The Security Of Database
Introduction
In the contemporary times, it has been widely believed that the huge computer network platform is considered to be extremely beneficial in terms of making the entire community more informative (Martínez, et al, 2013). The technology of database has created a leading position for itself in the computing environment. However, due to this drastic increase in the use of computer network systems, it has been widely observed that there has been an aggravation in the aspects of network intrusion and identity theft. And with many other words did he testify and exhort, saying, Save yourselves from this untoward generation (Acts2:40, New King James Version). Therefore, the database system is considered to be
…show more content…
Thesis Statement
The aspect of computer database security is aggravating with the increase in intense influence of technology in our routine lives. The paper aims to present some key security threats and the effective solutions in order to counter such threats that are largely adopted by the companies in today’s world.
Various Types of Attacks on the Computer Network System
After the violation of several layers of protection, it has been observed that the attacker or hacker may want to perform the below listed attacks.
Direct Attacks
This type of attack specifically means that the targeted data or sensitive information is attacked directly. Due to this, it has been observed that these targeted attacks are considered to be extremely obvious and they are successful only in the condition if the database is not protected by any sort of protection mechanism (Ahmad, et al, 2011). In case there is any protection system installed at the gateway, this type of attack is failed and the attacker proceeds to the next.
Indirect Attacks
In this type of attack, the attack is not aimed directly at the data or information, which is targeted. Rather, in an indirect attack, information about the target and from the target is achieved through various intermediate objects. Here, attackers usually use combination of keys as well as queries. Some of them are even used for the purpose of misdirecting and cheating the secure mechanism of database security (Ambler, 2012). These are
SQL Injection – an input validation attack specific to database applications where SQL code is inserted into application queries to manipulate the database.
In this report I will be describing the ways in which networks can be attacked, also be giving real life example of each of the below.
Why is it so important to have security for an organizations database? One reason will be to secure the organizations personal and confidentiality data information. Oracle has a database security software that enables a regulatory compliance for both oracle and non-oracle databases. Oracle has a powerful and a preventative detective security controls that will include database
Even though there are this kind of attacks. This Microsoft SQL Server has the tools and technologies that mitigate this kind of attacks and there are what am going to talk about.
System/application attacks fall within three categories: denial or destruction, alteration, and disclosure. This paper will cover some common system/application domain vulnerabilities: unauthorized physical and logical access to resources, weaknesses in server operating system and application software, and data loss.
The information age is the age we live in today, hence we must make sure that the use of the information readily available to many people is not abused. There are many different types of security threats to the average person, business or even government. The risks faced by individuals and entities are rising, thus measures to avoid these privacy and security breaches would be discussed accordingly assisting and allowing firms to remain, fraud free and protected.
This section provides various types of attacks that are not performed in isolation; many of them used depending on the goals of an attacker.
Confidentiality, Integrity and Availability are the three hardest aspects to preserve in information Security. Confidentiality, being the most important aspect, is the prevention of unauthorized disclosure of information. Integrity protects the information within the document by making certain that only authorized users and parties can modify the information. Lastly availability insures that information and services are available when needed. These three aspects form a bond between companies and consumers insuring the information is in safe hands. However, IT systems and networks are prone to more malicious attacks then ever before and the number of computer crimes is increasing every day. Examples include Hacking, Viruses and vulnerabilities,
Prevalent to the current trend now is the dependency of the society on Information technology and communication systems. Every aspect of human life is one way or the other linked and controlled by information technology tools. The importance of information technology cannot be over emphasized as its unavailability could lead to a form of disaster or the other. Pivotal infrastructures like finance, healthcare, education and security are driven by information technology. However, information technology and its benefits are accompanied by vulnerabilities and risks that can be exploited by people with the necessary technical skills. Individuals like ‘Hackers’ and ‘Cyber Terrorist’ can cause disruption to information systems, commit financial fraud and also attack computers and networks. These attacks and disruptions could result to violence against people and properties. In some cases, death, serious injuries and severe economic loss could occur as a result of these attacks.
Data systems such as the web application and data servers are faced by a number of threats, some of these threats are discussed below:
With advances in technology constantly happening, it can be hard to keep up with all of the latest trends. If organizations cannot keep up with the latest trends, it can lead to flaws in their security. Any flaws in security can have a detrimental effect on an organization’s database. Almost every organization has some sort of database, whether it is for maintaining customers, inventory, or vital information.
As the use of computers, databases, and technology in general, security has grown to be a powerful tool that has to be used. The threat of outside sources intruding and exploiting crucial information is a threat that is present on a daily basis. As a part of creating and implementing a security policy, a user must consider access control. Access Control is a security tool that is used to control who can use or gain access to the protected technology. Access control security includes two levels; logical and physical. Though database intrusions can happen at any moment, access control provides another security barrier that is needed.
Safety of information is the most valuable asset in any organization particular those who provide financial service to others. Threats can come from a variety of sources such as human threats, natural disasters and technical threats. By identifying the potential threats to the network, security measure can be taken to combat these threats, eliminate them or reduce the likelihood and impact if they should occur.
Almost all kind of large and small organizations might face increasing number of attacks into their network or intellectual property. This may lead to data disclosure, data destruction, and damage of organization’s reputation. There are numerous threats in the cyber space which might be capable of stealing, destroying or making use of out sensitive data for financial and non-financial gains. As the amount of computer, mobile and internet users increases, so does the number of exploiters.
Sql injection is one of the most harmful and vulnerable of web application. An attacker attacks and leaked information for different purpose. SQLIA is nothing but the class of code used as user input as query[1].This techniques attacks the system and crash the whole present