SecurityArena

Database Security Controls

Cell suppression – It is a technique used to hide specific cells that contain information that could be used in inference attacks.
Partitioning – It involves dividing the database into different parts, which makes it much harder for an unauthorized individual to find connecting pieces of data that can be brought together and other information that can be deduced or uncovered.
Noise and perturbation – It is a technique of inserting bogus information in the hope of misdirecting an attacker or confusing the matter enough that the actual attack will not be fruitful.
Database views – Views permit one group or a specific user to see certain information, while restricting another group from viewing it altogether.
Poly instantiation – This feature enables a relation to contain multiple tuples with the same primary keys with each instance distinguished by a security level.

Content-dependents access control - Looks at the content of a file when it makes an access control decision. This type of access control increases processing overhead, but it provides higher granular control.
Online transaction processing (OLTP) - OLTP is usually used when databases are clustered to provide fault tolerance and higher performance using load balancing. When there is more than one database, it is important that they all contain the same information. OLTP records transactions in a distributed environment as they occur (in real time). It is a two-phase commit service: It will make sure that a transaction is not complete until all databases receive and reflect a change. This complexity of distributed environment can introduce many integrity threats, for which DBMS should implement following features (ACID test):