IntroductionChapter 1CHAPTER 1INTRODUCTIONThe importance of databases in modern businesses and governmental institutions is huge and still growing. Many mission critical applications and business processes rely on databases. These databases contain data of different degree of importance and confidentiality, and are accessed by a wide variety of users. Integrity violations for a database can have serious impact on business processes; disclosure of confidential data in some cases has the same effect. Traditional database security provides techniques and strategies to handle such problems with respect to database servers in a non-mobile context.1.1 SECURITY IN MOBILE DATABASEWith the rise in popularity of smartphones has come an increasing need to secure them. Since their introduction mobile phones have becoming increasingly smaller, more powerful with increasing storage capacity and have remained expensive items. With the rise of their popularity so has the need to secure the devices from theft, as well as traditional threats that effect computers such as malware and the need to back and protect the data on the devices.Database security is also a specialty within the broader discipline of computer security.For many businesses applications are going mobile that means using enterprise data in a mobile context, thus using a mobile DBMS. With these new developments the business data of an enterprise can be made available to an even larger number of users and a wider range of applications than before.To work on business data anytime and anywhere is the major goal pursued by developing mobility support in database context. The confidentiality of mission- critical data must be ensured, even though most mobile devices do not provide a secure environment for storage of such data. Security requirements that apply to a central company database should apply similarly and in an appropriate manner to the parts of the database replicated on mobile devices in the field. A mobile database security infrastructure is needed to accomplish this goal. When developing such an infrastructure we can benefit from the results of traditional database security work. But we also need to adapt the existing techniques and strategies to the mobile context, and we need to develop new ones that attack certain issues specific to use of database systems in a mobile environment.1.2 MOBILE DATABASEA mobile database is a database that can be connected to by a mobile computing device over a mobile network. The client and server have wireless connections. A cache is maintained to hold frequent data and transactions so that they are not lost due to connection failure. A database is a structured way to organize information. This could be a list of contacts, price information or distance travelled.The use of laptops, mobiles and PDAs is increasing and likely to increase in the future with more and more applications residing in the mobile systems. While those same analysts cant tell us exactly which applications will be the most popular, it is clear that a large percentage will require the use of a database of some sort. Many applications such as databases would require the ability to download information from an information repository and operate on this information even when out of range or disconnected.An example of this is a mobile workforce. In this scenario user would require to access and update information from files in the home directories on a server or customer records from a database. This type of access and work load generated by such users is different from the traditional workloads seen in clientserver systems of today. With the advent of mobile databases, now users can load up their smart phones or PDAs with mobile databases to exchange mission critical data remotely without worrying about time or distance. Mobile databases let employees enter data on the fly. Information can be synchronized with a server database at a later time.1.3 MOBILE SECURITYWith the rise in popularity of smartphones has come an increasing need to secure them. Since their introduction mobile phones have becoming increasingly smaller, more powerful with increasing storage capacity and have remained expensive items. With the rise of their popularity so has the need to secure the devices from theft, as well as traditional threats that effect computers such as malware and the need to back and protect the data on the devices.A recent report from McAfee titled "2011 Threats Predictions", outlines the companys concerns about the changing threats landscape thanks in part to increases in malware sophistication and targeting and how they relate to seven areas including social media, mobile Apple-related products and applications. Although viruses are a key concern, the actual number of viruses targeting mobile phones in the wild has not been widespread.1.4 DATABASE SECURITYDatabase security is the system, processes, and procedures that protect a database from unintended activity. Unintended activity can be categorized as authenticated misuse, malicious attacks or inadvertent mistakes made by authorized individuals or processes.Traditionally databases have been protected from external connections by firewalls or routers on the network perimeter with the database environment existing on the internal network opposed to being located within a demilitarized zone. Additional network security devices that detect and alert on malicious database protocol traffic include network intrusion detection systems along with host-based intrusion detection systems. Database security is more critical as networks have become more open.Databases provide many layers and types of information security, typically specified in the data dictionary, including: Access control Auditing Authentication Encryption Integrity controls

1.5 NEED FOR MOBILE DATABASE Mobile users must be able to work without a wireless connection due to poor or even non-existent connections. Applications must provide significant interactivity. Applications must be able to access local device/vehicle hardware, such as printers, bar code scanners, or GPS units (for mapping or Automatic Vehicle Location systems). Bandwidth must be conserved (a common requirement on wireless networks that charge per megabyte or data transferred). Users don't require access to truly live data, only recently modified data. Limited life of power supply (battery). The changing topology of network.1.6 AVAILABLE MOBILE DATABASESMobile databases typically involve three parties: fixed hosts, mobile units, and base stations. Fixed hosts perform the transaction and data management functions with the help of database servers. Mobile units are portable computers that move around a geographical region that includes the cellular network (or "cells") that these units use to communicate to base stations. (Note that these networks need not be cellular telephone networks.) Base stations are two-way radios, installations in fixed locations that pass communications with the mobile units to and from the fixed hosts. They are typically low power devices such as mobile phones, portable phones, or wireless routers. When a mobile unit leaves a cell serviced by a particular base station that station transparently transfers the responsibility for the mobile unit's transaction and data support to whichever base station covers the mobile unit's new location. 1.6.1 SYBASE'S SQL ANYWHERE: - SQL Anywhere offers enterprise-caliber databases that scale from 64-bit servers with thousands of users down to small handheld devices. SQL Anywheres data exchange technologies extend information in corporate applications and enterprise systems to databases running in mission-critical frontline environments. Design and management tools within SQL Anywhere enable developers to implement and deploy frontline applications and equip administrators to easily manage and support them. SQL Anywhere Server is a high performing and embeddable relational database management system (RDBMS) that scales from thousands of users in server environments down to desktop and mobile applications used in widely deployed, zero administration environments. Ultralite:- UltraLite is a database management system designed for small footprint mobile devices such as PDAs and smart phones.

Mobilink:- It is a highly-scalable, session-based synchronization technology for exchanging data among relational databases and other non-relational data sources. QAnywhere: It facilitates the development of robust and secure store-and forward mobile messaging applications. SQL Remote: SQL Remote technology is based on a store and forward architecture that allows occasionally connected users to synchronize data between SQL Anywhere databases using a file or message transfer mechanism.1.6.2 IBM DB2 EVERYPLACE (DB2E):-DB2e stores, retrieves, organizes and manages data on a handheld device. The data on the handheld device is synchronized to a server-based relational database management system (RDMS). DB2e is currently available for Palm OS, EPOC, Neutrino, Windows CE and embedded Linux DB2e on the handheld device includes: IBM DB2 Database Engine IBM Sync Query By Example (QBE) DB2e includes a component called Synchronization Server, which: Allows synchronization between DB2e and server database Mobile Device Administration Center Table encryption for version 8.1.1 Java ME Sync Client for cell phones and pagers 1.6.3 MICROSOFT SQL SERVER COMPACT:-Microsoft SQL Server Compact (SSC) is a small footprint embedded database designed for developers who target Microsoft Windows mobile-based devices or desktops. It provides synchronization with Microsoft SQL Server, programming APIs, integrated development experience through Visual Studio and a Management Studio.1.6.4 ORACLE9I LITE:-This is a complete solution for mobile or wireless applications that require the use of a relational database on the mobile client. It includes support for Win32, Windows CE, PalmOS, and EPOC database clients, integration with Oracle's Advanced Queuing (AQ) mechanism, and data and application synchronization software (to enterprise Oracle databases. The Oracle9i Lite relational database is surprisingly powerful. The database supports 100% Java development (through JDBC drivers and the database's native support for embedded SQLJ and Java stored procedures) as well as programming from any development tool that supports ODBC (Visual Basic, C++, Delphi, and so on).

GCT, Jaipur 1

GCT, Jaipur 6