DATABASE SECURITY

Presented by:
Maryam Asghar - 401
Nurmeen Shahid - 377
Usama Shahbaz - 363
Presented To: Ma’am Maria Tariq Umar Ejaz - 430
OUTLINE

• What is database Security?

• Need of Database Security
• Concepts
• Security Problems
• Security Controls
OVERVIEW
• In today’s world, we need everything secured whether it is
your mobile phone, computer, vehicle or almost anything.

• Securing the DB may be the single biggest action

an organization can take to protect its assets.
David C. Knox
Database:
A database is a collection of information that is organized so
that can easily be accessed, managed and update.

Security:
Freedom from risk or danger: safety.

Database Security:
It is degree to which all data is fully protected from tampering
and unauthorized acts.
WHAT IF?

What if there is no
Security to database?
It is important to restrict
access to the database from
authorized users to protect
sensitive data.

Data will easily corrupted.

DATABASE SECURITY:
• Database security refers to the collective measures used to
protect and secure a database or database management
software from illegitimate use and malicious cyber threats and
attacks.
• Database security procedures are aimed at protecting not just
the data inside the database, but the database management
system and all the applications that access it from intrusion,
misuse of data, and damage.
WE CONSIDER DATABASE SECURITY
ABOUT THE FOLLOWING SITUATIONS:

• Theft and fraudulent.

• Loss of confidentiality or secrecy.
• Loss of data privacy.
• Loss of data integrity.
• Loss of availability of data
 ASPECTS IN DATABASE
There are three main aspects in database:

• Confidentiality or Secrecy
• Integrity Confidentiality Integrity
• Availability

Availability
SECRECY OR CONFIDENTIALITY
• It is protecting the database from unauthorized users.

• Ensure that users are allowed to do things they are trying to do.

Encryption:
• Encryption is a technique or a process by which data is encoded
in such a way that only that authorized user are able to read the
data
INTEGRITY
• Protecting the database from authorized user.

• Ensure that what user are trying to do is allowed or not.

For Example:

• An employee should be able to modify his or her own information.

AVAILABILITY:
• Database must have not unplanned downtime.
• To ensure this, following steps should be taken
• Restrict the amount of the storage space given to each user
In the database
• Limit the number of concurrent sessions made available to
each database user.
• Back up the data at periodic intervals to ensure data
recovery in case of application users.
Security Problems
Any circumstance or event with the potential to adversely
impact and is through unauthorized access ,destruction
,disclosure , modification of data or denial of service.
There are many issues that can arise in database security.

1 2 3 4
Stolen Non
SQL
Database Data Leaks Fraudulent
Injections
Backups Threat
 1 People regularly take backups of their valuable data. Its benefit is that it
Stolen contains a copy of our data, but that is also a big problem .Mostly focus is on
Database securing the data in the database but when it comes to backup ,many starts
Backups to get less concerned. The backups contain same sensitive data and
therefore we have to protect them the same way. Anyone that can get a hold
of a backup file can just restore the database on one of their own servers,
and go about dissecting the sensitive data within it undisturbed.

2 This is a type of attack that hackers use. Hackers identifies

SQL vulnerable, SQL driven websites and inject malicious Sql query
Injections via input data. Malicious SQL query is validated and command is
executed by database. Then the hacker is granted access to view
and alter records or potentially act as database administration.
 3
A Data Leak can involve information leakage, also known as
Data Leaks exfiltration; unauthorized copying or transmission of data, without
affecting the source data. Data leak is the release of sensitive,
confidential or protected data to an untrusted environment. It can
occur as a result of a hacker attack, an inside job by individuals
currently or previously employed by an organization, or
unintentional loss or exposure of data.

4 This might include certain factors ;

Non ● Natural or accidental disasters
Fraudulent ● Human or bug n hardware or software
Threat
● Human errors
SECURITY
CONTROLS
 METHODS OF SECURING THE
DATABASE
 Authorization - privileges, views.

 Encryption - public key / private key,

secure sockets.

 Authentication –passwords.

 Logical - firewalls, net proxies.

 SECURING THE
DATABASE THROUGH
FIREWALL
A FIREWALL is dedicated software on another computer
which inspects network traffic passing through it and
denies passage based on set of rules.

• Basically it is a piece of software that monitors all

traffic that goes from your system to another via the
Internet or network and ViceVersa
 DATABASE FIREWALL
Database Firewalls are a type of Web Application
Firewalls that monitor databases to identify and
protect against database specific attacks.

Purpose:-
It is mostly seek to access sensitive information stored in
the databases.
 SECURITY OF THE DATABASE
THROUGH ABSTRACTION:
• Data encryption enables to encrypt sensitive data, such
as credit card numbers, stored in table columns.

• Encrypted data is decrypted for a database user who has

access to the data.

• Data encryption helps protect data stored on media in

the event that the storage media or data file gets stolen.