography tool was used a tool to protect the national secret and strategies.

Definition of the Cryptography can be defined as the study of mathematical techniques related to aspect o the information security such as confidentiality, data integrity, entity, authentication and data origin authentication.

Following is the general example: Communication between two individuals where data is private and confidential and the medium is not secure to communicate.

Opponent / Outsider

Plain Text

Decryption D(X)=P

P

Plain Text

P

`

Encryption E(P)=X

Encrypted Msg.

David Craig

[Sender] [Receiver]

[Diagram of a two person communication using encryption]

3.3.1 Algorithms/Techniques of cryptography:

The algorithms are all symmetric and were designed, and used, long before public key cryptography was introduced. These algorithms are outdated now and not really indicative of any modern cryptographic techniques. It is so fascinating and informative to study old algorithms to understand how letter is substitute for other

letter, and changing the orders. One of the earliest examples of a cipher was the Caesar Cipher described by Julius Caesar in the Gallic Wars. Basically in this cipher, alphabet been shifted by three place so X,Y,Z can be read A,B,C…..FDW is CAT

Caesar Ciphers are sometimes referred to as additive ciphers. In order to appreciate why, we have only to assign integer values to the letters in the following way:

Simple Substitution Ciphers

Although having a large number of keys is a necessary requirement for cryptographic security, it is important to stress that having a large number of keys is certainly no guarantee that the cipher system is strong.

For a Simple Substitution Cipher we write the alphabet in a randomly chosen order underneath the alphabet written in strict alphabetical order. An example is given here.

Above example is the way to encrypt and decrypt the message or data only thing you have to do is you have to change the letter exactly below that so if I want to encrypt message HAY it will be SDN(encrypted) message and for the decryption is the reverse procedure.

The number of keys for a Simple Substitution Cipher is equal to the number of ways in which the 26 letters of the alphabet can be arranged. It is called the 26 !.

So they were two traditional example, long time before they have been using it. There are some more like The statistics of the English language, The Playfair Cipher, Homophonic Coding, Polyalphabetic Ciphers, etc….

Following is the example of the super encryption cipher technique.

We want to super-encrypt using a Simple Substitution Cipher and a Transposition Cipher, and then we first encrypt the message using the Simple Substitution Cipher, and then encrypt the resultant cryptogram using the Transposition Cipher. One more time a simple example should clear the situation.

For the Transposition Cipher with key 4 we have:

3.3.2 Advantage of the Cryptography:

1. 1).It eliminates the problem of data disclosure.
2. 2).Data authenticity problem can also be largely solved by encryption
3. 3).Although it is not 100% secure but solid algorithm which stood prolonged analysis can serve as important back up system and a difficult to enter last line of defence for a database.

3.3.3 Partial disadvantage:

1). No cryptographic algorithm can be sure and guaranteed as 100% secure.

At last before we move further on, I would explain some characteristics of the database encryption system.

This DES(Database Encryption System) must be secure either by theoretical or require and extreme hard work to break into database. DES must be fast enough and must not be degrade the performance. Encrypted data volume must not be exceeding than the unencrypted data.

Encipher should be record oriented and doesn’t rely on the structure of the database. The encryption method must support the sublevel schema as well. An encrypted record shouldn’t be a series of individual encrypted field rather than records; this will stop the pattern matching and substitution of encrypted values.

4. Comparison of what we had and what we have now in 50 years:

Within the decade web services created a huge infrastructure of companies and other organizations that can perform very tricky and important computation faster and very cheaper than we could ever do for ourselves, just an example like Google can search faster than we can. We can not stay without them to do high level business.

You can get expert help with your essays right now. Find out more...

How did we get to this situation? In 1958 computer security would have been very difficult to distinguish from the security of the computer itself. They had to guard the computer rooms, operators and users were vetted, and card decks and printouts were locked in safes—all physical or administrative measures. Process confinement, kernelized operating systems, and formally specified programs were all a decade in the future.

Over the past 50 years, both computer security and cryptography have made great strides, and CACM has played an important role in the growth of each.

A great example of art towards the cryptography

Today, public-key cryptography has given birth to a second generation of systems, replacing the modular arithmetic of the first generation with arithmetic on elliptic curves. What will happen over the next half century? Two great challenges loom: True computer, communications, and network security are seen by police and intelligence agencies as an obstacle to the prevention of terrorism.

5. Discussion and Conclusion

The popular security is firewall[Cheswick and Bellovin 1994]. A gateway which stands between the organizations internal network and internet and monitor all the traffic which is unauthorized. We cannot say that firewall is the one to secure the database because once the intruder succeeds to enter in the system firewall is useless to provide further security.

Here we need second level security. According to [Ralph C. Merkle and Martin E. Hellman 1981 acm paper] multiple encryptions have been shown to be less secure than it first appeared.

The weakness came from an ability to separate the key into two halves which did not interact. Conclusion at the end is all bits of the key should come into play repeatedly in a complex fashion as they do in the 56-bit DES and that multiple encryption with any cryptographic system is liable to be very less secure than a system designed originally for the longer key.

Find out how our expert essay writers can help you with your work...

I think we need some more and deep research and implementation in encryption methods, once we get the stage where we able to satisfy all the issues the database will be almost secure (not considering human as 100% honest). Also, there are some deficiencies that we as a programmer need to sort out, is the right way to implement the algorithm and testing as many ways we can.

6. Bibliography

Bibliography means that I have refer while doing web application like, which sites we gone through and which books I have referred or which magazines I have seen to implements this project. There are many books and web sites that can help me in different ways to implement the project and gave me proper guideline to implement my application in the right direction.

Book

Introduction to Database And Knowledgebase System by K. Shenai, S. Krishna

[http://books.google.co.uk/books?id=HPvfYeFaA3oC&pg=

PA254&dq=distributed+database+aspects&sig=

WkUafEYRgVMLIeAm0mDm6yslmiM]

2) Cryptography: A Very Short Introduction

by Fred Piper and Sean Murphy (2002)

[ http://bcs.books24x7.com/viewer.asp?bookid

=4303&chunkid=0851492640(Member of BCS)]

3) Database Security(1994) Silvana Casano, Mariagrazia Fugni, Giancarlo Martella,

Order Now. It takes less than 2 minutes.

1. * Name   
2. * Email   
3. * Phone   

1. * Your essay question 
   (please give as much detail as possible)  

References

A database Encryption System with subkeys by George, David & john [http://delivery.acm.org.ezproxy.bton.ac.uk/10.1145/320000/319580/p312-davida.pdf?key1=319580&key2=1471093021&coll=ACM&dl=ACM&CFID=56310911&CFTOKEN=29072973] accessed on 7^th feb 2008

Handbook of Applied Cryptography, by A. Menezes, P. van Oorschot, and S. Vanstone, CRC Press, 1996. [http://www.cacr.math.uwaterloo.ca/hac/about/chap1.pdf] accessed on 24^th feb 2008

Introduction to database and knowledgebase system By Krishna Shenai, S. Krishna (1994) [http://books.google.com/books?id=KCda7jiUDOQC&pg=PA254&lpg=PA254&dq=distributed+database+aspects&source=web&ots=tiN4Wa_wQ3&sig=N6iY-8r0sr5ozXfBd_WWTISNWQM#PPA208,M1] accessed on 24^th feb 2008

Database security and privacy by Shushil jajodia(1996) [https://portal.acm.org/poplogin.cfm?dl=GUIDE&coll=GUIDE&comp_id=234370&want_href=delivery%2Ecfm%3Fid%3D234370%26type%3Dpdf%26CFID%3D56431907%26CFTOKEN%3D34194956&CFID=56431907&CFTOKEN=34194956] accessed on 24^th feb 2008

Information security: 50 years behind, 50 years ahed by whitfield Diffie(2008) [http://portal.acm.org/citation.cfm?id=1327452.1327478&coll=ACM&dl=ACM&idx=J79&part=magazine&WantType=Magazines&title=Communications%20of%20the%20ACM] accessed on 22^nd feb 2008

All of the essays in the free essays section were written by students and then submitted to us to display and help others. Thanks to all the students who have submitted their essays to us. You should not hand in our essays as your own. We do not condone plagiarism! If you need custom essay help, then have a look at our essay writing services.

Sign up and be the first to receive our latest offers: