A novel hybrid database security management technique

Since the advent of the internet and the digitization of information, more individuals and organizations have gained access to the internet, leading to a significant expansion in the size of our database systems. These databases are relied upon for day-to-day activities by individuals and organizations. Furthermore, the advancements in technology have increased the vulnerability of database management systems and enforcing adequate database security measures is of paramount importance to individuals and organizations. In this study, we deployed a hybrid approach to database security system that integrates two techniques: dynamic time-warping algorithm and voice recognition methods. The implementation follows Object-Oriented Analysis and Design procedures, utilizing SQL Management Studio 2014 for the backend and ASP.NET C# for the frontend. Our hybrid approach demonstrates enhanced database security compared to previously employed authentication measures.


Introduction
With the increase of internet penetration and improved technological system, databases play a critical role in the storage and management of large volumes of data for various purposes.The contemporary landscape of information management heavily relies on databases, which offer efficient storage and retrieval capabilities.Database security, as defined by [2], encompasses methods, instrument and control designed to protect databases from accidental and deliberate threats.Its primary goals are to ensure data security and uphold trust, being available and the level of integrity in the database [3].A range of techniques is employed to maintain database security, including physical security, network security, access control, biometric authentication, data encryption, auditing, and logging [4].Physical security measures aim to safeguard databases from unauthorized access or theft using tangible methods [5].This involves securing server rooms, implementing access controls in data centres, and deploying security cameras and alarms.In the work of [6], it was proposed that authorized users can efficiently access, input, or analyse data through structured databases, which utilize queries, views, and tables to facilitate information storage and retrieval processes.Traditionally, information and resource security relied heavily on password-based authentication [7].However, this method has inherent vulnerabilities, such as weak passwords prone to attacks and the risk of password reuse across multiple accounts [8].Biometric security, a modern authentication method, utilizes unique physical traits like fingerprints features, facial features recognition features, or iris scans features to verify identity, offering enhanced database security compared to usual passwords [9].
It was opined by [10] the importance of network security in safeguarding databases against unauthorized network access.Measures include using firewalls, intrusion detection systems, and encryption to ensure secure data transmission over networks, preventing interception or modification of data in transit [11].Data encryption further enhances security by encrypting stored data using encryption algorithms, rendering it unreadable to unauthorized individuals [12].Auditing and logging are essential for monitoring and tracing all database activities to identify and prevent security breaches [13].While these techniques have contributed to enhancing database security over the years, they have also demonstrated vulnerability to certain database threats.In order to improve security in database systems, a hybrid approach combining dynamic time-warping and voice recognition authentication systems was developed.

Review of Related Literature
Database security holds immense significance due to the increasing confidence on databases systems for keeping and retrieving large quantity of important database.Databases is very important part in holding information in our day present day digital [14].Security measures in databases encompass various techniques aimed at maintaining the quality, trust, and availability of information [15].In [16], several methods for maintaining database security are proposed, including physical security, network security, password access control, biometric authentication, data encryption, auditing, and logging.While systems that uses password have a long history [17], a comparative analysis can highlight their advantages and disadvantages [18].Despite their simplicity and prevalence, password-based authentication solutions pose security risks and challenges [19].In the research carried out [20], they suggested implementing strong password rules, educating users on password best practices, and potentially adding extra authentication factors to enhance password security.
Password-based authentication relies on secret character strings for identity verification [21].Encryption techniques play a crucial role in protecting data from unauthorized access during storage and transmission [22].Evaluation of encryption techniques for data at rest and in transit, encryption algorithms, and cryptographic protocols is essential [23].In biometric method of authentication, it implores a special personal traits like fingerprints, iris patterns, or facial features for identification [24].Due to the difficulty in forging or replicating biometric features, it offers improved security features [25].Users authenticate themselves using their own biometric data [26], saving time and effort by simply demonstrating their biometric features to establish identity [27].
In [28], a model is proposed for organizations to manage security in database systems.The intrusion detection model provides information to safeguard confidential data vulnerable to unauthorized access [29].

Method Adopted
The system is developed using the C-Sharp Programming Language (C#) and Structural Query Language (SQL) Management Server.This setup operates within the .NET framework and is compatible with Microsoft Visual Studio 2022.Microsoft provides an API that allows developers to incorporate speech recognition features into Windows applications.Speech-to-text conversion is accomplished using the Speech Recognition libraries, while speech synthesis enables access to a text-to-speech conversion engine.Serving as a bridge between the application and the speech recognition/text-to-speech engines, the Speech API (SAPI) facilitates seamless integration.The research methodology employed in this study is the Object-Oriented Analysis and Design Methodology (OOADM) with Prototyping.

Methods of Data Collection
In this work, the research methodology involves gathering information from a variety of sources, such as academic papers, internet websites, and articles, all focused on securing databases using a voice recognition system (VRS).This approach aims to offer users comprehensive insights into protecting themselves from potential threats, leveraging knowledge and findings from diverse credible sources.Natural Language Processing (NLP): Processes and understands user commands more deeply, allowing the system to interpret and act on complex instructions and queries.

Variables:
 : Set of audio samples. : Set of text transcripts corresponding to the audio samples. : Set of hypotheses generated by the voice recognition system. (|): Probability of a hypothesis given the audio. (|): Probability of audio given a hypothesis. (): Prior probability of a hypothesis. (): Prior probability of audio data. (|): Probability of text transcripts given a hypothesis.

Equations
Bayes' Theorem: (|) = ((|) * ()) / () This theorem showed above indicts the probability of a hypothesis given the audio data is computed using the probability of audio given the hypothesis, the prior probability of the hypothesis, and the prior probability of audio data.

Hypothesis Generation: 𝐻 = 𝑓(𝐴)
This equation represents the process by which hypotheses are generated from the audio data using the voice recognition system.The function () represents the system's internal processes.

Text Transcript Probability: 𝑃(𝑇|𝐻) = 𝑔(𝐻)
This equation defines how the probability of text transcripts is computed given the hypotheses generated by the system.The function () captures the mapping between hypotheses and text transcripts.

Normalization Constraint: ∑ 𝐻𝑃(𝐻|𝐴) = 1
Probabilities of all available hypotheses given the audio data must sum to 1, ensuring that one of the hypotheses is correct.
Non-Negativity Constraint: (|) ≥ 0 The probability of any hypothesis given the audio data should be non-negative.

Consistency Constraint: 𝑃(𝑇|𝐻) ≥ 0
The probability of text transcripts given a hypothesis should also be non-negative.

Program Module Specification
 The User Authentication Module: This module acts as the primary gatekeeper for the system, tasked with verifying user identities.It combines traditional username and password verification with voice recognition technology, allowing for secure system access. Voice Enrolment Module: In this module, users have the opportunity to enrol their voice patterns during the registration process.It captures and stores voice samples in the system's database, creating voice pattern templates for future comparisons. Database Management Module: Central to the system, this module handles a variety of database operations including user data, voice templates, and audit logs.It accepts database queries and requests as inputs, providing data retrieval, updates, and logging as outputs, ensuring data integrity and accessibility. Voice Recognition Module: At the core of the voice authentication process, this module performs voice pattern matching using the Dynamic Time Warping (DTW) algorithm.It compares captured voice patterns with enrolled voice templates, generating DTW similarity scores and authentication results to determine if a user's voice pattern matches the enrolled template. User Interface Module: This module offers user-friendly interfaces for administrators and end-users alike.It manages user interactions and commands, presenting interface elements and providing feedback to enhance the user experience. Integration Interface Module: Facilitating integration with external systems and services through APIs, this module processes integration requests and data.It enables data exchange and interaction with external systems, expanding the system's capabilities

System Implementation
The System Implementation phase signifies the transition from conceptual design to a functional Examination Verification System.This phase involves several critical components and steps: User Management Module: Developed to handle user registration, login, profile management, and access control.
Data Processing Module: Central to processing acquired biometric data and comparing it with stored data.This includes implementing biometric matching algorithms and setting matching thresholds for accurate user identity verification.
Voice and Verification Module: Responsible for the final steps of identity verification based on biometric data matching.This module is crucial for system security and must be fortified against potential threats.
User Interface (UI): Developed to interact effectively with users, including login screens, registration forms, and user dashboards.The UI design prioritizes user-friendliness and accessibility for a seamless user experience.

In Program Development Stage:
 Software Components: this is designed with precision and expertise by skilled developers utilizing the C-Sharp (C#) programming language within the .NET framework Core components include the user authentication module, voice recognition system, database management, access control, and audit logging. Database Implementation: The database structure, previously designed, is implemented using a Structured Query Language (SQL) Management Server.This ensures optimal storage and management of user data, access control policies, and security policies. Algorithm Integration: In this section, the merging of the voice patterns recorded and the sample of the voice sample collected are integrated by the Dynamic Time Warping algorithm.This requires developing voice processing and DTW calculation components to ensure effective functioning of the system's core security feature.

System Requirements
The database security system with voice recognition has specific requirements to ensure its effective and secure operation.These requirements cover various aspects, including hardware, software, security, and user experience.Here are the key system requirements:

Hardware Requirements
Microphone, audio input devices and user devices Software Requirements: Operating system, database management system, speech recognition engine and speech synthesis engine: Development Tools

Choice of Programming Environment
The selection of a programming language plays a pivotal role in shaping the development and performance of a system.In this context, Microsoft Visual Studio 2022 stands out as the designated integrated development environment (IDE).Its tight integration with the .NET framework, which serves as a fundamental component of the system, simplifies development tasks and guarantees compatibility.Notably, the inclusion of speech recognition and synthesis tools within Visual Studio enhances the system's voice recognition capabilities.These tools enable accurate processing of voice patterns and secure storage, thereby enhancing the system's efficiency and dependability.

Result Evaluation Performance
The table below with the performance metrics shows the evaluation performance of the system. Where

Discussion of Results
The output of the performance evaluation metrics shows how effective and efficient database security system is.
Accuracy: Across different scenarios, accuracy values range from 0.6 to 0.8, indicating a moderate to high level of correctness in authentication predictions.Higher accuracy values observed in Scenarios 1, 3, and 5 (0.8) suggest robust performance in correctly classifying both positive and negative authentication cases.This indicates a strong overall ability of the system to accurately authenticate users based on their voice patterns.
Precision: This detects the accuracy of positive indices displayed by the system, particularly relevant for minimizing false positives.Precision values range from 0.6 to 0.88 across scenarios, with Scenario 5 demonstrating the highest precision value of 0.88.This suggests that the system excels in accurately predicting positive authentication cases, crucial for maintaining security by avoiding unauthorized access.
Sensitivity (Recall): Sensitivity evaluates the system's power to predict positive authentication cases, crucial for minimizing false negatives.Sensitivity values range from 0.714 to 0.8 across scenarios, with Scenario 1 exhibiting the highest sensitivity value of 0.8.This indicates that the system effectively identifies positive authentication cases without missing them, ensuring a high level of security by preventing legitimate users from being falsely rejected.
Overall, the results suggest that the database security system incorporating dynamic time-warping voice recognition demonstrates promising performance in authentication.The system exhibits strong accuracy, precision, and sensitivity values across various scenarios, indicating its effectiveness in reliably authenticating users based on their voice patterns.These results are encouraging and suggest that the system could be a valuable tool for enhancing the security of database access through advanced authentication mechanisms.However, further testing and refinement may be necessary to address any potential limitations and optimize the system's performance for real-world deployment.

Summary
This work addresses the pressing need for enhanced database security by introducing a dynamic time-warping voice recognition database security system.Traditional username and password authentication methods have long been vulnerable to security risks.In order to manage these drawbacks, the project integrates voice recognition as an additional layer of authentication, promoting multi-factor authentication, data privacy, and seamless integration with existing login processes.Leveraging the Object-Oriented Analysis and Design Methodology with prototyping, the system utilizes C-Sharp (C#) and SQL Management Server on the .NET framework, alongside Microsoft's Speech Recognition engine for voice recognition.
The research methodology draws from a wide array of secondary sources, including papers, internet websites, and articles, to provide a comprehensive overview of the subject matter.System analysis highlights the limitations of traditional authentication methods, emphasizing the vulnerabilities associated with passwords.The work incorporates best practices, inspired by prior research efforts exploring the use of One-Time Passwords (OTPs) to bolster security.Additionally, the project introduces a mathematical model for dynamic time-warping voice recognition to match captured voices with enrolled voice templates.
System specifications encompass database development tools, data types, and field descriptions, ensuring that the system is constructed with security and usability in focus.The research project also introduces control centers, submenus, and subsystems, underlining the importance of a user-friendly interface.Mathematical specifications outline the technical intricacies of the DTW model, and dynamic time-warping calculations are detailed to elucidate how voice recognition is achieved.

Conclusion
In conclusion, this work presents a compelling solution to persistent challenges in database security by introducing a robust database security system deploying a hybrid security system of dynamic time-warping algorithm and voice recognition authentication mechanism.Traditional username and password authentication methods have demonstrated vulnerability to security risks, emphasizing the necessity for innovative approaches.Integrating dynamic time-warping algorithm and voice recognition authentication mechanism offers a multi-factor authentication system that significantly enhances security, data integrity, and user experience in accessing sensitive information.Through an in-depth exploration of existing research, the work identifies the limitations of traditional authentication methods, underscoring the critical need for improved security measures.Building upon prior research on One-Time Passwords (OTPs), the system incorporates best practices to enhance security and reliability.

Figure 1
Figure 1 System Architecture Design A voice recognition authentication system comprises several critical components that seamlessly work together to enable efficient voice-based interactions.The central components within this system include:  Microphone: This captures the user's voice, serving as the entry point for voice commands and queries. Speaker: On the receiving end, the speaker provides voice output or responses to the user, ensuring effective communication. Audio Capture & Preprocessing: This segment includes essential functions such as: o Noise Reduction: Filters out background noise to enhance audio quality, enabling the system to focus on the user's voice.o Voice Activity Detection: Identifies when the user is speaking, activating the system to respond promptly.o Echo Cancellation: Removes unwanted echo from the audio, resulting in clearer voice communication. Speech Recognition: This is the core functionality of the system, involving several components: o Feature Extraction: Extracts relevant acoustic features from the voice input, laying the groundwork for understanding spoken words.o Acoustic Model: Matches extracted features with known speech patterns, accurately converting voice input into text.o Language Model and Grammar: These elements help the system understand the context and language used in voice commands, ensuring appropriate comprehension and responses. Voice Commands: This segment relates to the system's ability to respond effectively, including: Text-to-Speech (TTS) Converter: Converts recognized text into spoken responses, enabling audible communication with the user.

Figure 2
Figure 2 Activity Diagram

Table 1
Evaluation Metrics for the System's Performance Bar Chart Showing the System Metric for Performance Evaluation