Database Protection by Multilayer User Access

Abstract

The analysis of modern DBMS and developing new method of databases security is described in the article. The analysis allows highlighting the main shortcomings of modern DBMS - poor protection against loss of user access data and the use of discretionary access control mechanism to the management function. Based on analyzing, multilayer approach to the user's access to the functions of the DBMS as the main stage of protection is proposed. The proposed approach help to design the modular system of data base protection. The modular system of information protection divides in 3 layers. Every layer uses crypto-algorithms and hash-functions, which can help creator of database to protect his DB from unpredictable access and make system more flexible and secure. First layer is getting access to the user rights which can give user simple access to read DB information. Second layer is getting access to the redactor rights. This layer requires the input of user information and selection correct hash algorithm. Third layer is getting personal administrator access to the all rights in database. It can be creator access or simple administrator or moderator access. This layer requires availability of personal flash-card or any userselected authentication data which can checked by a DBMS when user make a request to get personal access to all DBMS functions. Additional mechanism is blockchain database validation, which help user to protect integrity of his information. The developed modular database protection system allows users to pay attention to the state of the modern authentication algorithm and adds a contribution to the development of protection of modern DBMS in general.