How To Secure Databases?
Information Security Is Concerned With The Confidentiality, Integrity, And Availability Of Data. Security In The Field Of Computer Information Technology Focuses On Ensuring The Availability And Proper Operation Of Computers.
The fact is that information security is a complex process of computer software and hardware. Organizations have to use security equipment and tools based on strict and calculated policies to properly implement communication infrastructure and databases not to challenge sensitive organizational data.
Information security and the security of computer networks are among the responsibilities that require the recruitment of skilled personnel. Addressing the issue of information security and computer network security requires the attention of all users, regardless of job status and age, to the position of information security and computer network security.
Existence of security weakness in computer and information networks, lack of proper training and justification of all users regardless of their job responsibility for the position and importance of information security, lack of necessary instructions to prevent security defects, lack of clear and codified policies And promptly, security issues will lead to issues that harm an organization and the people associated with that organization.
Achieving the three key principles of the security world
In the world of triple security, the principles of confidentiality, integrity, and accessibility are the keys to solving all security problems. Properly covered, it will withstand a lot of adverse conditions. The definition of each of these three principles is as follows.
Confidentiality
Confidentiality means that unauthorized persons do not have access to information. For example, to buy credit cards online, you need to send the credit card number from the buyer to the seller and then to the transaction processing center. In this case, the card number and other information about the buyer and his credit card should not give to unauthorized persons, and this information should be kept confidential.
In this case, to keep the information confidential, the card number is encrypted and remains encrypted during the transferor where it may be stored (in databases, system event logs, backup, print receipts, etc.). Access to information and systems is also restricted. If the unauthorized person obtains the card number in any way, a breach of confidentiality has occurred.
Violations of confidentiality can take many forms. For example, if someone reads confidential information displayed on your computer screen from your shoulder. Or selling or stealing a laptop containing sensitive information. Or giving confidential information over the phone is a violation of all confidentiality.
Integrity
Integration means preventing an unauthorized change of data and detecting a change in the event of unauthorized manipulation of information. Integrity is violated when information is unauthorized altered during transmission and use or storage, or destruction. In addition to the confidentiality of information, information security systems typically ensure its integrity.
Availability
The information must be available when required by authorized persons. This means ensuring that the information storage and processing systems and communication channels used to access information are properly operated and prevented from malfunctioning. High-access systems remain available at all times, even due to power outages, hardware failures, and system upgrades.
One of the ways to make information and information system inaccessible is to make many requests through services from the information system, in which case, because the system does not have the ability and capacity for such a large volume of services, it is completely or partially unable to provide services.
What is database security?
Database security refers to using various information security control methods to protect databases (including data, applications or stored functions, database systems, database servers) against confidentiality, comprehensiveness, and accessibility agreements. Database. This includes various types of control methods, such as technical, procedural, and physical.
Database security is a specialized subject in computer security, information security, and risk management. For example, security risks associated with database systems include:
Malware problems can cause unauthorized access, disclosure of personal or proprietary information, deletion or damage to data or applications, interruption or denial of authorized access to the database, attack on other systems, and unexpected failure of database services.
Design flaws or programming bugs in databases and related programs and systems that cause various security vulnerabilities, such as data loss, data corruption, reduced performance, and so on.
Unauthorized or unwanted activity or misuse by authorized database users, database administrators, system/network administrators, or by unauthorized users and hackers (for example, improper access to sensitive data, metadata or functions within the database, or improper changes to Database applications, structures or security settings);
Overload, performance constraints, and capacity issues and, consequently, authorized users’ inability to use the database.
Physical damage to the database server may occur due to server room fires, floods, overheating, lightning, etc.
Data corruption or loss due to invalid data entry or command, errors in database or system management processes, intentional sabotage or criminal damage, etc.
The most important layers and methods of controlling information security concerning databases should be access control, database auditing, authentication, encryption, data integrity, backup, and application security.
Traditionally, databases have been significantly secured against hackers through networked security mechanisms such as firewalls, network-based intrusion detection systems.
While network security controls are still valuable in this regard, securing database systems and the applications/functions and data within them has become much more critical as networks open up for wider access, especially over the Internet.
In addition, data access systems, applications, functions, and controls, along with related user identification, authentication, and rights management functions, are always important to limit and, in some cases, track the activities of authorized administrators and users.
Many organizations have developed a baseline of security standards and detailed basic security control measures for their database systems.
Vulnerability assessment
One way to assess database security is to perform a vulnerability assessment or database intrusion test. Testers are always trying to find security vulnerabilities that can use to eliminate or circumvent security controls. Database administrators or information security administrators may use automated vulnerability scans, for example, to find configuration errors.
The results of such scans make the database more robust (improve security controls) and close specifically identified vulnerabilities, but unfortunately, other vulnerabilities remain largely unknown.
A continuous monitoring program to comply with database security standards is another important task in the database environment. Two important aspects of database security compliance are patch management and checking and managing permissions (especially public) given to objects within the database.
Abstraction
Application-level access and authentication mechanisms should consider an effective means of providing abstractions at the database layer level.
Monitor database activity
Another layer of security that is more complex in nature involves monitoring database activity, using network traffic protocol analysis (SQL), or viewing local database activity on each server using agents. It is software or both. The use of agents is required to record activities performed on the database server, which usually includes the activities of database administrators.
The analysis can perform to identify known abuses or policy violations or baselines that can record over time to build a natural pattern for detecting abnormal activity that may indicate the intrusion.
In addition to intrusion detection mechanisms, this system can provide a comprehensive sequence of database inspections. Some systems can protect by terminating user sessions or quarantining users who engage in suspicious behavior.
Local inspection
In addition to using monitoring or inspection tools, local database inspection capabilities are available for many databases platforms. A sequence of local inspections can extract regularly and transfer to a designed security system that database administrators do not have access to.
Processes and procedures
A database security program should include regular visits to permissions to personal user accounts and accounts granted by automated processes. An account used by an automated process should have appropriate controls over password storage, such as encryption and adequate access controls to reduce the risk of compromises.
For personal accounts, a type of authentication should consider in a database environment where the risk is commensurate with the costs associate with authentication systems.