Database Apart from the two-factor authentication there are

Database security entails the utilization of a broad range
of security information instruments to protect databases include database
servers, network links and stored functions. Ideally, databases are protected
against compromises of confidentiality, availability, and ultimately,
integrity. Breaking down the four database security concepts and the differences
between Transact-SQL statements further aids in ascertaining database security,
especially in a contemporary technological world where attacks are imminent.


Authentication is a process of verifying the identity of a
person/software connecting to an application. One of the simple form of
authentication contains secret password that must be presented when a user
connects to the DBMS system or application. But, passwords are easily
compromised, so more robust schemes are needed for critical data or
applications such as online bank accounts. Most of the applications use
two-factor authentication, in which two independent factors are used to
identify a user and at the same time two factors should not share a common
vulnerability. In most of the two-factor authentication schemes passwords are
used as the first factor and smart cards or other encryption devices are used
as the second factor. Apart from the two-factor authentication there are many
types of authentication methods like biometric authentication which uses
physical characteristic such as , fingerprint, eye iris, or handprint to
authenticate the user, Token-Bases authentication and certificate based


Encryption is a process
in which data is transmitted in the form which cannot be readable or understood
by the other person until unless the reverse process of decryption is applied.
In order to perform encryption we use an encryption algorithms which will use
the encryption key and require a decryption key to perform decryption.
Previously encryption is used for transmitting messages using a secret key
which is known to sender and the intended receiver even if the message is
hacked/intercepted by an attacker, the attacker without knowing the key will
not be able to decrypt and understand the message which was sent. Encryption is
widely used today for protecting data in transit in a variety of application
such as data transfer. Encryption is also used to carry out other tasks such as



Authorization is the next step that is performed after
authentication. A multiuser database system must permit users to selectively
share data while retaining the ability to restrict data access, there must be a
mechanism to provide protection and security, permitting information to be
accessed only by properly authorized users. Further, when tables or restricted
views of tables are created and destroyed dynamically, the granting, checking, and
revocation of authorization to use them must also be dynamic. In current
database management systems the ability to grant authorization to perform
actions on objects resides with a central “database administrator”


Change tracking:

Change tracking is a process where all the information of all
the insert/delete/update activities on database by unauthorized users are
stored in a system. So that authorized users can see what has done to the
database which is useful in protecting the system from the attackers or against

Each DML (insert/delete/update) operations in each table
will tracked by:

The ID columns used in the table

{optional the columns that were updated.

Changes are accumulated and
reported by SQL server.