Database security : threats and security issue

Database Security means keeping sensitive information safe and prevent the
loss of data. Security of data base is controlled by Database Administrator
(DBA).
The following are the main control measures are used to provide security of
data in databases:

Here are explained as following below.

 Database threats_ SQL Injection is a common web
application security vulnerability that
1. allows attackers to interfere with the queries that an application
makes to its database. It occurs when user-provided input is
improperly sanitized or validated, enabling malicious SQL code to be
executed.
2. **Weak authentication in DBMS** refers to inadequate or poorly
implemented methods of verifying users before granting access to the
database. This includes using weak passwords, default credentials, or
lacking additional security measures like multi-factor authentication,
making the system vulnerable to unauthorized access and attacks.
3. Access Control :
Access control in DBMS threats refers to mechanisms used to restrict
and manage who can view or modify data in the database. Poor or
misconfigured access control can lead to unauthorized users gaining
access to sensitive information or performing unauthorized actions,
posing a risk to data security and integrity.
4. Inference Control :
This method is known as the countermeasures to statistical database
security problem. It is used to prevent the user from completing any
inference channel. This method protect sensitive information from
indirect disclosure.
Inferences are of two types, identity disclosure or attribute
disclosure.
5. Flow Control :
Flow control in DBMS threats refers to mechanisms that manage how
information moves between different users, processes, or parts of a
database to prevent unauthorized access or data leakage. If flow
control is weak or improperly implemented, sensitive data can flow to
unauthorized users or applications, leading to breaches or misuse of
information.
6. Database Security applying Statistical Method :
Applying statistical methods in DBMS threats involves using data
analysis techniques to identify, prevent, and mitigate security risks.
 These methods help in monitoring database activities, detecting
anomalies, and predicting potential threats.
7. Encryption :
This method is mainly used to protect sensitive data (such as credit
card numbers, OTP numbers) and other sensitive numbers. The data
is encoded using some encoding algorithms.
An unauthorized user who tries to access this encoded data will face
difficulty in decoding it, but authorized users are given decoding keys
to decode data.
8. Denial of Service (DoS) in Data ThreatsA Denial of Service (DoS)
attack is a malicious attempt to disrupt the normal functioning of a
system, server, or network, rendering it unavailable to legitimate
users. In the context of databases, DoS attacks specifically target the
database server to overwhelm it, deplete its resources, or exploit
vulnerabilities to cause unavailability or significant degradation of
service.
9. Misconfigured firewall and network settings in the context of
database security refer to incorrect or insecure configurations that
leave the database system vulnerable to attacks or unauthorized
access. Firewalls and network settings are critical in controlling the
flow of traffic to and from the database, and when misconfigured,
they can expose the system to various threats.
10. Unmonitored activity in DBMS threats refers to database actions
or operations that are not being actively tracked or logged. This lack
of monitoring can allow malicious or unauthorized activities, such as
data breaches, unauthorized access, or improper modifications, to go
undetected, increasing the risk of security incidents.
11.Backup in DBMS threats refers to the risks associated with the
backup and recovery processes of a database. If backups are not
properly secured, managed, or maintained, they can become a target
for attackers or lead to data loss, corruption, or unauthorized access.

Firewalls in Database SecurityA firewall is a security device or

software that monitors and controls incoming and outgoing network
traffic based on security rules. In the context of a Database
Management System (DBMS), firewalls act as a barrier between the
 database server and potential attackers, helping to prevent
unauthorized access.
Firewall Roles in DBMS
Blocking Unauthorized AccessFirewalls restrict access to the
database server by filtering network traffic, only allowing authorized
users or trusted IP addresses to connect
Limiting Database Exposure
By blocking unnecessary ports or protocols, firewalls prevent
attackers from gaining access to the database through open network
ports
Protecting Against Network-Based Attacks
Firewalls help prevent various network-based attacks, such as SQL
injection, Distributed Denial of Service (DDoS), and port scanning,
which could target the database.
Layered Security
Firewalls provide an additional layer of security, complementing other
database security measures like access control, encryption, and
authentication.
Common Firewall Issues for DatabasesMisconfigured Rules:
Incorrect firewall settings may leave database ports open to external
traffic or fail to block unauthorized IP addresses.
Overly Permissive Settings: Firewalls that allow too many
connections or lack proper monitoring may expose the database to
attacks.
Lack of Logging and Monitoring: If firewall logs are not monitored,
suspicious activities or breach attempts may go unnoticed.
Firewalls and database recovery
Firewalls and database recovery are two critical aspects of IT
infrastructure and cybersecurity. Here's a brief overview of each:

---
*Firewalls**
A firewall is a security system designed to monitor and control
incoming and outgoing network traffic. It acts as a barrier between
trusted internal networks and untrusted external networks (e.g., the
internet).
#### **Types of Firewalls**
1. **Packet-Filtering Firewalls**: Examine packets based on
predefined rules (e.g., IP addresses, ports).
2. **Stateful Inspection Firewalls**: Track the state of active
connections and make decisions based on context.
3. **Proxy Firewalls**: Act as intermediaries between clients and
servers, adding a layer of isolation.
4. **Next-Generation Firewalls (NGFWs)**: Include advanced
features like deep packet inspection (DPI), intrusion prevention, and
application-layer filtering.
5. **Cloud-Based Firewalls**: Provide firewall functionality as a
service for cloud environments.

#### **Importance of Firewalls**

- Block unauthorized access.
- Filter harmful content and prevent malware.
- Protect sensitive data by enforcing access control policies.
- Help in compliance with industry standards.

### **Database Recovery**

Database recovery involves restoring a database to a consistent state
after data loss, corruption, or system failure. It ensures business
continuity and minimizes downtime.

#### **Types of Failures**

1. **Hardware Failures**: Disk crashes, power outages.
2. **Software Failures**: Bugs, misconfigurations.
3. **Human Errors**: Accidental deletion or updates.
4. **Disasters**: Natural calamities like floods, earthquakes.

#### **Recovery Mechanisms**

1. **Backups**
- **Full Backup**: A complete copy of the database.
 - **Incremental Backup**: Captures changes since the last backup.
- **Differential Backup**: Captures changes since the last full
backup.

2. **Transaction Logs**
- Record all changes to the database for replay during recovery.

3. **Replication**
- Maintain a real-time copy of the database on a secondary server.

4. **Point-in-Time Recovery (PITR)**

- Restore the database to a specific moment using backups and
logs.

5. **Snapshot Recovery**
- Use storage snapshots for quick restoration.

**Connection Between Firewalls and Database Recovery**

- **Firewalls Protect Databases**: They prevent unauthorized
access, reducing the likelihood of attacks that may lead to data
corruption or loss.
- **Database Recovery After Breaches**: In case of a cyberattack or
failure, recovery mechanisms ensure that critical data is restored with
minimal impact.

Techniques of database security

Distributed database
A **distributed database** is a collection of
databases spread across multiple physical
locations that appear to users as a single,
unified database. These locations could be
within the same data center, across different
cities, or even globally distributed. Each node
in the distributed database system may store
part of the database and participate in the
processing of queries and transactions.

### Key Characteristics

1. **Data Distribution**
: Data is stored on multiple nodes,
which may be geographically dispersed.
2. **Transparency**
 The system hides the complexity of the
distribution from users (e.g., data
location, fragmentation).
3. **Scalability**:
The system can handle increased loads
by adding more nodes.
4. **Fault Tolerance**: The system continues
to operate even if some nodes fail.
5. **Concurrency**: Multiple users can access
the database simultaneously without
interference.

### Types of Distributed Databases

1. **Homogeneous Distributed Databases**:
- All nodes use the same database
management system (DBMS).
- Easier to manage but less flexible.
2. **Heterogeneous Distributed Databases**:
- Nodes use different DBMSs.
- More flexible but harder to manage due
to compatibility issues.

### Data Distribution Strategies

1. **Replication**: Copies of the same data
are stored on multiple nodes to improve
availability and fault tolerance.
2. **Fragmentation**:
- **Horizontal Fragmentation**: Rows are
distributed across nodes.
- **Vertical Fragmentation**: Columns are
distributed across nodes.
3. **Hybrid**: Combines replication and
fragmentation.

### Advantages
- **Reliability**: Data is available even if
some nodes fail.
- **Scalability**: Can grow by adding more
nodes.
- **Performance**: Queries can be processed
locally on distributed nodes, reducing
latency.
- **Flexibility**: Data can be stored closer to
where it is needed (e.g., near users).

### Challenges
- **Data Consistency**: Ensuring data is
consistent across nodes is complex.
- **Synchronization**: Replicated data must
be kept up to date across nodes.
- **Complexity**: Designing, implementing,
and managing distributed databases is
challenging.
- **Latency**: Communication between
nodes can introduce delays.

### Examples of Distributed Databases

- **NoSQL Databases**: MongoDB,
Cassandra, Couchbase.
- **Relational Databases**: CockroachDB,
Google Spanner, Amazon Aurora.