StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

The Security Risks Associated with Online Access to Databases - Essay Example

Cite this document
Summary
The essay “The Security Risks Associated with Online Access to Databases” focuses on databases, which usually contain sensitive information yet security is often lacking to protect them. When databases are linked to web front-ends to make the data accessible online, they become even more vulnerable…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER95.7% of users find it useful
The Security Risks Associated with Online Access to Databases
Read Text Preview

Extract of sample "The Security Risks Associated with Online Access to Databases"

Patches are infrequently applied because of the concept that if something is not broken, it doesn’t need to be fixed. Other areas of neglect are poor configuration management such as taking shortcuts, using test databases on production servers, etc. The latter especially leads to even further risks (Chickowski, 2009-8). These and other security lapses make databases vulnerable from worms, automated scanners, etc. Online databases can suffer from buffer overruns and the URLs “allow attacker code to be executed, and generally wreak havoc” (Chickowski, 2009-6).

As for the application design itself, experts have even identified the riskiest packages such as DBMS_SQL, UTL_TCP, and DBMS_XMLGEN within Oracle, and third-party applications can also undermine databases (Chickowski, 2009-8).Simple and expected measures for security are authentication, authorization, and access control. Apart from configuration and patches, more advanced measures are encryption, auditing, monitoring, and data masking essential for enterprise databases. Besides these, other technological solutions are ‘hardening’ the database using features provided by the database vendor, and keeping out non-essential items from the server, including documentation, sample configurations, code files and if possible built-in stored procedures that are unused.

Anything else that cannot be deleted should be disabled instead.The relationship between databases and web applications is based on trust but this can be weakened from SQL injection attacks, thereby permitting further attacks. Even encryption cannot prevent these types of attacks (Chickowski, 2009-8). An awareness of this particular danger is the first step before taking measures to “restrict user transactions to a specific set of pre-written stored procedures” (Chickowski, 2009-6).

The issue of trust also extends to user privileges and access rights. From a security perspective, superusers, who have access to everything, and ordinary users, who overstep their privileges, are concerns and both types of users need to be monitored. It is also possible for someone else to gain access to a superuser account by hacking or social engineering. In fact, the most likely persons to steal, infect or damage data are not hackers but authorized users (Chickowski, 2009-9).A solution in these cases is to retain control by defining precisely “who actually should have access to what kinds of data, and under what circumstances” (Chickowski, 2009-6).

This requires classifying users, “monitor access activity, track usage, and look for anomalies” (ibid). More advanced features that are being developed include “statistical profiling of user access behavior, automatic detection of anomalous activity, and real-time alerting in response” (ibid). Until then, database administrators, security personnel and application developers should take the issue of security seriously and make the best use of existing measures.

Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(The Security Risks Associated with Online Access to Databases Essay, n.d.)
The Security Risks Associated with Online Access to Databases Essay. Retrieved from https://studentshare.org/information-technology/1566571-the-security-risks-associated-with-online-access-to-database-the-common-mistakes-made-by-database-administrators-security-personal-and-the-application-developers
(The Security Risks Associated With Online Access to Databases Essay)
The Security Risks Associated With Online Access to Databases Essay. https://studentshare.org/information-technology/1566571-the-security-risks-associated-with-online-access-to-database-the-common-mistakes-made-by-database-administrators-security-personal-and-the-application-developers.
“The Security Risks Associated With Online Access to Databases Essay”. https://studentshare.org/information-technology/1566571-the-security-risks-associated-with-online-access-to-database-the-common-mistakes-made-by-database-administrators-security-personal-and-the-application-developers.
  • Cited: 1 times

CHECK THESE SAMPLES OF The Security Risks Associated with Online Access to Databases

Computer Systems Security

It is not easy to define who has access to what information.... When considering data protection, the organization needs to review who has access to what type of data, who used the Internet, who should be given limited access, what type of firewalls and anti-malware solutions need to be in place, the usage and maintenance of passwords and the training being given to staff (Spam laws,... More importantly, data that was… umed to be stored safely in an organization seems to be migrating out of it, raising privacy concerns and questioning the security of digital storage and distant, scattered workforce....
10 Pages (2500 words) Essay

Network Risk Assessment

switch connecting to the data center and the second switch connecting the access points also have no protection.... Every request from the users is redirected to the router, where the router checks the access Control List (ACL).... In this scenario, the accounts staff has permissions to access these servers.... However, all the other users on the network are restricted to access these servers.... Identified risks from the Internet are virus and malicious codes....
5 Pages (1250 words) Research Paper

Analysis of Database Security

Consequently, limiting access to this information would be done through a password and username system whereby only the authorized user is allowed to log in to the site or database.... hellip; Aaron concludes that security is very crucial for all databases stored as they ensure that data remains secured and only the right people are able to access it whenever they need it.... However, for this to happen appropriately, it is essential to assess the network persistently, access the servers, test the file systems, and ensure that all the databases are protected....
11 Pages (2750 words) Annotated Bibliography

Importance of the Information Management System

Furthermore, a brief overview of the measures those would be taken in order to recover from the disaster associated with the hacking and/or stealing of information and training provided to facilitate the protection of the information system of the school.... The paper “Importance of the Information Management System” focuses on the case scenario of Redfriars School and the security system that would be effective for handling the issues regarding the safety and protection of information....
27 Pages (6750 words) Case Study

Potential Threats to the Database

The answer to this question increases in access to data stored in databases.... The aim of this research is to discuss the threats that can create problems for the security of databases and present the ways or techniques that can be adopted to ensure the security of databases.... It is evidently clear from the discussion that databases require having the higher level of security to defend against malicious and accidental threats....
5 Pages (1250 words) Case Study

Database Security: A Comprehensive Approach

It is important to note that database security is an evolutionary paradigm due to constant changes in technology which result in the creation of new threats and vulnerabilities for databases.... The rapid growth and development of the global information technology network have resulted in the formation of vast databases characterized by heterogeneity which demand the creation and maintenance of competent security mechanisms to ensure effective functionality.... Database management systems have an obligation to create a competent database security system that protects data by controlling user access hence preserving its integrity and quality....
15 Pages (3750 words) Coursework

Yahoo's Database Security

One advantage associated with this database is that no contention is available because it employs a shared-nothing architecture (Introduction to Massively Parallel Processing (MPP) database, 2012).... This paper ''Yahoo's Database Security'' will be divided into a number of segments, including types of Yahoo databases and how they are used, security breach suffered by Yahoo, the problems faced when protecting users' data, and the methods used by Yahoo to safeguard their users' data....
6 Pages (1500 words) Coursework

Implementing Secure Linux Database System

In doing so, it will look at the following: identify common limitations that are associated with defaulting setups of MySQL/Linux databases; how the setup that is in ACME Software Solutions is incapable of meeting its security requirements; a plan illustrating how the present setup of MySQL/Linux can be altered, so as to be capable of using the functionality that is in existence without extra security tools; and a plan illustrating how the security functionality that is in existence may be added to use support-systems and extra tools....
7 Pages (1750 words) Assignment
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us