Database Security

Chapter One
Security and Information Technology
 About the Presentations
• The presentations cover the objectives found in the
opening of each chapter.
• All chapter objectives are listed in the beginning of
each presentation.
• You may customize the presentations to fit your
class needs.
• Some figures from the chapters are included. A
complete set of images from the book can be found
on the Instructor Resources disc.
 Objectives
• Define the nature of database and information
systems security
• Identify the three main security objectives when
protecting information systems
• Identify security threats
• Define and identify the characteristics of viruses
and how they infiltrate systems
• Identify specific types of operational security and
describe how to implement them

Database Security 3
 Objectives (cont’d.)
• Describe the information security life cycle
• Describe the multilayered nature of security
architecture

Database Security 4
 Why Database Security?
• Most databases provide access spanning several
networks and across the world
• Most online transactions involve a database
• Water supplies, electricity grids, and gas and oil
production depend on a computer network to thrive
– Breach could have disastrous impact
• Network intruders are well trained and growing
more sophisticated

Database Security 5
 A Secure Data Environment
• Multiple layers of security
– Most effective approach to minimizing risk of data
breach
• Example of multiple security layers to protect
against malicious e-mail attachments
– User awareness training
– Filter on exchange server to remove known
malicious attachments
– Firewall configured to deny certain types of traffic

Database Security 6
 A Secure Data Environment (cont’d.)
• Database security
– Set of established procedures, standards, policies,
and tools
– Protects against theft, misuse, and attacks
– Deals with permission and access to the data
structure
• Common vendor features for database security
– Database-level access control
– Database-level authentication
– Data storage encryption

Database Security 7
 A Secure Data Environment (cont’d.)
• Computer security
– Necessary element of database security
– Typically defined by the operating system
• Common computer security features
– Operating system-level access control
– Operating system-level authentication
– Application security
– Hardware and software monitors and logs

Database Security 8
 A Secure Data Environment (cont’d.)
• Network security
– Outermost layer of the database
– Arguably biggest security concern
– Set of established procedures, standards, policies,
and tools
– Goal: protect network from theft, misuse, and attacks
• Hardware and software devices used to secure a
network
– Firewalls, antivirus programs, network monitors,
intrusion detections systems, proxy servers, and
authentication servers
Database Security 9
 Database Security Objectives
• Security measures
– Keep information private from outside viewing
– Maintain consistency of data
– Ensure resources remain at a high degree of
availability
• Key to achieving effective data security architecture
– Organization must maintain confidentiality, integrity,
and availability of its environment

Database Security 10
 Figure 1-1 C.I.A. triangle
Courtesy Course Technology/Cengage Learning

Database Security 11
Database Security Objectives (cont’d.)
• Confidentiality requirements
– Ensure information remains private by limiting
authorized access to resources
– Block unauthorized access to resources
• Confidentiality protected using authentication and
access controls
– State and federal laws may apply to these measures
• Breaches in confidentiality could result in:
– Stolen identity
– Exposed business trade secrets
Database Security 12
Database Security Objectives (cont’d.)
• Integrity
– Reliable, accurate, and consistent data stored in and
retrieved from the database
– Protected by preventing accidental or deliberate
modifications
– Most difficult item to measure
• Auditing used to compare data with older, backed-
up versions of the data
• Results of integrity breaches
– Unreliable data, flawed programs, system failures

Database Security 13
Database Security Objectives (cont’d.)
• Availability
– Maintaining accessible network or database
resources
– Business cannot operate without it
• Must identify potential threats to availability
– Assess threat level
– Plan appropriate intervention
– Example of threats: technical failures, natural
disasters, intrusions, user-caused harm

Database Security 14
 Who Are We Securing Ourselves
Against?
• Must understand what poses a threat
– More threats exist on the inside of a network than on
the outside
• Overly restrictive databases are as ineffective as
those that give too much access
– Healthy balance is needed

Database Security 15
 Hackers
• Hacker
– Person who has mastered firmware and software of
modern computer systems
– Person who enjoys exploration and analysis of
network security without intent to cause harm
• Cracker
– Person who breaks into a network to destroy or steal
information

Database Security 16
 Table 1-1 Types of online intruders
Database Security 17
 Social Engineers
• People who manipulate others to gain access to
systems, unauthorized areas, or confidential
information
– Often build trust with authorized user
– Use deception and trickery to convince people to
break normal security policies
– Example: asking for a password

Database Security 18
 Computer Users
• Network users cause over half of security breaches
• Major contributing factors
– Lack of education
– Disregard of policy
• Examples of most common user errors
– Poor habits (computers unlocked and unattended)
– Password error (writing passwords on sticky notes)
– Disregard for company policy (downloading
unauthorized software)
– Opening unknown e-mail attachments
Database Security 19
 Computer Users (cont’d.)
• Examples of most common user errors (cont’d.)
– Inappropriate disclosure (giving information over the
phone to a social engineer)
– Procrastination (failing to report computer issues in a
timely manner)
• Computer-literate users may take risks and find
shortcuts to security measures
• Disgruntled employee on a network can abuse
access rights and destroy files

Database Security 20
 Network and Database Administrators
• Not often viewed as threats to networks they run
– Room for error exists
– Their mistakes have consequences for integrity,
availability, and reliability of the network
• Dynamic nature of the data environment
– Can cause new security flaws to be created
– Network components must be regularly audited
• Common mistake
– Not removing a user’s rights and account credentials

Database Security 21
 The Internet
• Two billion Internet users
• 100 million Web sites
• 75% of US residents have Internet access
• Online education and social networking increasing
in popularity
• Threats on the Internet continue to increase
• 600,000 viruses on networks today
• Social interactions contribute to growing number of
identity thefts

Database Security 22
 The Internet (cont’d.)
• Web page code purposes
– To inform browser how to display the content
– To inform browser how to react to user responses
• Hijacking
– Web pages rewritten to distribute malicious code or
redirect user to attacker’s Web site
• Malware
– Malicious software
– Written and used by unauthorized intruders
– Often intended to be harmful and destructive
Database Security 23
 The Internet (cont’d.)
• Spoofing
– Fraudulent Web site made to look identical to
legitimate Web site
– Objective: draw in a user to gather personal
information (such as a password)
– Can be easy as registering a domain name that is a
slight misspelling of legitimate site (example: Gogle)
• Web browser
– Application that interfaces client machine to Internet
– Responsible for sending and receiving user pages

Database Security 24
 The Internet (cont’d.)
• Web browser (cont’d.)
– Has built-in programming language that can be
manipulated
• SQL injection
– Intruders append malicious code onto a database-
directed URL
– Intended to manipulate database into sending
confidential information
• HTTP portion of Web address informs browser of
protocol used to send request for the Web site
– Can include form-related data appended to URL
Database Security 25
 The Internet (cont’d.)
• Domain name server (DNS)
– Database of domain names and their respective IP
addresses
• DNS poisoning
– Cracker gains control over DNS server
– Cracker substitutes their site IP address for the
legitimate domain name IP address
– User may be fooled into providing personally
identifiable information (PII)
• Browser menu settings can also be manipulated

Database Security 26
 Table 1-2 Common characteristics for dangerous Web sites

Database Security 27
 Misleading Applications
• Applications designed to deceive users into
believing their computer’s security has been
breached
– User downloads and purchases fake antivirus tools
– Tools deliver malware to user’s computer
– User has no knowledge of true security breach

Database Security 28
 E-mails
• One of most common forms of communication
today
• Biggest threat to network and database
environment
– Simple channel of attack for crackers
– Most common way malicious code gains access to a
business
• Common threats to e-mail
– Attachments, phishing, HTML code attacks

Database Security 29
 E-mails (cont’d.)
• Attachments
– Difficult to identify a fake attachment
– Crackers use attachment names and file extensions
to gain trust
• Spoofing e-mail address
– Using a false e-mail address in the “from” and “reply”
fields
– Increases likelihood that user will open the
attachment

Database Security 30
 E-mails (cont’d.)
• Phishing
– Attempt to obtain PII using spoofed e-mail addresses
and URLs
– Act of trying to fish information out of people
– May include convincing a user to click a link to a
cracker-owned Web site
– Common technique: fake holiday and birthday card
e-mails
• Web-embedded HTML
– HTML allows email to be formatted like a word
procession application
Database Security 31
 Instant Messages
• Web-embedded HTML (cont’d.)
– Malicious software can be created using scripting
language and active content
– Users do not have to download attachments or click
unfamiliar links, only read their e-mail to be attacked
• Instant messages
– Data is not encrypted on either file transfer or peer
dialog
– Provides ideal environment for phishing with spoofed
buddy names and redirection techniques

Database Security 32
 Tweets
• Twitter.com provides members with blog-like
service to update status or activities to family and
friends
• Images and links can be included with a tweeted
message
• Accounts are falling prey to phishing, spoofing, and
redirection techniques

Database Security 33
 Malware
• Capable of performing harmful and destructive
tasks on victim’s computers
• Can be written in many programming languages
• Types of malware
– Computer viruses
– Worms
– Trojans
– Spyware
– Adware
– Bots
Database Security 34
 Computer Viruses
• Form of malware designed to spread from one
computer to another without detection
• Degree of danger varies:
– From annoying disturbances to destruction of entire
systems
• Characteristics found in malicious code
– Self-encryption
• Virus disguises the way it appears to a network
– Stealth
• Viruses make changes to the system
• Need to avoid detection by antivirus programs
Database Security 35
 Computer Viruses (cont’d.)
– Stealth (cont’d.)
• Intercepts requests from antivirus programs and
answers them, instead of the OS
– Polymorphism
• Ability to change forms to avoid detection
• Code changes signature each time it infects a file
– Residence
• Virus installs itself directly in computer’s main system
memory
• Virus does not need a user to make it active

Database Security 36
 Computer Viruses (cont’d.)
• Classes of viruses
– Logic bombs: viruses that corrupt data when certain
conditions are met
– Time bombs: time-delayed viruses
– Spyware: software that intentionally monitors user’s
activities
– Adware: malware used for marketing purposes
• Virus types
– Boot sector viruses load themselves onto the hard
drive’s boot sector

Database Security 37
 Computer Viruses (cont’d.)
• Virus types (cont’d.)
– Macro viruses: attached to or replace a macro in a
document
– File-infected viruses attach themselves to executable
file which user must run to activate
– Multipartite viruses combine characteristics of boot
sector virus and file-infected virus

Database Security 38
 Worms
• Self-replicating malware
• Do not need users to travel from one computer to
another
– Propagate across networks
• Elements of a worm’s travel
– Find a weak target
– Take control of the machine
– Interrogate the machine
– Test a new target

Database Security 39
 Table 1-3 Types of worms

Database Security 40
 Trojan Viruses
• Malware that disguises itself and its harmful code
• Hide within programs such as software updates,
games, and movies
• Purpose: gain access to sensitive information,
destroy files, or create opportunities for installing
bigger threats
• Types of Trojans
– Remote access and administration Trojan (RAT)
• Allows attacker to control victim’s computer from a
remote location

Database Security 41
 Trojan Viruses (cont’d.)
• Types of Trojans (cont’d.)
– Data-sending Trojan
• Sends information to attacker, usually with key loggers
– Destructive Trojan
• Randomly deletes files and corrupts the registry
– Proxy Trojan
• Attacker uses victim’s IP address to commit
cybercrime
– File transfer protocol (FTP) Trojan
• Allows attacker to download files from victim’s
computer
Database Security 42
 Bots
• Also known as software robots
• Able to perform automated tasks for an intruder at
a remote location
• Used for spamming and launching DoS attacks
• Can be hidden in games and other programs
• Can be e-mailed from one infected machine to
another
• Able to disguise themselves, and run in the
background
• Many bots controlled together known as a botnet
Database Security 43
Security Architecture: A
Never-Ending Cycle
• Creating a security architecture is not an easy task
• Complete security is an unattainable goal
• Techniques used to attack databases developed
using same technology used to protect the systems
– Intruders become more advanced as technology
advances
• New intrusions developed constantly
• Process of creating and maintaining security
architecture has four phases

Database Security 44
 Phase 1: Assessment and Analysis
• Determining an organization’s data security needs
– Identify existing vulnerabilities, threats, and assets
• Security audit
– Used to identify threats
– Can be conducted internally or by a third party
• Determine cost of breached or lost asset
– Security measures should never exceed value of
assets they protect
• Questions to ask to guide this phase are listed on
Page 25 of the text
Database Security 45
 Phase 1: Assessment and Analysis
(cont’d.)
• Risk assessment steps
– List all devices and resources within a database
environment
– Identify vulnerabilities and assets involved with each
resource and device
– Define asset value and cost of damage from the
threats
– Create security measures to counteract the threats
– Prioritize the security measures

Database Security 46
 Phase 2: Design and Modeling
• Create policies and prototype security architecture
to fit business needs
• Entire organization should be included in the
process
– Policies must be realistic for user and business
needs
• Questions to ask to guide this phase are listed on
Page 26 of the text

Database Security 47
 Phase 2: Design and Modeling
(cont’d.)
• Design steps
– Define needed policies and procedures
– Identify firmware and software changes to support
the policies
– Create an implementation plan
– Create baselines to determine success and failure
– Define a plan for user training and awareness

Database Security 48
 Phase 3: Deployment
• Security policies, firmware, and tools put in place
• Test environment usually created first
• Firmware and software purchased and tested
• Questions to guide this phase are listed on Page
26 of the text
• Deployment steps
– Adjust user awareness training as needed
– Test firmware and software changes in a controlled
simulation environment
– Deploy changes according to the deployment plan
Database Security 49
 Phase 4: Management and Support
• Monitor security system performance
• Reevaluate architecture after any failures or
breaches
• Questions to guide this phase are listed on Page 27
of the text
• Management and support steps
– Monitor performance of security architecture and user
security awareness and training
– Make minor policy revisions as necessary
– Identify need for a reassessment and initiate the start
of the security life cycle
Database Security 50
 Global Policies for the Database
Environment
• Operational information security
– Ensures secure operation of an organization
– Uses reliable policies and procedures
– Necessary component of maintaining database
environment
• Aspects of information security
– Security policies
– Change management
– Update management
– Disaster recovery plan
Database Security 51
 Security Policies
• Security policy objectives
– Define overall security goal
– Identify scope of what to secure
– Define roles and responsibilities of people in the
organization
– Identify specific communication processes
– Discuss policy enforcement
• Should be created by a committee of invested
stakeholders
• Plan for communicating policy should be created
Database Security 52
 Update and Upgrade Management
• Update
– Small change to already installed software or
firmware
• Upgrade
– Replacement for older version of software
• Components of an update management policy
– Patch update procedures
– Software update procedures
– OS upgrade procedures
– Firmware change procedures
Database Security 53
 Update and Upgrade Management
(cont’d.)
• Upgrades should not be applied to a database
immediately after release
– Good practice to wait months or years until stable
• Questions to ask
– Is the update/upgrade really necessary?
– What are the possible repercussions of the install?
• Create a test environment to test the upgrade
• Put a recovery and restore plan in place to reverse
the upgrade if needed
– Back up files in case reversal does not work
Database Security 54
 Update and Upgrade Management
(cont’d.)
• Types of updates and upgrades
– Patch
• Small program used to fix or update software
programs or firmware devices
• Often created in response to newly discovered
vulnerability
– Software upgrade
– OS upgrade
• Most significant and risky upgrade
• Involves radical changes to both clients and servers

Database Security 55
 Backup Management Plan
• Backup
– Intentional copy of data, files, and system
configurations
– Used to archive and store information
– Used to replace files after network failure or attack
• Backup management plan
– Process to ensure safety of network data
• Backup solutions
– Many available today
– Choose best fit for data and business goals
Database Security 56
 Table 1-4 Media storage types

Database Security 57
 Backup Management Plan (cont’d.)
• Questions to answer when choosing backup
strategy
– What media should I use?
– Where will backup be placed?
– What should be backed up?
– How often should information be saved?
– What time of day should backup occur?
– What type of backup should be completed?

Database Security 58
 The Disaster Plan
• Plan developed to ensure quick reinstatement of a
network after a human-caused or natural disaster
– Goal: restore most critical aspects of the business
• Plan should include:
– Contact information for emergency responders
– Roles and responsibilities of response staff
– Location and details of network backups
– Agreements with national service carriers
– Communications strategies
– Contract information for disaster recovery services
Database Security 59
 The Disaster Plan (cont’d.)
• Physical site recovery options
– Cold site
• Provides basic necessities for rebuilding a network
– Warm site
• Provides basic necessities and hardware and software
devices
– Hot site
• Exact replica of organization’s network
• Shared site agreements distribute cost of
maintaining backup site among similar companies

Database Security 60
 Summary
• Database security refers to policy, procedure, and
design efforts to mitigate threats to a database
system
• Effective database security requires confidentiality,
integrity, and availability
• Malware can exist in many forms
• Viruses spread from computer to computer without
detection
• Worms self-replicate by harnessing power of
networks and using power to attack networks
Database Security 61
 Summary (cont’d.)
• A Trojan horse is malware that disguises itself
• Bots have ability to perform automated tasks for an
attacker at a remote location
– Difficult to detect
• Security is a continual cycle of assessing a
network, designing security policies, deploying
security architecture, and testing security
performance
• A disaster plan defines steps to reinstate a network
after a disaster occurs
Database Security 62