Database Security - Security Problems

Database Security

Topic 1: Security Problems

Learning Outcomes

  • Define "Database Security" and "Sensitive Data".
  • Identify database security vulnerabilities, threats, and risks.
  • Suggest database security best practices to address and mitigate the threats.

Contents & Structure

  • Database Security Overview
  • Database Security Vulnerabilities, Threats & Risks
  • Database Security Best Practices

Definition: Database Security

  • Database security is the set of measures, policies, and practices employed to protect a database from unauthorized access, manipulation, or destruction.
  • Database security policies are designed to prevent sensitive data exposure and ensure the availability and integrity of records stored within a database system.

Definition: Sensitive Data

  • Sensitive data is any kind of information that is protected against unwarranted disclosure.
  • It involves a wide range of categories, including personal data, financial information, proprietary details, health records, or trade secrets.

Discussion Points (APU Registration Data)

  • List 10 data points provided to APU during registration.
  • Identify which of these data points are considered sensitive.
  • List 5 other data points stored in/by APU.
  • Identify which of these are considered sensitive.

Security News & Recurring Data Breaches in Malaysia

  • Malaysia ranked as the eighth most breached country in Q3 2023 with 494,699 leaked accounts (Surfshark).
    • Breach rate was 144% higher in Q3 2023 than in Q2 2023.
    • Approximately four Malaysian user accounts were leaked every minute in Q3 2023.
  • In 2020, a significant data breach in Malaysia exposed the personal information of millions of citizens.
  • In December 2022, almost 13 million Malaysian citizens were impacted by a large data breach involving Maybank, Astro, and the Election Commission.
  • As of January 2023, the Netherlands reported the highest number of personal data breaches in Europe since GDPR implementation, with around 117,434 breaches. Germany ranked second with over 76,000.
  • Japan's space agency (JAXA) suffered a cyber attack.

Information Systems (IS)

  • An information system comprises components working together to produce and generate accurate information.
  • Central to any Information System is the database that contains all the required data and information that the organization acquires, processes, generates, stores and uses to run its business

Data vs Database vs DBMS

  • Data: One of an organization’s most valuable assets, critical for all individuals and organizations to function properly.
  • Database: An organized collection of structured data to make it easily accessible, manageable, and updatable.
  • DBMS: A Database Management System (DBMS) such as MS-SQL, MySQL, or Oracle is used to manage databases.
    • Integrated system to store, manage, and secure structured data and develop applications to create data structures and manipulate data.
  • DBMS Advantages:
    • Better control on access and security such as encryption.
    • Better activity tracing and auditing capabilities.
    • Efficient backup and recovery management.
    • Reduced data redundancy and increased consistency.

Discussion Points (Data Differentiation)

  • Differentiate between data and Information.
  • Differentiate between structured and unstructured data.

Database Security Problems

  • Data is very valuable, making it subject to misuse, damage, loss, or theft.
  • Problems can arise in various ways:
    • Unauthorized access to steal valuable data.
    • Damage caused by unauthorized persons.
    • Damage caused by authorized persons or applications.
    • Other damages caused by power interruptions, hardware, OS, or software failure.

Definitions: Vulnerability, Threat, and Risk

  • Vulnerability: Weakness in the system that makes the data vulnerable to unauthorized access, manipulation, or destruction by authorized/unauthorized individuals.
  • Threat: Security attack that can happen any time because of security vulnerabilities.
  • Risk: Damage that can happen if the threat attack happens.

DB Security Vulnerability Access Points

  • People
  • Applications
  • Network
  • Operating System
  • DBMS
  • Data Files
  • Data

DB Security Vulnerabilities

  • Human: Insufficient training, carelessness, or ill intention.
  • Applications: Bugs in the application software, typically unpatched and developed using outdated technology or without good security features. Default values and/or misconfigurations can leave loopholes in systems.
  • Network & Hardware: Weaknesses within an organization’s access infrastructure that allow cyber attackers to gain access and cause harm. Old or low-quality hardware.
  • Operating System (OS): Caused by exposures within an OS, typically unpatched and outdated OS.
  • DBMS Applications: Bugs in the DBMS software, typically unpatched. Old versions being used. Default values and/or misconfigurations can leave loopholes in the systems.
  • Data files and data: Data not properly classified and protected.

DB Security Threats & Risks

  • Unauthorized Access / Social Engineering Attack:
    • Explanation: Access by persons that should NOT have access to the system and data.
    • Risks: Data Theft - data is stolen.
  • Insider Threat / Privilege Abuse:
    • Explanation: Intentional unlawful activity performed by employees with legitimate access to the system and data.
    • Risks: Data Leakage – data is intentionally exposed to other parties.
  • Human Error:
    • Explanation: Unintentional Mistakes or unlawful activity performed employees with legitimate access to the system and data
    • Risks: Data Corruption – data become unusable (partial or fully).
  • Hardware failure:
    • Explanation: Failure of computing, network, or storage devices.
    • Risks: Data Corruption or Data Unavailable (temporary or permanent).
  • Denial of Service Attack:
    • Explanation: Intentional activities that jams up the system to a level that it stops functioning.
    • Risks: Data Unavailable (temporary).
  • SQL Injection:
    • Explanation: Illegitimate access or manipulation of data.
    • Risks: Data Stolen or Data Corruption.
  • Ransomware Attack:
    • Explanation: Computer malware that is used to hijack data ownership.
    • Risks: Data Unavailable (temporary or permanent).
  • Operating System or Application bug:
    • Explanation: Software malfunction that results in accidental data corruption or deletion.
    • Risks: Data Unavailable (permanent).
  • Computer virus:
    • Explanation: Computer malware that is used to corrupt the data.
    • Risks: Data Unavailable (permanent).

Discussion Points (Threat Mitigation)

  • Identify the threats that can be avoided.
  • What actions can address these threats?
  • Identify the threats that cannot be avoided.
  • What actions can mitigate the risks associated with these threats?

Securing Database Environment

  • The database server (physical or virtual machine) hosts the database.
  • Securing the host, also known as "hardening," involves stringent measures for physical and network access, including securing the server’s OS.
  • Databases are nearly always network-accessible; any security threat to any component within the network infrastructure is also a threat to the database.
  • Attacks impacting a user’s device or workstation can threaten the database.
  • Database security must extend far beyond the confines of the database alone.
  • When evaluating database security, consider:
    • Physical security
    • Administrative and network access controls
    • End user account/device security
    • Encryption
    • Database software security
    • Application/web server security
    • Backup security
    • Auditing

Security Methods

  • People:
    • Individuals who have been granted privileges and permissions to access applications, networks, servers, databases, data files, and data.
    • How to Secure:
      • Establishment of security policies/procedures.
      • Physical limits on access to HW and documents.
      • Identification and authentication.
      • Training on the importance of security and how to protect information assets.
  • Applications:
    • Application design and implementation, including privileges and permissions granted to people.
    • Caution: Too loose permission results in violation of data access, and too strict permission compromises availability.
    • How to Secure:
      • Authentication and authorization of users who access applications.
      • Good design - hide database implementation details, perform code reviews, implements good error handling and not user facing.
      • Business rules to limit access.
      • Prevent SQL Injection.
      • Patched to the latest version.
  • Network:
    • Is the most sensitive security access point.
    • Use best effort to protect the network.
    • How to Secure:
      • Firewalls.
      • VPN.
      • Authentication.
  • Operating System:
    • The authentication to the system and the gateway to the data.
    • How to Secure:
      • User accounts/authentication/authorization.
      • Intrusion detection.
      • Password policy.
      • Patched to the latest version.
  • DBMS:
    • Holds our data
    • Logical structure of the database, include memory, executables, and other binaries.
    • How to Secure:
      • Authentication & Authorization of People & Application
      • Database Encryption
      • Password Policy
      • Database Auditing
      • Backup Database
      • Replication / Redundancy
  • Data Files:
    • Physical files.
    • How to Secure:
      • File encryption, permission management, and access monitoring.
  • Data:
    • Actual data as can been seen by the users.
    • How to Secure:
      • Validation, constraints, encryption, access control.

Database Security Best Practices

  • Permission Management / Access Control
  • Authentication
  • Authorization/Privileges
  • Role-based access control (RBAC)
  • Data protection
  • Obfuscation - Anonymization, Masking, Hashing, Encryption
  • Backup
  • High Availability
  • User action validation to protect against accidental or intentional data loss
  • Auditing – passive
    • Try to identify what could happen (potential risk) - future
    • Captured what happened – past
  • Monitoring - active
    • Keeping track of is happening (monitoring) – present

Discussion Points (Database Security Evaluation)

  • What is Database Security?
  • Where or what can be the security weaknesses in the system?
  • Identify common security threats specifically for databases and their hosting environment.
  • List the database security scope of evaluation.

Summary / Recap of Main Points

  • Definition of Database Security
  • Type of threats in context of database security
  • Database security scope of evaluation

Preparation for Next Class

  • Research operating system (OS) security principles.

What To Expect Next Week In Class

  • OS and Security Principles.