1 / 15

CAN A DATABASE REALLY BE SECURE?

CAN A DATABASE REALLY BE SECURE?. PRESENTED BY AUDREY WILLIAMS. OVERVIEW. What’s the purpose of a database security system? Why should an organization bother to implement a database security system? What kinds of database security features can protect the DBMS?

tamarr
Download Presentation

CAN A DATABASE REALLY BE SECURE?

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CAN A DATABASE REALLY BE SECURE? PRESENTED BY AUDREY WILLIAMS

  2. OVERVIEW • What’s the purpose of a database security system? • Why should an organization bother to implement a database security system? • What kinds of database security features can protect the DBMS? • What are the responsibilities of the database administrator? • Exposing classic database intruders • Summation • Bibliography

  3. DATABASE SECURITY • What’s the purpose of a Database Security System? • To protect the stored data that is being collected to use in meaningful ways such as documents, charts, reports. • Also, to secure the data from intruders • Spafford implies, “the only truly secure system is one that is powered off, cast in a block of concrete and sealed in a lead-lined room with armed guards - and even then I have my doubts.”

  4. DATABASE SECURITY In response to Mr. Spafford’s statement – • Why should an organization bother to implement a database security system? • To protect the company’s clientele from predators that will sell the data to the highest bidder. • Database intrusions and thefts will destroy or reduce the company’s credibility & profits.

  5. DATABASE SECURITY • [Figure 1] demonstrates that the path of a source message comes from the client and is sent to the LAN/WAN router. • Next, the source message is passed to the server. The requested data is passed to the internet, internet router, and firewall to the DBMS to retrieve requested information. • After the destination server receives the message, the DBMS sends the message back to the client as it was forwarded in the same order. • So, the entry point for Hackers to breach the system is the internet, internet router, and firewall connection which places the DBMS in jeopardy of data intrusion.

  6. DATABASE SECURITY FEATURES • What kinds of database security features can protect the DBMS? • Digital Certificate is a unique identifier given to an entity to provide authentication of a computer, document, or webpage. Then, a third party such as Equifax certifies that the document is legal or illegal. • Encryptions alter the data so unauthorized users cannot view data information. • Firewalls protect a network from unauthorized access from the internet. • Proxy Servers shield the requests between the client computers inside a private network and the internet. • Security Socket Layer connects and transmits encrypted data. • S-HTTP (secure hypertext transport protocol) transmits web pages securely. • So, by configuring these features with internet and network components, it is possible to provide privacy and security to reduce database security intrusions.

  7. RESPONSIBLITIES OF THE DATABASE ADMINISTRATOR • To assign unique password & user identification for users to have permission to access, read and or manipulate specific information at a given time. • Enable various data layers that secure the access control, auditing and authentication, encryption, and integrity controls. • Perform a “vulnerability scan” on a routine basis to locate configuration problems in the data layers of the DBMS software. • Evaluate and perform a “vulnerability assessment” against the database. This assessment makes an effort to locate the cracks in the database security.

  8. RESPONSIBLITIES OF THE DATABASE ADMINISTRATOR • To continually monitor the database security standards to make sure that the company’s DBMS is in compliance with the database security standards. • Two features of the database security compliance must be utilized. • Patch Management Method that locates problems in the software, fixes and updates the cracks in the database security. • Management & Review of Public & Granted Data Access relates to locating data objects in the database, such as the table that holds data and evaluates who is entitled to manipulate or view the data objects.

  9. RESPONSIBLITIES OF THE DATABASE ADMINISTRATOR • Always keep in mind that whenever a system has internet and network connections attached to a DBMS, security breaches will occur. • Perform routine backup recovery procedures incase of electrical outage and intruder attacks that can damage the DBMS.

  10. THE CLASSIC DATABASE INTRUDERS • The Shifty Employees & Malicious Hackers

  11. THE CLASSIC DATABASE INTRUDERS • Employees • For example, a salesperson in the sales department should have access to company prices of the product list instead of data access of employee birth dates, extensive clientele information, home addresses, and salary information. • Adding to the example above, the salesperson learns that they will be fired or laid off; the salesperson could alter and copy the database information for the purpose of using the client list with their new job. • So, the company and the database administrator are to blame for the employee having access to various amounts of data to steal.

  12. THE CLASSIC DATABASE INTRUDERS • The Black Hat Hacker • Is a person that hacks into a security system to retrieve data from a computer, network, and database system with the intent to commit and terrorize the victims in a criminal and maliciously act of blackmail, damage and larceny. • The purpose is to gain system controls of the individual or the organization.

  13. THE CLASSIC DATABASE INTRUDERS Hackers believe: “The best hackers never get caught!” • However in 2006, 42% of cybercrimes were committed by hackers. • Then, the manpower from law enforcement is limited in size to fully pursue every high-tech crime that is committed, so the most costly crimes are the cases that are pursued by law enforcement. • Yet, in 2006, global tasks forces in major cities are developing and devoting more manpower for the goal of locating, charging, arresting, and sentencing hackers for their cybercrimes. • In 2006, one hacker stole 165,000 consumer identities and another hacker stole $800,000 from local banks through identity thefts.

  14. SUMMATION • It seems that companies cannot deter or stop predators from hacking into DBMS through the internet and network connections. • So, by applying database security features and routine maintenance on the DBMS to: • Monitor the database security compliances • Perform vulnerability assessments and scans to discover cracks in the database security • Reconfigure data access parameters to lock out imminent attackers • Prevent employees from accessing and viewing more data than necessary should maintain the database security to protect the data from most intrusions and thefts.

  15. THE END BIBLIOGRAPHY • WIKIPEDIA • DOJ & FBI • Merriam-Webster • L.A.P.D. • N.Y.P.D • Spafford. Eugene H. O'Reilly. S. Garfinkel. Web Security & Commerce. Retrieved from Internet 31.Mar.2007. http://en.wikipedia.org/wiki/Hacker. Article was created in 1997.

More Related