Security Issues with Databases

Security Issues with Databases - 1 Current state of...

This preview shows page 1 - 4 out of 10 pages.

1. Current state of database security A database is a system that is specialized to manage data in a computer application system. Data has many forms, such as text, digital, symbols, graphics, images and sound. The database systems are integral components of current and future command, communication, control and intelligence information systems. (Lunt, 1992, p. 253) Databases are used widely in our life. Because of databases, vast amounts of data have become easier to use and manage. Government, finance, operators, public security, energy, taxation, business, social security, transportation, health, education, e-commerce and corporate sectors have all set up their own database application systems in order to keep tremendous amounts of data in the database to manage and use, leading society into the information era. Meanwhile, with the development of the internet, databases play an even more import role, as they are invoked in website design and network marketing, including inquiries or information gathering of products, Press Releases, etc. However, information technology is a double-edged sword. While bringing about social progress and development, it also brings a lot of potential safety hazards. For databases, the potential safety hazards are great, due to its ubiquity, as can be seen in the various situations where database security incidents happen. Examples are: a systems development engineer invades the mobile central database via the Internet to steal prepaid cards; a hospital database system is illegally invaded, resulting in tens of thousands of patients’ privacy information being stolen; a DBA in a game-design company modifies the data illegally in the database to steal game cards; hackers use SQL injection attacks, invading a database center of anti-virus software to steal a large amount of confidential
Image of page 1

Subscribe to view the full document.

information, leading to tremendous losses for the anti-virus software company; an internal database on a stock exchange market is invaded by stock hackers and loses many internal reports of the Securities and Exchange Commission, etc. How to protect database information effectively becomes the most interesting issue in the Information Security industry. According to the latest database security report, ESG says confidential data breaches often occur. (Oltsik, 2009, p.2) A survey shows that an alarming 56% of large organizations suffered data breaches over the past 12 months, with 15% experiencing multiple data breaches and 40% claiming to have a single data breach (see Figure 1). [pic] (Figure 1) the percent of confidential data breach within the last 12 months (Oltsik, 2009, p.2) What are the ways that database security can be compromised? How do we protect against them? 2. Issues affecting database security There are many potential routes for database vulnerabilities. We will concentrate on only four: 1. Insider attack. 2. Application security (including SQL Injection). 3. Mis- configured and/or unpatched database. 4. Database mis-labeled.[1] The first major concern in database security is an insider attack. Especially in an era of economic uncertainty, such as today, the possibility of a trusted employee using
Image of page 2
proprietary company data as an asset to be sold is increasing. This form of industrial
Image of page 3

Subscribe to view the full document.

Image of page 4
  • Spring '13

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern