Editing Database (section)

==Security==
{{Contradicts other|date=March 2013|1=Database security}}
{{Main|Database security}}

[[Database security]] deals with all various aspects of protecting the database content, its owners, and its users. It ranges from protection from intentional unauthorized database uses to unintentional database accesses by unauthorized entities (e.g., a person or a computer program).

Database access control deals with controlling who (a person or a certain computer program) are allowed to access what information in the database. The information may comprise specific database objects (e.g., record types, specific records, data structures), certain computations over certain objects (e.g., query types, or specific queries), or using specific access paths to the former (e.g., using specific indexes or other data structures to access information). Database access controls are set by special authorized (by the database owner) personnel that uses dedicated protected security DBMS interfaces.

This may be managed directly on an individual basis, or by the assignment of individuals and [[Privilege (Computing)|privileges]] to groups, or (in the most elaborate models) through the assignment of individuals and groups to roles which are then granted entitlements. Data security prevents unauthorized users from viewing or updating the database. Using passwords, users are allowed access to the entire database or subsets of it called "subschemas". For example, an employee database can contain all the data about an individual employee, but one group of users may be authorized to view only payroll data, while others are allowed access to only work history and medical data. If the DBMS provides a way to interactively enter and update the database, as well as interrogate it, this capability allows for managing personal databases.

[[Data security]] in general deals with protecting specific chunks of data, both physically (i.e., from corruption, or destruction, or removal; e.g., see [[physical security]]), or the interpretation of them, or parts of them to meaningful information (e.g., by looking at the strings of bits that they comprise, concluding specific valid credit-card numbers; e.g., see [[data encryption]]).

Change and access logging records who accessed which attributes, what was changed, and when it was changed. Logging services allow for a forensic [[database audit]] later by keeping a record of access occurrences and changes. Sometimes application-level code is used to record changes rather than leaving this in the database. Monitoring can be set up to attempt to detect security breaches. Therefore, organizations must take database security seriously because of the many benefits it provides. Organizations will be safeguarded from security breaches and hacking activities like firewall intrusion, virus spread, and ransom ware. This helps in protecting the company's essential information, which cannot be shared with outsiders at any cause.<ref>{{Cite book |title=Continuous auditing : theory and application |date=2018 |author1=David Y. Chan |author2=Victoria Chiu |author3=Miklos A. Vasarhelyi |isbn=978-1-78743-413-4 |edition=1st |location=Bingley, UK |oclc=1029759767 |publisher=Emerald Publishing }}</ref>