Control Mechanisms for Robust Data Security
||International Journal of Computer & Organization Trends (IJCOT)||
|© 2014 by IJCOT Journal|
|Volume - 4 Issue - 2
|Year of Publication : 2014|
|Authors : Chandan Kumar Barman , Pankaj Gupta|
|DOI : 10.14445/22492593/IJCOT-V6P310|
Chandan Kumar Barman , Pankaj Gupta. "Control Mechanisms for Robust Data Security", International Journal of Computer & organization Trends (IJCOT), V4(2):42-46 Mar - Apr 2014, ISSN:2249-2593, www.ijcotjournal.org. Published by Seventh Sense Research Group.
Data undoubtedly is at the core of IT value chain in any organization. The evolution of technology responsible for storing, managing and processing data has noticeably taken giant strides in recent times with the inception of technologies like Big Data, In Memory Computing etc. With wide scale business process automation initiatives taken by organizations of different sizes, more and more data are getting generated each passing day. The modern day data handling information systems are quite different from their traditional counterparts where RDBMS was the de-facto standard for data management. Today we need to deal with various structured, semi-structured and unstructured data classes like email, image, video, blogs, documents, live stream, xml/json data file etc. Security on the other hand till recently was considered to be a subject matter of network administrator where the primary goal was to protect the IT infrastructure perimeter. With increased adaptation and dependence on different data classes, data security has gained special interest in IT security landscape. In this paper we have defined different facets of data security vulnerabilities that are common to any data-store or data aware application. Later. we have defined and highlighted various control mechanisms required to be put in place to mitigate these data security vulnerabilities. The three controls namely the procedural control, technical control and physical control as discussed below may be referred and deployed by any organization for robust data security.
 Risk Management Guide for Information Technology Systems, NIST, US Deptt. Of Commerce
 ISO/IEC 27000:2009
 ISACA, 2008, www.isaca.org
National Cyber Security Policy 2013. http://deity.gov.in/content/national-cyber-security-policy-2013-1
PCI-DSS, HIPAA, SOX guidelines.
Security Issues in NoSQL Databases, Lior Okman, Nurit Gal-Oz, Yaron Gonen, Ehud Gudes, Jenny Abramov 2011 International Joint Conference of IEEE TrustCom-11/IEEE ICESS-11/FCST-11.
Database Security: A Historical Perspective, University of Minnesota CS 8701, Fall 2008
Survey on Data Mining Techniques to Enhance Intrusion Detection, Deepthy K Denatious & Anita John 2012 International Conference on Computer Communication and Informatics (ICCCI -2012), Jan. 10 – 12, 2012, Coimbatore, INDIA, 978-1-4577-1583-9/ 12/ © 2012 IEEE
 Introduction to NoSQL w3resource.com
 Storage Infrastructure Behind Facebook Messages, Kannan Muthukkaruppan, Software Engineer, facebook.com Big Data Experiences & Scars, HPTS 2011
Understanding Holistic Database Security, Whitepaper, IBM.COM
Oracle Security Solutions, Oracle.com
Symantac Internet Security Threat Report 2013, Symantec.com
McAfee Real-Time Database Monitoring, Auditing, and Intrusion Prevention
 Mongodb Documentation. MongoDB Documentation Project mongodb.com
The Need for Real-Time Database Monitoring, Auditing and Intrusion Prevention. Analytics.InformationWeek.com
Securing Unstructured Data, Analytics.InformationWeek.com
Data Mining for Intrusion Detection, Department of Computer Science University of Minnesota Tutorial on the Pacific-Asia Conference on Knowledge Discovery in Databases 2003
Data Security, Security Controls, IT Security, Data Governance.