STRATEGIES AND INNOVATIVE APPROACHES TO DATABASE PROTECTION IN THE AGE OF GROWING CYBER THREATS
DOI:
https://doi.org/10.18372/2225-5036.30.18618Keywords:
database, privacy, integrity, availability, information protection, threat, identity, authentication, authorization, encryption, monitoring, SQL Injection, IDS/IPS, accessAbstract
In today's digital environment, where databases play a critical role in storing and processing important information for various spheres of human activity, protection against cyber threats becomes an extremely urgent task. This accordingly places new demands and responsibilities on organizations. Modern technologies not only facilitate access to data, but also threaten its confidentiality and integrity. The rapid and ever-growing challenges of cyber security require the development of effective strategies and innovative approaches to database protection that ensure the reliability and resilience of databases in the face of ever-increasing cyber-attacks and security breaches. The work deals in detail with the organization of effective protection of information stored in databases. The main methods of information protection in databases are analyzed, in particular data encryption, mechanisms of authentication, access control and monitoring of user activity. Their advantages and disadvantages are defined, as well as the possible consequences for data in case of non-compliance with these protection methods. The article highlights the importance of constant monitoring and analysis of user activity for timely detection and response to possible data security threats in the database system. The importance of a comprehensive approach to protection, which takes into account the specifics of a specific organization and allows to ensure an effective level of data security, is emphasized.
References
E. Bertino and R. Sandhu, "Database security - con-cepts, approaches, and challenges," in IEEE Transac-tions on Dependable and Secure Computing, vol. 2, no. 1, pp. 2-19, Jan.-March 2005, doi: 10.1109/TDSC.2005.
A. Mousa, M. Karabatak and T. Mustafa, "Da-tabase Security Threats and Challenges," 2020 8th In-ternational Symposium on Digital Forensics and Securi-ty (ISDFS), Beirut, Lebanon, 2020, pp. 1-5, doi: 10.1109/ ISD¬FS49300.2020.9116436.
B. Kumar and M. Hamed Said Al Hasani, "Da-tabase security — Risks and control methods," 2016 First IEEE International Conference on Computer Communication and the Internet (ICCCI), Wuhan, China, 2016, pp. 334-340, doi: 10.1109/CCI.2016.7778937.
Олег Дейнека, Олег Гарасимчук. Дослідже-ння проблем класифікації та безпечного зберігання даних // Безпека інформації. 2023. Т. 29, № 2. С. 147-153.
Oleg Deineka, Oleh Harasymchuk. The chal-lenges and strategies of storing large volumes of data in the modern world // Ukrainian Information Security Research Journal // Vol. 25 No. 4 (2023), pp. 197-207.
Ларченко, М. . (2022). Сучасні проблеми криптографічного захисту баз даних. Технічні науки та технології, (3(29), 102-113. doi: 10.25140/2411-5363-2022-3(29)-102-113.
Shmueli, Erez & Vaisenberg, Ronen & Elovici, Yuval & Glezer, Chanan. (2010). Database encryption. ACM SIGMOD Record. 38. 29. doi: 10.1145/1815933. 1815940.
Shcherbinina Ye. Безпека бази даних і ви-вчення методів шифрування даних в хмарному сховищі / Ye. Shcherbinina, B. Martseniuk, A. Filo-nenko // Системи управління, навігації та зв’язку. Збірник наукових праць. Полтава: ПНТУ, 2020. Т. 3 (61). С. 104-106. doi: 10.26906/SUNZ.2020.3.104.
Database Security Standard. Version 1.3// Los Angeles County Information Technology Standards. Developed by: Application Security Engineering Team. Revision Date: 07/11/17.
Security Standard – Database Management System (SS-005). Version 2.0/ Chief Security office. Date: 14/06/23.
E. Burtescu, “Database Security, Attacks and Control Methods”, Journal of Applied Sciences and Technology, pp. 449-453, 2009.
J. Juma, and D. Makupi, “Understanding Da-tabase Security Metrics: A Review”, Mara International Journal of Scientific & Research Publications, vol. 1, no. 1, pp. 40-48, 2017.
В. А. Пєвнєв, “Безпека баз даних: загрози та превентивні заходи”, Сучасні інформаційні сис-теми, т. 2, № 1, С. 69-72, 2018, doi: 10.20998/2522-9052.2018. 1.13.
P. Paul, and P. S. Aithal, “Database Security: An Overview and Analysis of Current Trend”, Interna-tional Journal of Management, Technology, and Social Sciences (IJMTS), vol. 4, no. 2, рр. 53-58, 2019, doi: https://dx.doi. org/10.2139/ssrn.3497728.
R. A. Teimoor, “A Review of Database Secu-rity Concepts, Risks, and Problems'', UHD Journal of Science and Technology, vol. 5, no. 2, pp. 38-46, 2021, doi: 10. 21928/uhdjst.v5n2y2021. pp. 38-46.
A. Mousa, M. Karabatak, and T. Mustafa, “Database Security Threats and Challenges”, in Proc. 8th International Symposium on Digital Forensics and Security (ISDFS), Remote/ Online, 2020, pp. 1-5, doi: 10.1109/IS¬DFS49300.2020.9116436.
Pevnev, V., & Kapchynskyi, S. (2018). Data-base security: threats and preventive measures. Ad-vanced In
formation Systems, 2(1), 69-72. doi:10.20998/2522-9052. 2018.1.13.
Wang, Yong & Xi, Jinsong & Cheng, Tong. (2021). The Overview of Database Security Threats’ Solutions: Traditional and Machine Learning. Journal of Information Security. 12. 34-55. doi:10.4236/jis.2021.121002.
Wang, Y. , Xi, J. and Cheng, T. (2021) The Overview of Database Security Threats’ Solutions: Tra-ditional and Machine Learning. Journal of Information Security, 12, 34-55. doi: 10.4236/jis.2021.121002.
https: // za-kon.rada.gov.ua/laws/show/984_ 008-16#Text.