Data Confidentiality and Loss Prevention using Virtual Private Database B. Lakshmi 1 , K. Parish Venkata Kumar 2 , A. Shahnaz Banu 3 and K. Anji Reddy 4 1. Asst. Professor, Department of Computer Applications, V.R.S.E.C, V ijayawada-7, Andhra Pradesh, India. itslakshmi.h@gmail.com 2. Asst. Professor, Department of Computer Applications, V.R.S.E.C, Vijayawada -7, Andhra Pradesh, India . parishkumar@yahoo.com 3. Asst. System Engineer, Hindustan Computers Limited, Bangalore, India. Shahnazbanu122@yahoo.in 4. Sr. Lecturer, Department of computer Applications, V.R.S.E.C, Vijayawada-7, Andhra Pradesh, India. kallam2k2@rediffmail.com Abstract - As organizations increase their adoption of database systems as the key data management technology for day-to-day operations and decision making, the security of data managed by these systems becomes crucial. Database systems become more vulnerable to security breaches even as they gain productivity and efficiency advantages. Thus data loss prevention and in particular protection of data from unauthorized accesses remain important goal of any data management system. In this respect, over the years the database security community has developed a number of different techniques and approaches to assure data confidentiality, integrity, and availability. In this paper, we first survey the most relevant concepts underlying the notion of database security and summarize the menaces to databases and different categories of vulnerabilities in database. This paper focused on Virtual private database, allows fine - grained access control down to the tuple level using VIEWS. Virtual private database stops various sensitive data from leaving the corporation’s private confines. We demonstrate the practicality of our techniques by describing how VIEWS can be extended to perform access control to provide Row – Level, Column – Level Security, and Level – Based Security. Index Terms - Data Confidentiality, Virtual Private Database, Menaces to Databases, Granularity and Level – Based Security. 1. INTRODUCTION Like all tangible assets that have to be protected by a company, valuable information stored in its computer system is probably the most precious assets of the company that must be protected. Access control is an integral part of databases and information systems and it is an everyday phenomenon. A lock on a car door is essentially a form of access control. A PIN on an ATM system at a bank is another means of access control. The possession of access control is of prime importance when persons seek to secure important, confidential, or sensitive information and equipment. It is also important to appreciate that data needs to be protected not only from external threats, but also from insider threats. Granularity of access control refers to the size of individual data items which can be accessed by users. All organizations, may suffer heavy losses from both financial and human points of view as a consequence of unauthorized data observation. Incorrect modifications of data, either intentional or unintentional, result in an incorrect database state. Any use of incorrect data may result in heavy losses for the organization. When data is unavailable, information crucial for the proper functioning of the organization is not readily available when needed. Thus a complete solution to data security must meet the following three requirements: 1. Secrecy or Confidentiality: Protection of data against unauthorized disclosure [1], 2. Integrity: Prevention of unauthorized and improper data modification, and 3. Availability: Prevention and recovery from hardware and software errors. These three requirements arise in all application environments. Consider a Health clinic database that stores patient’s information. It is important that sensitive data of individual patient not be released to unauthorized users, that sensitive information be modified only by the users that are properly authorized. Wise decisions are not made without accurate and timely information. At the same time, the integrity of that information depends on the integrity of its source data and the reliable processing of that data. Consequently protecting data from unauthorized and unreliable employees of an organization is one of the major issues. Data protection is ensured by different components of a database management system (DBMS). In particular, an Access Control Mechanism ensures data confidentiality. Whenever an application tries to access a data object, the access control mechanism checks the rights of the user against a set of authorizations, stated usually by some security administrator. Fine – grained access control is the mechanism which checks the used B. Lakshmi et.al / International Journal on Computer Science and Engineering (IJCSE) ISSN : 0975-3397 Vol. 5 No. 03 Mar 2013 143