STRATEGIES AND INNOVATIVE APPROACHES TO DATABASE PROTECTION IN THE AGE OF GROWING CYBER THREATS

Authors

DOI:

https://doi.org/10.18372/2225-5036.30.18618

Keywords:

database, privacy, integrity, availability, information protection, threat, identity, authentication, authorization, encryption, monitoring, SQL Injection, IDS/IPS, access

Abstract

In today's digital environment, where databases play a critical role in storing and processing important information for various spheres of human activity, protection against cyber threats becomes an extremely urgent task. This accordingly places new demands and responsibilities on organizations. Modern technologies not only facilitate access to data, but also threaten its confidentiality and integrity. The rapid and ever-growing challenges of cyber security require the development of effective strategies and innovative approaches to database protection that ensure the reliability and resilience of databases in the face of ever-increasing cyber-attacks and security breaches. The work deals in detail with the organization of effective protection of information stored in databases. The main methods of information protection in databases are analyzed, in particular data encryption, mechanisms of authentication, access control and monitoring of user activity. Their advantages and disadvantages are defined, as well as the possible consequences for data in case of non-compliance with these protection methods. The article highlights the importance of constant monitoring and analysis of user activity for timely detection and response to possible data security threats in the database system. The importance of a comprehensive approach to protection, which takes into account the specifics of a specific organization and allows to ensure an effective level of data security, is emphasized.

References

E. Bertino and R. Sandhu, "Database security - con-cepts, approaches, and challenges," in IEEE Transac-tions on Dependable and Secure Computing, vol. 2, no. 1, pp. 2-19, Jan.-March 2005, doi: 10.1109/TDSC.2005.

A. Mousa, M. Karabatak and T. Mustafa, "Da-tabase Security Threats and Challenges," 2020 8th In-ternational Symposium on Digital Forensics and Securi-ty (ISDFS), Beirut, Lebanon, 2020, pp. 1-5, doi: 10.1109/ ISD¬FS49300.2020.9116436.

B. Kumar and M. Hamed Said Al Hasani, "Da-tabase security — Risks and control methods," 2016 First IEEE International Conference on Computer Communication and the Internet (ICCCI), Wuhan, China, 2016, pp. 334-340, doi: 10.1109/CCI.2016.7778937.

Олег Дейнека, Олег Гарасимчук. Дослідже-ння проблем класифікації та безпечного зберігання даних // Безпека інформації. 2023. Т. 29, № 2. С. 147-153.

Oleg Deineka, Oleh Harasymchuk. The chal-lenges and strategies of storing large volumes of data in the modern world // Ukrainian Information Security Research Journal // Vol. 25 No. 4 (2023), pp. 197-207.

Ларченко, М. . (2022). Сучасні проблеми криптографічного захисту баз даних. Технічні науки та технології, (3(29), 102-113. doi: 10.25140/2411-5363-2022-3(29)-102-113.

Shmueli, Erez & Vaisenberg, Ronen & Elovici, Yuval & Glezer, Chanan. (2010). Database encryption. ACM SIGMOD Record. 38. 29. doi: 10.1145/1815933. 1815940.

Shcherbinina Ye. Безпека бази даних і ви-вчення методів шифрування даних в хмарному сховищі / Ye. Shcherbinina, B. Martseniuk, A. Filo-nenko // Системи управління, навігації та зв’язку. Збірник наукових праць. Полтава: ПНТУ, 2020. Т. 3 (61). С. 104-106. doi: 10.26906/SUNZ.2020.3.104.

Database Security Standard. Version 1.3// Los Angeles County Information Technology Standards. Developed by: Application Security Engineering Team. Revision Date: 07/11/17.

Security Standard – Database Management System (SS-005). Version 2.0/ Chief Security office. Date: 14/06/23.

E. Burtescu, “Database Security, Attacks and Control Methods”, Journal of Applied Sciences and Technology, pp. 449-453, 2009.

J. Juma, and D. Makupi, “Understanding Da-tabase Security Metrics: A Review”, Mara International Journal of Scientific & Research Publications, vol. 1, no. 1, pp. 40-48, 2017.

В. А. Пєвнєв, “Безпека баз даних: загрози та превентивні заходи”, Сучасні інформаційні сис-теми, т. 2, № 1, С. 69-72, 2018, doi: 10.20998/2522-9052.2018. 1.13.

P. Paul, and P. S. Aithal, “Database Security: An Overview and Analysis of Current Trend”, Interna-tional Journal of Management, Technology, and Social Sciences (IJMTS), vol. 4, no. 2, рр. 53-58, 2019, doi: https://dx.doi. org/10.2139/ssrn.3497728.

R. A. Teimoor, “A Review of Database Secu-rity Concepts, Risks, and Problems'', UHD Journal of Science and Technology, vol. 5, no. 2, pp. 38-46, 2021, doi: 10. 21928/uhdjst.v5n2y2021. pp. 38-46.

A. Mousa, M. Karabatak, and T. Mustafa, “Database Security Threats and Challenges”, in Proc. 8th International Symposium on Digital Forensics and Security (ISDFS), Remote/ Online, 2020, pp. 1-5, doi: 10.1109/IS¬DFS49300.2020.9116436.

Pevnev, V., & Kapchynskyi, S. (2018). Data-base security: threats and preventive measures. Ad-vanced In

formation Systems, 2(1), 69-72. doi:10.20998/2522-9052. 2018.1.13.

Wang, Yong & Xi, Jinsong & Cheng, Tong. (2021). The Overview of Database Security Threats’ Solutions: Traditional and Machine Learning. Journal of Information Security. 12. 34-55. doi:10.4236/jis.2021.121002.

Wang, Y. , Xi, J. and Cheng, T. (2021) The Overview of Database Security Threats’ Solutions: Tra-ditional and Machine Learning. Journal of Information Security, 12, 34-55. doi: 10.4236/jis.2021.121002.

https: // za-kon.rada.gov.ua/laws/show/984_ 008-16#Text.

Downloads

Published

2024-05-15

How to Cite

Harasymchuk, O., & Buzhovych, O. (2024). STRATEGIES AND INNOVATIVE APPROACHES TO DATABASE PROTECTION IN THE AGE OF GROWING CYBER THREATS. Ukrainian Scientific Journal of Information Security, 30(1), 166–178. https://doi.org/10.18372/2225-5036.30.18618

Issue

Vol. 30 No. 1 (2024): Ukrainian Scientific Journal of Information Security

Section

Privacy & Protection from Identity Theft

License

The scientific journal "Ukrainian Scientific Journal of Information Security" adheres to the principles of open science and provides free, free and permanent access to all published materials. The goal of the policy is to increase the visibility, citation and impact of the results of scientific research in the field of information security. The journal works according to the principles of Open Access and does not charge a fee for access to published articles.

All articles are published in Open Access under the Creative Commons Attribution 4.0 International (CC BY 4.0) license.

Copyright

Authors who publish their works in the journal Ukrainian Scientific Journal of Information Security:

  • retain the copyright to their publications;

  • grant the journal the right of first publication of the article;

  • agree to the distribution of their materials under the CC BY 4.0 license;

  • have the right to reuse, archive, and distribute their works (including in institutional and subject repositories), provided that proper reference is made to the original publication in the journal.