UNDERSTANDING DATABASE SECURITY

An ever increasing number of databases are needed in business, and, with the advent of the Internet,
threats or risks to these databases are increasing apace. In this series, we provide a definition of
database security, and look at security concepts and the types of threats involved.

Database Security
Written by: anuramn • Edited by: Lamar Stonecypher
Updated Aug 10, 2011 • Related Guides: Database | Database Server

Threats and risks to databases have increased and therefore, the need for securing databases
has also increased. Let's learn about the basic facets of database security, including assurance,
integrity, availability, and confidentiality.

The majority of the companies store sensitive data in databases. However, database security is
sometimes not given as much thought and effort as other areas of computer security. Hackers
have been able to target large databases in recent years to obtain sensitive information like
credit card numbers and other personal information. It is important to protect databases
against these risks, and this is where database security comes into place.

What are the Basic Facets of Database Security?

Database security can be defined as a system or process by which the "Confidentiality, Integrity,
and Availability," or CIA, of the database can be protected. Unauthorized entry or access to a
database server signifies a loss of confidentiality; unauthorized alteration to the available data
signifies loss of integrity; and lack of access to database services signifies loss of availability.
Loss of one or more of these basic facets will have a significant impact on the security of the
database.

For an illustration of this concept, imagine that the website of a company contains information like who
they are, what they do, and what prospective customers have to do to contact them for their queries. In
this case, the availability of the database services is more important when compared with other factors
like the confidentiality or integrity of the database security.

For a company that sells products or goods online, however, confidentiality and integrity are more
important as customers use their credit cards to buy goods online only when the site is available.
Another factor needs to be addressed when examining database security and that is "Assurance."
What is database assurance? Take for example, a web application that acts as a frontend to a database
server. If the web application that is selling online goods is vulnerable to cross-site-scripting, the chances
of people not trusting the website becomes greater. When customers lose trust or assurance in the
company, this may consequently lead to loss in the business.
Databases are susceptible to other vulnerabilities like poor password management, SQL injection,
leakage of data, and improper error handling apart from cross site scripting. Hackers try to attack
databases that are configured poorly. Hackers take advantage of these database weaknesses to exploit
the database vulnerabilities.

The risks involved with the database are not the same for every database present in the organization;
therefore, security controls or measures to these databases differ. As there are various databases like
Oracle, SQL and Access, different types of database security solutions are also available in the market.
One needs to assess the risk for the database involved and mitigate the risk by designing and
implementing appropriate database security solutions. If security is the key driver for database
configuration, the data will remain safe and secure.

Concepts of Database Security

Written by: anuramn • Edited by: Lamar Stonecypher

Updated Jan 13, 2010

When it comes to securing a database, lots of things have to be taken care of. This article provides
details about core database security concepts including confidentiality, integrity, and availability.

In the first article in this series, we saw what database security is and introduced the core concepts of
database security. In this part, we'll continue our look, in somewhat greater detail, at the core concepts
that play a vital role in database security.

Image source: bp.blogspot

CIA Triad

Confidentiality

In database security concepts, Confidentiality comes first. Confidentiality can be enforced by encrypting
the data stored in the database. Encryption is a technique or process by which data is encoded in such a
way only authorized users be able to read the data. In other words, encryption means rendering
 sensitive data unreadable to unauthorized users. Encryption can be done at two different levels: data-in-
transit and data-at-rest.

Data-in-transit: This refers to data that is moving within the network. Sensitive data, for
example, that is sent through network layers or through the Internet. A hacker can gain access
to this sensitive data by eavesdropping. When this happens, the confidentiality of the data is
compromised. Encrypting data-in-transit avoids such compromises.

Data-at-rest: It is possible for a hacker to hack the data that is stored in the database.
Encrypting data-at-rest prevents such data leakages.

Different encryption algorithms are available, which includes Data Encryption Standards (DES),
Triple DES or 3DES, and Advanced Encryption Standards (AES).

Integrity

Integrity can be enforced by setting User Access Controls (UAC) that define which users have to
be given what permissions in the database. For example, data related to employee information
is stored in a database. An employee may have permission for viewing the records and altering
only part of information like his contact details, whereas a person in the human resources
department will have more privileges.

What are the steps that have to be taken to ensure integrity of the database?

 Once the database is installed, the password has to be changed. Similarly, periodic checks have
to be conducted to ensure the password is not compromised.

 User accounts that are not in use have to be locked. If one is sure that these user accounts will
never be used again, then the best step is to remove such user accounts.

 Policies to set strong passwords have to be enforced. A good idea is to have a policy of
changing the passwords once per a month.

 There are two types of authentication when it comes to database security,

namely, domainauthentication and database authentication. Choose which authentication you are
going to follow and ensure you stick to it. Having both types of authentication will create greater
confusion rather protecting the database.

 Check for the roles each user has and set the rules accordingly. You must ensure that users are
given permissions to do what they are allowed to do. I know this is a time consuming job when the
 database is huge, but once the permissions are set the right way, it is easy to check unauthorized
entry or access.

 Does your company have multiple database administrators? If yes, segregate the duties among
these database administrators.

Availability

Databases must not have unplanned downtime. To ensure this, following steps have to be
taken:

 Restrict the amount of storage space given to each user in the database.

 Limit the number of concurrent sessions made available to each database user.

 Backup the data at periodic intervals to ensure data recovery in case of application issues.

 Databases should be secured against security vulnerabilities.

 To ensure high availability, usage of database clusters is recommended.

Thus it is understood that the database security concept lies with three major concepts:
Confidentiality, Integrity, and Availability.

Threats to Database Security

Written by: anuramn • Edited by: Lamar Stonecypher
Published Jan 14, 2010 • Related Guides: Database | Database Server | Operating System

With the increase in usage of databases, the frequency of attacks against those databases has
also increased. Here we look at some of the threats that database administrators actually can
do something about.

Database attacks are an increasing trend these days. What is the reason behind database
attacks? One reason is the increase in access to data stored in databases. When the data is
been accessed by many people, the chances of data theft increases. In the past, database
attacks were prevalent, but were less in number as hackers hacked the network more to show
it was possible to hack and not to sell proprietary information. Another reason for database
attacks is to gain money selling sensitive information, which includes credit card numbers,
Social Security Numbers, etc. We previously defined database security and talked
aboutcommon database security concepts. Now let's look at the various types of threats that
affect database security.

Types of threats to database security

1. Privilege abuse: When database users are provided with privileges that exceeds their day-to-
day job requirement, these privileges may be abused intentionally or unintentionally.

Take, for instance, a database administrator in a financial institution. What will happen if he
turns off audit trails or create bogus accounts? He will be able to transfer money from one
account to another thereby abusing the excessive privilege intentionally.

Having seen how privilege can be abused intentionally, let us see how privilege can be abused
unintentionally. A company is providing a “work from home” option to its employees and the
employee takes a backup of sensitive data to work on from his home. This not only violates the
security policies of the organization, but also may result in data security breach if the system at
home is compromised.

2. Operating System vulnerabilities: Vulnerabilities in underlying operating systems like

Windows, UNIX, Linux, etc., and the services that are related to the databases could lead to
unauthorized access. This may lead to a Denial of Service (DoS) attack. This could be prevented
by updating the operating system related security patches as and when they become available.

3. Database rootkits: A database rootkit is a program or a procedure that is hidden inside the
database and that provides administrator-level privileges to gain access to the data in the
database. These rootkits may even turn off alerts triggered by Intrusion Prevention Systems
(IPS). It is possible to install a rootkit only after compromising the underlying operating system.
This can be avoided by periodical audit trails, else the presence of the database rootkit may go
undetected.

4. Weak authentication: Weak authentication models allow attackers to employ strategies such
as social engineering and brute force to obtain database login credentials and assume the
identity of legitimate database users.
5. Weak audit trails: A weak audit logging mechanism in a database server represents a critical
risk to an organization especially in retail, financial, healthcare, and other industries with
stringent regulatory compliance. Regulations such as PCI, SOX, and HIPAA demand extensive
logging of actions to reproduce an event at a later point of time in case of an incident. Logging
of sensitive or unusual transactions happening in a database must be done in an automated
manner for resolving incidents. Audit trails act as the last line of database defense. Audit trails
can detect the existence of a violation that could help trace back the violation to a particular
point of time and a particular user.

http://www.brighthub.com/computing/smb-security/articles/61400.aspx

SECURITY STANDARDS

Security is a complex and involved practice that shouldn't take a back seat to other
administrative tasks. The database is one of the key protection points; however, as a
database architect, DBA, or IT manager, recognizing the breadth and depth of security
considerations will help you plan prevention methods.

Here are the 10 domains of security in the Common Body of Knowledge produced by the
International Information Systems Security Certification Consortium, also known as (ISC) 2,
one of the main guiding bodies of security-based standards.

1. Security management practices (security guidelines and SLAs for data centers)
1. Security policy, standards, and procedures

2. Roles and responsibilities

3. Risk management (data classification, risk assessment, and risk analysis).

2. Security architecture and models (confidentiality, integrity, and availability)

1. Trusted systems

2. Desktop and server operating system security model

3. WAN and LAN topologies.

3. Access control systems and methodology (access level for a centralized or decentralized system
or application)

1. Preventative, detective, and corrective controls

 2. Authentication (sso, kerberos, and so on)

3. Security domains

4. Intrusion detection.

4. Operations security (access privileges, audit, and monitoring, and how to handle violations,
incidents, and breaches)

1. Control of hardware, media, and operator access

2. Change control management

3. Separation of duties.

5. Physical security (physical protection for people, facility, and instruments)

1. Facility planning

2. Personnel access controls.

6. Cryptography principles (disguising information to ensure integrity, confidentiality, and

authenticity)

1. Use of encryption to secure information

2. Public key infrastructure

3. Digital signatures.

7. Telecommunications, network, and Internet security (voice and data communications, LAN,
WAN, and remote access)

1. Email security

2. Network security management

3. Remote access (VPN, SSL)

4. Firewalls.

8. Business continuity planning and disaster recovery planning (focuses on protection from major
system and network failures).

1. Strategy

2. System backup and recovery.

9. Law, investigations, and ethics

1. Intellectual property law

2. Privacy laws
 3. Regulatory compliance

4. Governance requirements.

10. Application development security

1. Integrity, security, and availability

2. System life-cycle and security

3. Database and data warehousing threats and protections.