Securing Database using Public Key Infrastructure A Proposed DB PKI Architecture

Database security concerns the use of a broad range of information security controls to protect databases potentially including the data, the database applications or stored functions, the database systems, the database servers and the associated network links against compromises of their confidentiality, integrity and availability. It involves various types or categories of controls, such as technical, procedural/administrative and physical. To secure information and data against threats such as intrusion or unauthorized access, the Public Key Infrastructure (PKI) has been developed. It realizes basic concept of PKI i.e. PAIN, where P stands for Privacy, A stands for Authentication, I stands for Integrity, N stands for Non-Repudiation A public key infrastructure (PKI) provides the framework of services, technology, protocols, and standards that enable you to deploy and manage a strong and scalable information security system based on public key technology. In our paper we proposed PKI architecture for Database. Based on the type of table access right given to the user certificates are issued to them. The access rights are categorized into three different groups of user. First group of users can execute all the quires including truncate delete etc... Second group can add and modify the database without deleting data and the third and last group can only view the information stored in the database. Simple authority PKI models is used to implement our DB-PKI architecture.