1) SQL Injection

• SQL injection is a type of code injection technique that might destroy the
databases.
• In this technique the malicious code in SQL statement is placed via web page
input. These statements control a database server behind a web application.
• Attackers can use SQL injection vulnerabilities to bypass application security
measures. They can go around authentication and authorization of a web page
or web application and retrieve the content of the entire SQL database. They can
also use SQL injection to add, modify and delete records in the database.
• An SQL injection vulnerability may affect any website or web application that
uses an SQL database such as MySQL, Oracle, SQL Server or others.
How SQL Injection Works?
• To make an SQL injection attack, an attacker must first find vulnerable user
inputs ad to within the web page or web application. A web page or web
application that has an ses SQL injection vulnerability uses such user input
directly in an SQL query. The attacker can create input content. Such content is
often called a malicious payload and is the key part of the attack. After the
attacker sends this content, malicious SQL commands are executed in the
database.
• SQL is a query language that was designed to manage data stored in relational
Sup databases. You can use it to access, modify and delete data. Many web
applications and websites store all the data in SQL databases. In some cases,
you can also use SQL commands to run operating system commands.
Therefore, a successful SQL Injection attack can have very serious
consequences.
Example of SQL Injection
• Following is an example of SQL injection vulnerability works around a simple
rid web application having two input fields - One for user name and another for
password.
• This example has a table named users with the columns username
and password
uname-request.POST['username']
passwd=request.POST['password']
query="SELECT id FROM users WHERE username='"+ uname +"'
ANDpassword='"+ passwd +"'
database.execute(query)
• Here the two input fields - One for user name and another for password is
vulnerable to SQL injection.
• The attacker can attack using these fields and alter the SQL query to get the
access to the database.
• They could use a trick on password field. They could add
OR 1 = 1
Statement to the password field.
• As a result the query would becomes (assuming username as 'user1' and
password='password')
• SELECT id FROM users WHERE username='user1' AND
password='password' OR 1 = 1
• Because of OR 1 = 1 statement, the WHERE clause returns the first id from
the users table no matter what the username and password are. That means
even-if we enter any wrong username or password still the query will get
executed because of OR 1 = 1 part which comes out to be true.
• The first id is returned by the above query for users table and we know that the
first id is normally administrator. In this way, the attacker not only bypasses
authentication but also gains administrator privileges.
How to prevent SQL injection?
• The only way to prevent SQL injection is to validate every input field.
• Another method is to make use of parameterized query. This parameterized
query is called prepared statement. By this ways, application code never use the
input directly.
• The Web Application Firewalls (WAF) are also used to filter out the SQL.

2)Statistical Database Security

• Statistical databases contain statistical data about various populations.
• A population is a set of tuples of a table that satisfy some selection criteria.
• The statistical database may contain the confidential data about individuals.
For example - The database system about government agencies is a statistical
database. The statistical database security helps in protecting the sensitive
information present in the statistical database from user's access.
• Users are permitted to use some portion of statistical database. He/she can not
have access over the complete database system. For instance - In an employees
database, any user is not permitted to access the information about employee's
salary.
• Statistical aggregate functions such as COUNT, MAX,MIN, AVERAGE and
STANDARD DEVIATION are used in the queries which are called as
statistical queries.
• The possibility of accessing individual information from statistical queries is
reduced by following ways -
• No statistical query is permitted whenever the number of tuples in the
population specified by the selection condition falls below some threshold.
• Prohibit sequence of queries that refer repeatedly to same population of
tuples.
• Partition the database. That means records are stored in groups of some
minimum size. The query can refer to any complete group but never to subsets
of records within a group.

3)Distributed Databases

Definition of distributed databases:

• A distributed database system consists of loosely coupled sites (computer) that
share no physical components and each site is associated a database system.
• The software that maintains and manages the working of distributed databases
is called distributed database management system.
• The database system that runs on each site is independent of each other. Refer
Fig. 5.1.1.

The transactions can access data at one or more sites.

Advantages of distributed database system
(1) There is fast data processing as several sites participate in request
processing. 2.
(2) Reliability and availability of this system is high.
(3) It possess reduced operating cost.
(4) It is easier to expand the system by adding more sites.
(5) It has improved sharing ability and local autonomy.
Disadvantages of distributed database system
(1) The system becomes complex to manage and control.
(2) The security issues must be carefully managed.
(3) The system require deadlock handling during the transaction processing
otherwise the entire system may be in inconsistent state.
(4) There is need of some standardization for processing of distributed database
system.
Difference between distributed DBMS and centralized DBMS

Uses of distributed system:

(1) Often distributed databases are used by organizations that have numerous
offices in different geographical locations. Typically an individual branch is
interacting primarily with the data that pertain to its own operations, with a
much less frequent need for general company data. In such a situation,
distributed systems are useful.
(2) Using distributed system, one can give permissions to single sections of the
overall database, for better internal and external protection.
(3) If we need to add a new location to a business, it is simple to create an
additional node within the database, making distribution highly scalable

Architecture
• Following is an architecture of distributed databases. In this architecture the
local database is maintained by each site.
• Each site is interconnected by communication network.
When user makes a request for particular data at site Si then it is first searched
at the local database. If the data is not present in the local database then the
request for that data is passed to all the other sites via communication network.
Each site then searches for that data at its local database. When data is found at
particular site say Sj then it is transmitted to site Si via communication network.

Data Storage
There are two approaches of storing relation r in distributed database -

(1) Replication: System maintains multiple copies of data, stored in different

sites, for grind faster retrieval and fault tolerance.
(2) Fragmentation: Relation is partitioned into several fragments stored in
distinct sites.

4) Flow Control
• Flow control is a mechanism that regulates the flow of information among
accessible objects.
• A flow between two objects obj1 and obj2 occurs when program reads values
from obj1 and writes values to the object obj2.
• The flow control checks that the information contained in one object should
not get transferred to the less protected object.
• The flow policy specifies the channels along which the information is allowed
to move.
• The simple flow policy specifies two classes of information - Confidential(C)
and non confidential(N). According to flow policy only the information flow
from confidential to non confidential class is not allowed.

Convert Channel
• A covert channel is a type of attack that creates a capability to transfer
information objects between processes that are not supposed to be allowed to
communicate.
• This convert channel violates the security or the policy.
• The convert channel allows information to pass from higher classification
level to lower classification level through improper means.
• The security experts believe that one way to avoid convert channels is for as
programmers to not gain the access to sensitive data.
5) Encryption and Public Key Infrastructures
Cryptology is a technique of encoding and decoding messages, so that they
cannot be understood by anybody except the sender and the intended recipient.
There are various encoding and decoding schemes which are called as
encryption schemes. The sender and recipient of the message decide on an
encoding and decoding scheme and use it for communication.
The process of encoding messages is known as encryption. The sender sends the
original text. The original text called plaintext, The encrypted form of plaintext
it is called as ciphertext. This encrypted text travel through the network. When
it reaches at the receiving computer, the recipient understands the meaning and
decodes the message to extract the correct meaning out of it. This process is
called as decryption.

The sender applies the encryption algorithm and recipient applies the decryption
algorithm. Both the sender and the receiver must agree on this algorithm for any
meaningful communication. The algorithm basically takes one text as input and
produces another as the output. Therefore, the algorithm contains the
intelligence for transforming message.
Types of Cryptography
There are two types encryption schemes based in key used for encryption and
decryption.
1. Symmetric key encryption: It is also known as secret key encryption. In this
method, only one key is used. The same key is shared by sender and receiver for
encryption and decryption of messages. Hence both parties must agree upon the
key before any transmission begins and nobody else should know about it. At
the sender's end, the key is used to change the original message into an encoded
form. At the receiver's end using the same key the encoded message is
decrypted and original message is obtained. Data Encryption Standard (DES)
uses this approach. The problem with this approach is that of key agreement and
distribution.
2. Asymmetric key encryption: It is also known as public key encryption. In
this method, different keys are used. One key is used for encryption and other
key must be used for decryption. No other key can decrypt the message-not
even the original key used for encryption.
One of the two keys is known as public key and the other is the private key.
Suppose there are two users X and Y. The
• X wants to send a message to Y. Then X will convey its public key to Y but
the private key of X will be known to X only.
• Y should know the private key of Y and X should know the Y's public key.