Comparison of Different DBMS and Level of Security

DBMS is generally a software that uses standard method to store data. Data can be updated, deleted or Trans versed by using various algorithm. There are different types of databases and each has their own disadvantage and advantages. They include:

1.      Relational database
2.   Network database
3. Object oriented
4. Graph database
5.    Document database.

In relational database the relationship between data is relational and data is stored in a tabular form. In terms of security where the user is given too many privileges without so much supervision and restriction, he or she can tamper with the database by editing data available, adding unnecessary data to the database or modifying the database in an unnecessary way. Another case is where by the user deletes a very important information from a database. For example in a company’s database, the user deletes salary database or changes some crucial information its can cause several problems.

Relational database can also have weak authentication where by the usage of password or other types of security is used e.g. facial or biometrics .an intruder can be able to access the database ending up stealing the company’s crucial information, adding and deleting unnecessary information and even installing a device to keep track of company’s information or adding virus to the database. Weak auditing also is a problem to the relational database. A company requires to perform audit to ensure compliance. If this audits is not performed regularly and in time can cause lots of problems especially to the database .hence making the database more insecure.  Also if there is poor backing up of data can be a major problem since more important data can be lost and if there is no way of recovering the data can lead to mistrust among the employees to the company. A company needs to have backup and a way to recover data incase its lost.

A network database is a type of database model wherein multiple member records or files can be linked to multiple owner files and vice versa. The model can be viewed as an upside-down tree where each member information is the branch linked to the owner, which is the bottom of the tree.

In terms of security, data breach can be one of the security problems where there can be data leak which can be brought by a hacker hence leading to major loss of information. Also when network database is not backed up well can lead to loss of data unless a way of recovering data is introduced. Since there is connection between the two people by a database one loss in this end causes losses in the other end .for example a person can loose his files leading to loss in many databases .for example in a country where by details of citizens have been saved in one database and company’s access their information from the central database, a loss in a file like a CV can lead to various problems since they are all connected.

In network database also, giving people too many privileges can be a problem too. Since a person can access too many things he or she is not supposed to access. For example a worker in cleaning department being able to access salaries of employees in other departments can alter the details contained in that database leading to lots of errors.

Object oriented database

Object oriented database is a database that represents data in form object and classes just like object oriented programming. This is where a developer can develop a product and stores them in terms of object. Often this database are accessed especially through a declarative programming language. Object oriented database I easier to develop since access of data is direct without the need of search instead of relational database where by data is stored in rows and columns.

In terms of security, weak authentication can be a problem in object oriented. For example, inputting the same or easily known passwords can lead to someone leaking the information contained in the website.  When an enemy is able to bypass through your security system can be a problem to the organization since he or she can steal company’s secret data and may lead to company’s fall down. Also, if data is not backed up correctly and no recovery option can be so messy since once data is lost can never be found again. In short database security is where by data is stored in a safe way and nobody is able to access unless he or she is authorized personnel.

Several factors can really affect the functionality of database.

Graph database is a database that stores data in graph manner that means it uses graph theory of roots, nodes, edges and other graph properties. This databases relationship is represented in terms of edges where each edge represents a relationship between one or more nodes .These nodes can be tables. Graph database are part of NoSQL database and was created to eliminate the limitation of relational database. This graph are simple and allows retrieval of data in a quick manner. That means that searching data in this type of database is quicker since you can use breadth first search or depth search to search through this type of databases. These databases are based on non-relational storage engines and store data in form of tables.

Graph databases are used in large companies that require larger amount of data due to its complex but flexible nature. This large scale companies include artificial intelligence, institution, government and so forth.

Relational vs non-relational database

A relational database (RDB) is an aggregate arrangement of numerous informational collections sorted out by tables, records and segments. RDBs set up a well-characterized connection between database tables. Tables impart and share data, which encourages information accessibility, association and detailing. RDBs utilize Structured Query Language (SQL), which is a standard client application that gives a simple programming interface to database association. RDB is gotten from the scientific capacity idea of mapping informational indexes and was created by Edgar F. Codd.

RDBs sort out information in various ways. Each table is known as a connection, which contains at least one information classification segments. Each table record (or line) contains a remarkable information case characterized for a relating section class. At least one information or record attributes identify with one or numerous records to frame useful conditions. These are delegated pursues:

• One to One: One table record identifies with another record in another table.
• One to Many: One table record identifies with numerous records in another table.
• Many to One: More than one table record identifies with another table record.
• Numerous to Many: More than one table record identifies with more than one record in another table.

RDB performs “select”, “undertaking” and “join” database activities, where select is utilized for information recovery, venture distinguishes information characteristics, and join consolidates relations.

RDBs have numerous different favorable circumstances, including:

•                  Easy extendability, as new information might be included without adjusting existing records. This is otherwise called adaptability.
•                  New innovation execution, power and adaptability with different information prerequisite abilities.
•                  Data security, which is basic when information sharing depends on protection. For instance, the board may share certain information benefits and access and square representatives from other information, for example, private compensation or advantage data.

Non-relational

A non-relational database is a database that does not utilize the unthinkable pattern of lines and segments found in most conventional database frameworks. Rather, non-relational databases utilize a capacity model that is enhanced for the particular prerequisites of the sort of information being put away. For instance, information might be put away as straightforward key/esteem sets, as JSON records, or as a chart comprising of edges and vertices.

What these information stores share for all intents and purpose is that they don’t utilize a relational model. Likewise, they will in general be increasingly explicit in the sort of information they backing and how information can be questioned. For instance, time arrangement information stores are upgraded for inquiries after some time based groupings of information, while diagram information stores are enhanced for investigating weighted connections between substances. Neither one of the formats would sum up well to the assignment of overseeing value-based information.

The term NoSQL alludes to information stores that don’t utilize SQL for questions, and rather utilize other programming dialects and develops to inquiry the information. By and by, “NoSQL” signifies “non-relational database,” despite the fact that a large number of these databases do bolster SQL-good questions. Be that as it may, the basic inquiry execution system is typically altogether different from the way a customary RDBMS would execute the equivalent SQL question.

The accompanying segments depict the real classes of non-relational or NoSQL database.

Record information stores

A record information store deals with a lot of named string fields and item information esteems in a substance alluded to as a report. These information stores regularly store information as JSON archives. Each field esteem could be a scalar thing, for example, a number, or a compound component, for example, a rundown or a parent-tyke gathering. The information in the fields of a report can be encoded in an assortment of ways, including XML, YAML, JSON, BSON, or even put away as plain content. The fields inside records are presented to the capacity the board framework, empowering an application to inquiry and channel information by utilizing the qualities in these fields.

Columnar information stores

A columnar or segment family information store sorts out information into segments and lines. In its most straightforward structure, a segment family information store can seem fundamentally the same as a relational database, in any event thoughtfully. The genuine intensity of a section family database lies in its denormalized way to deal with organizing inadequate information, which stems from the segment situated way to deal with putting away information.

You can think about a section family information store as holding unthinkable information with lines and segments, however the segments are partitioned into gatherings known as segment families. Every section family holds a lot of segments that are coherently related and are normally recovered or controlled as a unit. Other information that is gotten to independently can be put away in discrete segment families. Inside a section family, new segments can be included powerfully, and lines can be inadequate (that is, a line doesn’t need an incentive for each segment).

Key/esteem information stores

A key/esteem store is basically a huge hash table. You partner every datum esteem with a one of a kind key, and the key/esteem store utilizes this key to store the information by utilizing a proper hashing capacity. The hashing capacity is chosen to give an even circulation of hashed keys over the information stockpiling.

Comparison between relational database and non-relational database

To store information securely in a database, three major facts, including confidentiality, integrity, and availability which is simply known as CIA, must be provided. The information must be accessible when it is required (availability), however only to authorized systems and individuals (confidential) are able to access, and only those authorized to do so may modify the data (integrity) (Sahatqija et al., 2018)

.

The relational database security comprises integrated elements for examples, encrypted communication, role-based security, field access control and support for row, as well as access control over stored procedures through user-level permissions. Microsoft SQL server and Oracle which are categorised under enterprise relational database (RDBMS) contains ACID properties. ACID stands four main features which includes; Atomicity, Consistency, Isolation and Durability. The properties of ACID help to ensure a reliable processing of database transaction; logging ensure durability, data replication and data integrity. These features comprising database is very costly, mainly license fee and data access speed(Sahatqija et al., 2018)

The availability and scalability are the primary database requirements for social network applications like Facebook and ecommerce sites such as Amazon, which handle extremely large data sets. To be able to distribute data across very large number of servers, many have turned to NoSQL security or non-relational database management. However, NoSQL security is nowhere near as robust as security for relational databases(Dindoliwala and Morena, 2017)

The NoSQL databases have properties like basically available, soft state and eventually consistent, which was eventually known as BASE, so instead of requiring consistency after each transaction, it is enough for the database to be in a consistent state. There is a possibility that simultaneous transactions may interfere with each other because transactions are not written to the database immediately. In a database handling, say, sharing transactions, this inherent race condition, somehow not all users essentially see the identical data simultaneously, is a real risk(Dindoliwala and Morena, 2017)

There is also a lack of confidentiality and integrity qualities of NoSQL databases. Since NoSQL databases lack a schema, it cannot separate permissions on a table, column or row and have little built-in security to keep access to data fast. The documentation for the popular MongoDB reads, and normally in a trusted environment, the MongoDB database can be run in a valid way, without security and authentication. In such configuration, one must be certain that only trusted machines can access TCP ports from the database. The Riak NoSQL database has no authentication or authorization support(Dindoliwala and Morena, 2017).

This means that the application to access data must provide confidentiality and integrity in its entirety. Having the last line of defence at application level for any valuable data is not a sound practice. Application developers are not known for implementing security features, let alone for writing them from scratch. This leaves your data protected only by your firewall (Dindoliwala and Morena, 2017)

References

• Dindoliwala, V.J. and Morena, R.D., 2017. Survey on Security Mechanisms In NoSQL Databases. International Journal of Advanced Research in Computer Science, 8(5).
• Sahatqija, K., Ajdari, J., Zenuni, X., Raufi, B. and Ismaili, F., 2018, May. Comparison between relational and NOSQL databases. In 2018 41st International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO) (pp. 0216-0221). IEEE.
• Gilfillan, I., 2002. Introduction to relational databases. Database Journal, 1(June 24), pp.1-3.
• Ullman, J. D. (1984). Principles of database systems. Galgotia publications.
• Date, C. J. (1977). An introduction to database systems (Vol. 1). Pearson Education India.
• Silberschatz, A., Korth, H. F., & Sudarshan, S. (1997). Database system concepts (Vol. 4). New York: McGraw-Hill.
• Elmasri, R. (2008). Fundamentals of database systems. Pearson Education India.