Database Security

Download as docx, pdf, or txt
Download as docx, pdf, or txt
You are on page 1of 21
At a glance
Powered by AI
The key takeaways are that databases need to be secured from various attacks through proper authentication, authorization, auditing and encryption techniques.

Some common database attacks discussed are bypassing authentication, using default passwords, privilege escalation and password guessing through brute force.

Some database security techniques discussed are access control, user identification/authentication, accountability and auditing, and encryption.

DATABASE SECURITY

ATTACKS
&
CONTROL METHODS
ABSTRACT

In today's world, data is generated at a very rapid speed and final destination of such data is database.
Data is stored in database for easy and efficient way to manage these data. All the operations of data
manipulation and maintenance are done using Database Management System. Considering the
importance of data in organization, it is absolutely essential to secure the data present in the database.
A secure database is the one which is reciprocated from different possible database attacks. Security
models are required to develop for databases. These models are different in many aspects as they are
dealing with different issues of the database security. They may different also because of they are
taking different assumptions about what constitutes a secure database. So, it becomes very difficult
for database security seekers to select appropriate model for securing their database. In this paper,
we have discussed some of the attacks that can be possible with its counter measures and its control
methods that can be possible. Securing database is important approach for the planning of explicit
and directive-based database security requirements. Ensuring security for database is very critical
issues for the companies. As complexity of database increases, we may tend to have more complex
security issues of database.

Security has become one of the important challenges that people are facing all over the world in every
aspect of their lives likewise security in electronic world has a great significance. Present day global
business environment presents numerous security threats and compliance challenges. To protect
against data thefts and frauds, we require security solutions that are transparent by design. Data is
most important in today’s world as it helps organizations as well as individuals to extract information
and use it to make various decisions. Data are generally stored in database so that retrieving and
maintaining it becomes easy and manageable. In this paper, concise review of major threats in
database security, database security techniques along with their usage is presented and security policy
also that should be enforced to reduce and eliminate the security threats.
1. INTRODUCTION

A database can be defined as a collection of data that is saved on a computer system’s hard drive.
Databases allow any authorized user to access, enter and analyse data quickly and easily. It’s a
collection of queries, tables and views. The data stored in the databases are usually organised to
model aspects that support processes that require information storage and retrieval. Major chunk of
data is stored in the repository called database. The user interface for databases is called a database
management system. DBMS are a software application that interacts with the authorised user, other
applications and the database itself to capture and analyse data. It helps to organize data for better
performance and faster retrieval by maintaining indices or indexes.

DBMS performs the function of concurrency control. DBMS also performs data recovery operations
of database. Now a day’s Enterprises need databases to store any type of data needed, because of the
speed and affordable cost database is popular among the enterprises. Advantage of using the database
is it automates different procedures, saving resources and man hours. For example, instead of
manually verifying transactions, users can rely on computer reports stored in the database. Instead of
entering warehouse or retail stock information manually, Hand held scanners can be used to save
information in the database. A database can provide efficiency and speed in the modern workplace.

Next question for any organization is “Is Data secured using database?” Security in today’s world is
one of the important and challenging tasks that people are facing all over the world in every aspect
of their lives. Databases are complex and many database security professionals do not have full
understanding of risk and security issues related to different databases. According to many IT experts
and DBA’s, many enterprise DBA’s are not aware of which databases, tables and columns contain
sensitive data because they are either handling legacy applications or there are no records or
documentation of the data models. Even with full knowledge of the database assets databases are
harder to secure because there are unique implementation and procedure for databases. We can say
that database security is the use of a wide range of data security controls to protect databases against
any attacks (internal or external), against compromises of database confidentiality, integrity and
availability. The security involves different types of controls like technical, administrative and
physical controls. Similarly, security in electronic world has a great significance. Protecting the
confidential/sensitive data stored in a repository is actually the database security. There are various
security layers in a database. These layers are: database administrator system administrator, security
officer, developers and employee and security can be breached at any of these layers by an attacker.
1.1 UNDERSTANDING SOME DATABASE ARCHITECTURES

A. Oracle DBMS

An Oracle Database consists of at least one database instance and one database. The database instance
handles memory and processes. The database consists of physical files called data files, and can be a
non-container database or a multitenant container database. An Oracle Database also uses several
database systems files during its operation.

A single-instance database architecture consists of one database instance and one database. A one-
to-one relationship exists between the database and the database instance. Multiple single-instance
databases can be installed on the same server machine. There are separate database instances for each
database. This configuration is useful to run different versions of Oracle Database on the same
machine.

An Oracle Real Application Clusters (Oracle RAC) database architecture consists of multiple
instances that run on separate server machines. All of them share the same database. The cluster of
server machines appear as a single server on one end, and end users and applications on the other
end. This configuration is designed for high availability, scalability, and high-end performance.

The listener is a database server process. It receives client requests, establishes a connection to the
database instance, and then hands over the client connection to the server process. The listener can
run locally on the database server or run remotely. Typical Oracle RAC environments are run
remotely.
B. SQL Server
SQL Server is a relational database management system, or RDBMS, developed and marketed by
Microsoft.

Similar to other RDBMS software, SQL Server is built on top of SQL, a standard programming
language for interacting with the relational databases. SQL server is tied to Transact-SQL, or T-
SQL, the Microsoft’s implementation of SQL that adds a set of proprietary programming
constructs.

SQL Server works exclusively on Windows environment for more than 20 years. In 2016,
Microsoft made it available on Linux. SQL Server 2017 became generally available in October
2016 that ran on both Windows and Linux.

SQL Server consists of two main components:


1.Database Engine
2.SQLOS
Database Engine
The core component of the SQL Server is the Database Engine. The Database Engine consists of a
relational engine that processes queries and a storage engine that manages database files, pages,
pages, index, etc. The database objects such as stored procedures, views, and triggers are also created
and executed by the Database Engine.
Relational Engine
The Relational Engine contains the components that determine the best way to execute a query. The
relational engine is also known as the query processor.
The relational engine requests data from the storage engine based on the input query and processed
the results.
Some tasks of the relational engine include querying processing, memory management, thread and
task management, buffer management, and distributed query processing.
Storage Engine
The storage engine is in charge of storage and retrieval of data from the storage systems such as disks
and SAN.
SQL-OS
Under the relational engine and storage engine is the SQL Server Operating System or SQLOS.
SQLOS provides many operating system services such as memory and I/O management. Other
services include exception handling and synchronization services.

C. Mongo DB
MongoDB is a cross-platform document-oriented database program. Classified as a NoSQL database
program, MongoDB uses JSON-like documents with schema. MongoDB is developed by MongoDB
Inc. and licensed under the Server-Side Public License (SSPL).
The MongoDB Data Platform

To build modern apps, developers need to be able to work with data wherever it lives – in both the
client and in the data layer at the backend, with fine-grained access controls, seamless
synchronization and reactive event-handling as data moves between each layer of the stack.

Data Layer

The MongoDB Server is a general purpose OLTP database designed to serve operational and real-
time analytics workloads.

Application Development

The MongoDB Realm and Stitch Platform helps you build better full stack apps faster. It offers
easily configurable rules for accessing data and services directly from your application frontend,
along with serverless functions to execute application logic. You can automatically sync data
between the client and backend data layer. Through integrations with your code repositories you can
develop locally and then seamlessly deploy version-controlled application updates to test and
production.

Client-Side Database

the MongoDB Realm Database is used by over 100,000 developers and has been installed over 2
billion times, offering a fast, easy-to-use, alternative to SQLite and Core Data. With support for
complex queries, safe threading, a reactive architecture to create responsive and fluent UIs,
encryption, and cross-platform support, developers can simplify their code and build powerful and
engaging experiences on more devices.
2. DATABASE THREATS

Databases today are facing different kind of attacks. Before describing the techniques to secure
databases, it is preferable to describe the attacks which can be performed on the databases. The major
attacks on databases can be categorized as shown in Figure- Database Threats. These attacks are
further elaborated in the following sections.

2.1 Excessive privileges


Privileges of database can be abused in many ways. User may abuse privilege for unauthorized
purpose. Privilege abuse comes in different flavours: Excessive privilege abuse, legitimate privileges
abuse and unused privilege abuse. This type of threat is most dangerous because authorized users are
doing misuse of data. These privileges can be abused and creates unnecessary risk.

Granting excessive permissions is problematic for two reasons. About 80% of the attacks on company
data are actually executed by employees or ex-employees. Granting too many privileges or not
revoking those privileges in time makes it unnecessarily simple for them to execute their wrongdoing.
Some of these actions might even be executed inadvertently or without the perception of those actions
being illegal.

Abuse of legitimate privileges can be considered database vulnerability, if the malicious user misuses
their database access privileges.

Countermeasures of Privilege Abuse include

1. Access Control policy: Do not grant unnecessary privileges to the user.

2. Legitimate privilege abuse can be stop by a providing good audit trail.


2.2 SQL Injections

Database systems are used for the backend functionality. User supplied data as input is often
used to dynamically build SQL statements that affect directly to the databases. Input injection
is an attack that is aimed at subverting the original intent of the application by submitting
attacker –supplied SQL statements directly to the backend database. There are two types of
input injection:

1. SQL Injection
2. NoSQL Injection.

SQL Injection: Targets the tradition database system. It attacks usually involve injecting
unauthorized statements into the input fields of applications.
NoSQL Injection: Targets big data platforms. This type involves inserting malicious
statements into big data components like Hive, MapReduce.

In SQL and NoSQL successful input injection attack can give attacker unrestricted access to
an entire database.

Countermeasures of Input Injection


1. Use Stored Procedure instead of implementing direct queries.
2. Implementing MVC Architecture.

2.3 Malware
Cybercriminals, state-sponsored hackers, and spies use advanced attacks that blend multiple
tactics – such as spear phishing emails and malware – to penetrate organizations and steal
sensitive data. Unaware that malware has infected their device; legitimate users become a
conduit for these groups to access your networks and sensitive data.

Countermeasures of Malware
Enable firewall protection and Install Antivirus.

2.4 Weak Audit Trail

Weak audit policy and technology represent risks in terms of compliance, deterrence,
detection, forensics and recovery.
Automated recording of database transactions involving sensitive data should be part of any
database deployment. Failure to collect detailed audit records of database activity represents
a serious organizational risk on many levels. Organizations with weak database audit
mechanisms will increasingly find that they are at odds with industry and government
regulatory requirements. Most audit mechanisms have no awareness of who the end user is
because all activity is associated with the web application account name. Reporting, visibility,
and forensic analysis are hampered because there is no link to the responsible user. Finally,
users with administrative access to the database, either legitimately or maliciously obtained,
can turn off native database auditing to hide fraudulent activity. Audit capabilities and
responsibilities should ideally be separate from both database administrators and the database
server platform to ensure strong separation of duties policies.

Countermeasures of Weak Audit Trail

Network-based audit appliances are a good solution. Such appliances should have no impact on
database performance, operate independently of all users and offer granular data collection.

2.5 Backup Exposure


Backup storage media is often completely unprotected from attack. As a result, numerous
security breaches have involved the theft of database backup disks and tapes. Furthermore,
failure to audit and monitor the activities of administrators who have low-level access to
sensitive information can put your data at risk. Taking the appropriate measures to protect
backup copies of sensitive data and monitor your most highly privileged users is not only a data
security best practice, but also mandated by many regulations.

Countermeasures of Backup Exposure

Encrypt Databases: Store data in Encrypted form as this allows you to secure both production
and backup copies of databases, then audit the activity of and control access to sensitive data
from users who access databases at the operating system and storage tiers. By leveraging
database auditing along with encryption, organizations can monitor and control users both inside
and outside of the database.

2.6 Weak Authentication


Weak authentication schemes allow attackers to assume the identity of legitimate database users.
Specific attack strategies include brute force attacks, social engineering, and so on.
Implementation of passwords or two-factor authentication is a must. For scalability and ease-of
use, authentication mechanisms should be integrated with enterprise directory/user management
infrastructures.
2.7 DB Vulnerabilities and Misconfiguration
It is common to find vulnerable and un-patched databases, or discover databases that still have
default accounts and configuration parameters. Attackers know how to exploit these
vulnerabilities to launch attacks against your organization. Unfortunately, organizations often
struggle to stay on top of maintaining database configurations even when patches are available.
Typical issues include high workloads and mounting backlogs for the associated database
administrators, complex and time-consuming requirements for testing patches, and the challenge
of finding a maintenance window to take down and work on what is often classified as a
business-critical system. The net result is that it generally takes organizations months to patch
databases, during which time they remain vulnerable.

Countermeasures of Misconfigured Databases

No default accounts should be there. Accounts must be created using fresh username and
password.

2.8 Unmanaged Sensitive Data


Many companies struggle to maintain an accurate inventory of their databases and the critical
data objects contained within them. Forgotten databases may contain sensitive information, and
new databases can emerge – e.g., in application testing environments – without visibility to the
security team. Sensitive data in these databases will be exposed to threats if the required controls
and Permissions are not implemented.

Countermeasures of unmanaged Sensitive Data

1. Encrypt Sensitive data in Database.

2. Apply required controls and Permissions to the database.

2.9 Denial of Service


Denial of Service is a general attack category in which access to network applications or data is
denied to intend user.

Countermeasures of Denial of Service

1. Harden the TCP/IP stack by applying the appropriate registry settings to increase the size of
the TCP connection queue, decrease the connection establishment period, and employ dynamic
backlog mechanisms to ensure that the connection queue is never exhausted.

2. Use a network Intrusion Detection System (IDS) because these can automatically detect and
respond to SYN attacks.
2.10 Limited Security Expertise and Education
Non-technical security is also playing an important role. Internal security controls are not
keeping pace with data growth and many organizations are ill-equipped to deal with a security
breach. Often this is due to the lack of expertise required to implement security controls, enforce
policies, or conduct incident response processes.

Countermeasures of Limited Security and Education

1. User Education and awareness

2. Cultivate Experience Security profession.


3. OVERVIEW ON DATABASE BREACHES

 Over 14,717,618,286 data breaches have been done since 2013.


 3,353,178,708 records were compromised in the first half of 2018.
 86% of all breaches in 2018 occurred in North America out of which 45.9 % data were
stolen from business sector.

Distribution of data breaches in the US in 2018 by sector

TOTAL
45.9

29.2
10.9

Total
8

6
BUSINESS FINANCIAL GOVT./MILITARY MEDICAL/ OTHERS
HEALTHCARE
3.1 Top Database Breaches Timeline

Company Name- AOL (America Online)


Year- 2004
Impact- 92 million accounts
Data Screen names of account holders, Email ID, ZIP Codes, Addresses, Card
Compromised- Type
Overview- The engineer, Jason Smathers, 24, of Harpers Ferry, W. Va., and the on-line
marketer, Sean Dunaway, 21, of Las Vegas, Nev., were charged with conspiracy
and face prison terms of up to five years and fines of up to $250,000 if convicted,
said David N. Kelley, the United States attorney for the Southern District of
New York. Mr. Smathers, who has since been fired, used his computer skills
and his inside knowledge of AOL to gain access to the customer list in the spring
of 2003, then sold it to Mr. Dunaway, the United States attorney said. Mr.
Dunaway used the list to promote his own gambling enterprise, then sold the list
in turn to other spammers

Company Name- Yahoo


Year- 2013-17
Impact- All 3 billion accounts
Data Screen names of account holders, DOB, Email ID, Phone No., Addresses,
Compromised- Security questions answers
Overview- Hackers used manufactured web cookies to falsify login credentials, allowing
hackers to gain access to any account without a password.

On March 15, 2017, the FBI officially charged the 2014 breach to four men,
including two that work for Russia's Federal Security Service (FSB). They were
charged with nine counts of hacking, and in May 2018 sentenced to 5 years in
prison and ordered to pay US$2.25 million and restitution to his victims.

Company Name- eBay


Year- 2014
Impact- 145 million accounts
Data Screen names of account holders, DOB, Email ID, Phone No., passwords.
Compromised-
Overview- The attack allegedly occurred at some point between late February and late
march, with login credentials obtained from a small number of employees.

Syrian electronic army hacked eBay successfully and had full access to its
servers for 229 days.
Company Name- LinkedIn
Year- 2015
Impact- 80 million company records
Data Compromised- Email ID, passwords.

Overview- Russian cyber criminals calling themselves “Peace” stole 117 million email
and password combinations of LinkedIn Users and began selling them on
dark web.

They started off stealing 6.5 million encrypted passwords and posting them
on a Russian hacker forum. 90% of these passwords were cracked within
72 hours.

Company Name- Uber


Year- 2016
Impact- 57 million driver accounts
Data Compromised- 25.6 million driver name and email id, 22.1 million driver name and
phone number, 607,000 driver license information.
Overview- The breach occurred when two hackers obtained login credentials to access
data stored on Uber’s Amazon Web Services account.

Attackers obtained credentials to access Uber’s cloud servers and


downloaded 16 large files containing driver’s information. The firm paid
hackers $100,000 to delete and keep quiet.

Company Name- Marriot International


Year- 2014-18
Impact- 500 million accounts
Data Compromised- Name, address, phone numbers, passport numbers, email id, loyalty
card information, DOB, gender, flight information of guests, card
details.
Overview- As of September 2018, there were 9.1 million unique payment card details
were extracted from Marriot’s Database out of which approximately
385,000 were still in use.

Unauthorized access to the database accessed guest information relating to


reservations at Starwood properties on or before September 10, 2018.
Company Name- Cathay Pacific Airlines
Year- 2018
Impact- 9.4 million accounts
Data Compromised- Name, passport numbers, Email ID, Travel information history,
Nationalities, DOB, Address.
Overview- Cathay Pacific was subject to further attacks, which were at, most intense
in March, April and May but continued thereafter. These ongoing attacks
meant that internal and external IT security resources had to remain focused
on containment and prevention.

Company Name- Facebook


Year- 2018
Impact- 50 million accounts
Data Compromised- Facebook user profile data, users’ preferences and interests.

Overview- The attackers exploited a vulnerability in the code of Facebook’s “View


As”. This allowed them to steal Facebook access tokens, which they could
then use to take over people’s accounts.
4. CONTROL METHODS FOR DATABASE THREATS

To remove the security threats every organization must consists a security policy which should be
implemented for sure. In security policy authentication plays a vital role because if authentication is
proper than there is less chances of threats. Different users have different access rights on different
database objects. Access Control Mechanisms deal with managing the access rights. It is the basic
technique to protect the data objects in the databases and is supported by most of the DBMS. Figure-
control methods, gives the overview of the control methods used for database security.

4.1. Access Control

Access control is one of the fundamental services that any Data Management System should provide.
Its protected data from unauthorized read and write operations. Access control define make sure that
all communication to the database and other system objects are strictly follow the policies. Errors
can be as major which can create problem in firm’s operation. Through controlling access rights may
also help in reducing the risks that may precisely impact the security of the database on the main
servers. For instance, if any table is deleted or access is modified accidently the results can be roll
backed or for specific files, but through applying the access control their deletion can restrict. Access
Control systems include:

1. File permissions - create, read, edit or delete on a file server.


2. Program permissions - right to execute a program on an application server.
3. Data rights - right to retrieve or update information in a database.
4.2. Inference Policy

It is very essential to protect data at specific level. It can be applied when analysis of particular data
in the form of facts are required to be prevented at a certain higher security level. It helps to
determines how to protect information from being released.

The aim of the inference control is to avoid indirect disclosure of information. Generally, there are
three ways to unauthorized data disclosure:

1. Correlated data -Typical channel when visible data X are semantically related with invisible data
Y.
2. Missing Data-Result of query contains NULL values that mask sensitive data. Existence of that
data may by detect that way.
3. Statistical Inference-Typical for databases that provide statistical information about entities.

4.3. User Identification /Authentication

A basic security requirement is that you must know your users. You must identify them before you
can determine their privileges and access rights, and so that you can audit their actions upon the data.
User can be authenticated in many ways before they are allowed to create database. Database
authentication includes both identification and authentication of users. External authentication can
be performed by the operating system or network service. Also, the user authentication can be defined
by Secure Socket Layer (SSL), through enterprise roles, through middle tier server authentication
also known as proxy authentication.

This is the very basic requirement to ensure security since the identification process defines a set of
people that are allowed to access data. To ensure security, the identity is authenticated and it keeps
the sensitive data secure and from being modified by unauthorized user. Attacker can take different
approaches like bypass authentication, Default Password, privilege escalation, Password Guessing
by brute force and rainbow attack when they attempt to compromise user identification and
authentication.

4.4. Accountability and auditing

Auditing is the monitoring and recording of configured database actions, from both database users
and non-database users. Accounting is the process of maintaining an audit trail for user actions on
the system. Accountability and audit checks are needed to ensure physical integrity of the data which
requires defined access to the databases and that is handled through auditing and for keeping the
records.
If a user has managed to authenticate successfully and tries to access a resource, both successful
and unsuccessful attempts should be monitored by the system, and access attempts and their status
should appear in the audit trail files.
4.5. Encryption

Encryption is the process of converting information into a cipher or a code so that it cannot be
readable to all other people except those who hold a key for the cipher text. The cipher text or encoded
text is called as encrypted data.

There are two states for data protection in database. Data may exist either At Rest – data may be
stored in a database or in backend tape or At Transit – Data travelling across the network which
dictates different encryption solutions for the data in transit. Data encryption can solve some of the
issues related to data At Rest. For Data at Transit needs leverage solutions such as SSL/TLS.
5. CONCLUSION

Databases form the backbone of many applications today. Data to any organization is most valuable
property. Security of sensitive data is always a big challenge for an organization at any level. They
are the primary form of storage for many organizations. In today’s technological world, database is
vulnerable to hosts of attacks hence the attacks on databases are also increasing as they are very
dangerous form of attack. They reveal key or important data to the attacker. Various attacks on
databases are discussed in this paper.

To summarize, access protection begins with who can access data and what type of data attackers
want to access. There is a lot of scope to improve the techniques used for database security.
According to the survey 84% companies feel that database security is adequate. 73% of companies
that predict database attach will increasing day by day. 48% of attackers are authorized users. 48%
of users have done misuse of their privileges. This research will lead to more concrete solution for
database security issue
REFERENCES

1. https://docs.oracle.com
2. https://mongodb.com/collateral/mongodb-architecture-guide
3. https://hostingtribunal.com/blog/biggest-data-breach-statistics/
4. Database security by Trisha Patel, CMPICA.
5. Comparative study of attacks on databases by Dr. A.V. Haastrup.

You might also like