Data security is the protection of the database from unauthorized users. Only the authorized persons are allowed to access the database. Most of the users are allowed to access a part of database i.e., the data that is related to them or related to their department. Mostly, the DBA or head of department can access all the data in the database. Some users may be permitted only to retrieve data, whereas others are allowed to retrieve as well as to update data. The database access is controlled by the DBA. He creates the-accounts of users and gives rights to access the database. Typically, users or group of users are given usernames protected by passwords. Most of the DBMSs provide the security sub-system, which the DBA uses to create accounts of users and to specify account restrictions. The user enters his/her account number (or user name) and password to access the data from database. For example, if you have an account in the "hotmail.com" (a popular website), then you have to give your correct username and password to access your account of e-mail. Similarly, when you insert your ATM card into the auto teller machine (ATM) in a bank, the machine reads your ID number printed on the card and then asks you to enter your pin code (or password). In this way you can access your account..
Data security actually is an important function of a database management system whether it is centralized or distributed. Data security controls protects the data from unauthorized access and unwanted changes. Data security controls have two major aspects: 1. data protection 2. authorization control Data protections make sure that no any unauthorized person can understand the physical contents of data.
File systems in centralized and distributed operating systems are used to provide this type of security. Mostly used approach for providing this protection is data encryption. Data encryption encodes the data such that nobody can understand the actual data contents.His encryption not only useful to secure the data stored on disks but also for exchanging the information over a network.
This encoded data can be decoded (decrypted) only by than authorized users that know what the code is.Authorization security control ensures that only privileged user can manipulate the data in the way they are allowed to do. The database management system must determine that which users are allowed to perform which functions and which data portion is accessible by them.
Authorization controls are different in a centralized database to the distributed database environment. Authorization control definition in a distributed database system is derived from that in centralized system but in the context of distributed system some additional complexity is also considered.
DBMS provides data security by restricting unauthorized access. When a large database is shared by multiple users, it is possible that all users will not be authorized to access data. For example we consider financial data as confidential and hence only authorized people can access it. This restriction can be in many ways. It is possible that some users are allowed to access read only data while other users can do both things as they can read data as well as update. It means that access to data is controlled. Normally users of database are given account number and password to access the data. These restrictions are automatically enforced by DBMS.
We can control DBMS software by using these controls. DBMS give the guarantee of the data security by enforcing authorization rules. It is also possible that you may loss your data due to many reasons. But DBMS provides backup and recovery method. DBMS allows you to make backup of data and if your data is very important then you must take frequent backups of the data. Backups are used to recover data from failure. These failures may belong to software and hardware.
