Professional Documents
Culture Documents
Database Management
Database Management
Database Management
Answers:
A database system is designed to solve several problems that arise from traditional file-based systems.
Some of these problems are as follows:
Data redundancy and inconsistency: In traditional file-based systems, data is often duplicated across
multiple files, leading to data redundancy and inconsistency. A database system solves this problem
by providing a centralized location for storing data, eliminating data redundancy and ensuring data
consistency.
Difficulty in accessing data: Traditional file-based systems make it challenging to access data,
particularly when the data is spread across multiple files. A database system solves this problem by
providing tools for easy and efficient data access, such as query languages and indexing.
Data isolation: In traditional file-based systems, data is often isolated and difficult to share between
different applications or users. A database system solves this problem by providing mechanisms for
data sharing and ensuring data integrity and security.
Integrity problems: In traditional file-based systems, data integrity is often compromised due to
human errors, such as incorrect data entry or deletion. A database system solves this problem by
providing tools for data validation, ensuring that data is accurate and consistent.
Atomicity problems: In traditional file-based systems, atomicity problems can arise when multiple
operations are performed on the same data simultaneously. A database system solves this problem by
providing mechanisms for atomicity, ensuring that transactions are either completed entirely or rolled
back entirely.
Concurrent access anomalies: Traditional file-based systems do not provide mechanisms for
concurrent access, leading to data inconsistency and other anomalies. A database system solves this
problem by providing tools for concurrent access control, ensuring that multiple users or applications
can access data simultaneously without compromising data integrity.
Security problems: In traditional file-based systems, data security is often compromised due to the
lack of security mechanisms, such as access control and encryption. A database system solves this
problem by providing robust security mechanisms, ensuring that data is protected from unauthorized
access and other security threats.
Users of Database:
A primary goal of a database system is to retrieve information from and store new
information into the database
A database system has two main types of users: database users and database administrators.
Database users are classified into four categories based on how they interact with the system.
Naive users: These are unsophisticated users who interact with the database system by using
application programs that have been written previously. They typically use forms interfaces to fill in
appropriate fields of the form or simply read reports generated from the database.
Application programmers: These are computer professionals who write application programs that
interact with the database system. They can choose from many tools to develop user interfaces,
including rapid application development (RAD) tools.
Sophisticated users: These users interact with the system without writing programs. Instead, they form
their requests either using a database query language or by using tools such as data analysis software.
Analysts who submit queries to explore data in the database fall in this category.
Database administrator: A database administrator (DBA) has central control over the database system
and is responsible for activities such as schema definition, storage structure and access-method
definition, routine maintenance, and granting authorization for data access. They also carry out
changes to the schema and physical organization to reflect the changing needs of the organization.
2. RDMS
Ans:
A Relational Database Management System (RDBMS) is a software system that manages and
organizes relational databases. RDBMS is based on the relational data model, which organizes data
into one or more tables (or "relations"), with each table consisting of rows and columns.
The RDBMS serves as an interface between the application program and the database. It provides a
set of tools for users to manage and manipulate the data stored in the database. Some of the key
concepts, roles, and functions of RDBMS are:
Data Model: RDBMS is based on the relational data model, which represents data in the form of
tables, columns, and rows. The model defines the relationships between tables and helps to organize
and manage data efficiently.
Data Integrity: RDBMS ensures data integrity by enforcing a set of rules and constraints on the data.
These rules and constraints ensure that the data is accurate, consistent, and valid. For example, the
RDBMS can enforce a unique constraint on a column to ensure that no duplicate values are entered.
Data Security: RDBMS provides various security features to protect the data from unauthorized
access, modification, or deletion. It provides access controls, user authentication, encryption, and
other security features to ensure data privacy and security.
Data Backup and Recovery: RDBMS provides a backup and recovery mechanism to protect the data
from loss due to hardware or software failures, human errors, or natural disasters. It allows users to
backup and restore data from previous states, ensuring business continuity and data availability.
Query Processing: RDBMS provides a set of tools to process and manipulate the data stored in the
database. Users can query the database using SQL (Structured Query Language) or other query
languages to retrieve, insert, update, or delete data from the tables.
In summary, RDBMS is a software system that manages and organizes relational databases
efficiently. It provides a set of tools for users to manage and manipulate data, ensures data integrity
and security, provides backup and recovery mechanisms, and supports concurrency control and
scalability.
Ans:
SQL (Structured Query Language) is a standard programming language used to manage and
manipulate relational databases. The SQL commands are mainly categorized into five categories as:
Data control language (DCL) is a set of SQL commands used to control access to data stored in a
database. DCL commands are used to grant or revoke access privileges to users or roles in a database.
The privileges include read, write, update, and delete permissions.
GRANT: This command is used to grant specific privileges to a user or role. For example, "GRANT
SELECT, INSERT, UPDATE ON Customers TO User1" would grant User1 the ability to select,
insert, and update data in the Customers table.
REVOKE: This command is used to revoke previously granted privileges from a user or role. For
example, "REVOKE INSERT ON Customers FROM User1" would revoke User1's ability to insert
data into the Customers table.
DENY: This command is used to explicitly deny a user or role specific privileges. For example,
"DENY DELETE ON Orders TO User2" would explicitly deny User2 the ability to delete data from
the Orders table.
In addition to these commands, SQL also provides the option to specify the level of access control
using the WITH GRANT OPTION and CASCADE clauses. The WITH GRANT OPTION clause
allows a user or role to grant the same privileges they were granted to other users or roles. The
CASCADE clause is used to propagate changes made to the privileges of a user or role to other
objects that depend on those privileges.
In this scenario, the DBA granted the privilege to use SELECT on the Student table with grant option
to users U1, U2, and U3. U1 gave the same privilege to users U21 and U22 without the grant option,
while U2 granted the same privilege to U22 with the grant option. U22 passed the privilege to U31
without the grant option. U3 authorized U23 and U24, both without the grant option. Each node in the
graph represents a combination of a privilege and a user. SQL DCL also allows the creation of user
roles, which is a set of operations that can be performed by an individual or a group of individuals as
part of a job.
Overall, DCL plays a critical role in ensuring data security and integrity by controlling access to data
stored in a relational database.
Ans:
VPD, or Virtual Private Database, is an important feature of database management systems that
allows fine-grained access control to database objects based on user identities, roles, and privileges.
Virtual Private Database (VPD) also referred as Row-Level Security (RLS). VPD
does not divide the data into different tables or schemas but only hides the data from other
users of the database. VPD allows in defining which rows users may have access to and so it
enables you to enforce security, directly on tables, views or synonyms.
Here are some of the key reasons why VPD is important and why it is needed:
Virtual Private database is needed to protect the confidential and secret information.
You can have one database and control the delivery of the data to the right people
VPD is used for Regulations such as HIPAA and SOX
Security: Server-enforced security (as opposed to application-enforced).
Purposes/benefits: Security requirements necessitate data access be restricted at
row or column level (FGA). One database schema serves multiple unrelated groups or entities
Scalability
Table Customers contains 1,000 customer records.
Suppose we want customers to access their own records only.
Using views, we need to create 1,000 views. Using VPD, it can be done with a single policy
function.
Simplicity
Say, we have a table T and many views are based on T.
Suppose we want to restrict access to some information in T.
Without VPD, all view definitions have to be changed.
Using VPD, it can be done by attaching a policy function to T; as the policy is enforced in
T, the policy is also enforced for all the views that are based on T.
Application Context
PL/SQL Function
Security Policies
Lower cost of ownership. Organizations can reap huge cost savings by building
security once, in the data server, instead of implementing the same security in each
application that accesses data.
Elimination of the “application security problem.” Users cannot bypass security
policies embedded in applications because the security policy is attached to the
data. The same security policy is automatically enforced by the data server, no
matter how a user accesses data, whether through a report-writing tool, a query, or
through an application.
Application transparency. Virtual Private Database is enforced at the database
layer and takes into account application-specific logic used to limit data access
within the database.
Dynamic Security. No need to maintain complex roles and grants.
Multiple Security. You can place more than one policy on each object, as well as
stack them on other base polices.
No backdoors. Users can no longer bypass security polices embedded in
applications, as they are attached to the data.
Implementation of VPD
Virtual Private Database (VPD) enables you to create security policies to control database access at the row and
column level. Essentially, Virtual Private Database adds a dynamic WHERE clause to a SQL statement that is
issued against the table, view, or synonym to which a Virtual Private Database security policy was applied. You
can apply Virtual Private Database policies to SELECT, INSERT, UPDATE, INDEX, and DELETE statements.
VPD enables administrators to define and enforce row level access control policies based on session attributes
using two features called Fine – grained access control: associate security policies to database objects
Application Context: define and access application or session attributes.
Loss prevention of data and protection of data from unauthorized accesses remains important goal of any
database management system. While VIEW can provide fairly granular access control, they have limitations
which make them less than optimal for very finegrained access control. VIEWS are not always practical when
user need a lot of them to enforce user policy.
Application context is functionality specific to Oracle that allows user to set database application variables that
can be retrieved by database sessions. These variables can be used for security context – based or user –
defined environmental attributes. User can identify client host name, an IP address of the connected session, or
the operating system user name of a connected session using application context function SYS_CONTEXT in
conjunction with
predefined user-environment attributes, known as USERENV attributes, which are grouped as a namespace.
SYSTEM
The database session – based application context is managed entirely within Oracle Database. Oracle Database
sets the values, and then when the user exits the session, automatically clears the application context values
stored in cache. Any application that accesses this database will need to use this application context to permit or
prevent user access to that application. Application contexts are useful for the following purposes:
Serving as a holding area for name-value pairs that an application can define, modify, and access
Fine – Grained mechanisms supports access control down to the tuple level. The conventional view mechanisms
have a number of shortcomings. A naïve solution to enforce fine – grained authorization would require the
specification of a view for each tuple or part of a tuple that is to be protected. Moreover, because access control
policies are often different for different users, the number of views would further increase. Furthermore,
application programs
would have to code different interfaces for each user, or group of users, as queries and other data management
commands would need to use for each user, or group of users, the correct view. Modifications to access control
policies would also require the creation of new views with consequent modifications to application programs.
Alternative approaches that address some of these issues have been proposed, and these approaches are
based on the idea that queries are written against the base tables and, then, automatically rewritten by the
system against the view available to the user. These approaches do not require that we code different interfaces
for different users and, thus, address one of the main problems in the use of conventional view mechanisms.
5. Explain concept of how authentication & password security can be provided to Database.
Ans:
Authentication is the process of verifying the identity of a user or entity attempting to access a system
or resource. In the context of a database, authentication involves ensuring that only authorized users
can access and modify the data stored in the database.
To provide authentication and password security to a database, there are several techniques that can
be used. Here are some of the most common ones:
Usernames and passwords: The simplest and most common way to provide authentication is to
require users to provide a username and password when accessing the database. The database stores
the username and password in an encrypted form to prevent unauthorized access.
Role-based access control: With role-based access control, users are assigned different roles or levels
of access based on their job function or other criteria. This can help ensure that only authorized users
have access to sensitive data.
In addition to authentication techniques, there are also several best practices for password security that
can help prevent unauthorized access to a database. These include:
Using strong passwords: Passwords should be at least 8-12 characters long and include a mix of upper
and lower case letters, numbers, and special characters.
Changing passwords regularly: Users should be required to change their passwords every 90 days or
so to prevent them from being compromised.
Storing passwords securely: Passwords should be stored in an encrypted form to prevent them from
being stolen or compromised.
Limiting access: Only authorized users should have access to the database, and access should be
limited to the minimum necessary to perform their job function.
By implementing these techniques and best practices, organizations can provide strong authentication
and password security to their databases and help prevent unauthorized access and data breaches.
6. Database Threat
Databases today are facing different kind of attacks. Before describing the techniques to
secure databases, it is preferable to describe the attacks which can be performed on the
databases. The major attacks on databases can be categorized as shown in Figure. 4.3. These
attacks are further elaborated in the following sections.
Excessive privileges
Privileges of database can be abused in many ways. User may abuse privilege for
unauthorized purpose. Privilege abuse comes in different flavours: Excessive privilege abuse,
legitimate privileges abuse and unused privilege abuse. This type of threat is most dangerous
because authorized users are doing misuse of data. These privileges can be abused and creates
unnecessary risk.
Countermeasures of Privilege Abuse include
1. Access Control policy: Do not grant unnecessary privileges to the user.
2. Legitimate privilege abuse can be stop by a providing good audit trail.
SQL Injections
Database systems are used for the backend functionality. User supplied data as input is
often used to dynamically build sql statements that affect directly to the databases.
There are two types of input injection:
1. SQL Injection
2. NoSQL Injection.
SQL Injection: Targets the tradition database system. It attacks usually involve injecting
unauthorized statements into the input fields of applications.
NoSQL Injection: Targets big data platforms. This type involves inserting malicious
statements into big data components like Hive, Map Reduce.
In SQL and No SQL successful input injection attack can give attacker unrestricted access
to an entire database.
Counter measures of Input Injection
1. Use Stored Procedure instead of implementing direct queries.
2. Implementing MVC Architecture.
Malware
Cybercriminals, state-sponsored hackers, and spies use advanced attacks that blend
Multiple tactics – such as spear phishing emails and malware – to penetrate organizations and
Steal sensitive data. Unaware that malware has infected their device; legitimate users become a
Conduit for these groups to access your networks and sensitive data.
Countermeasures of Malware
Enable firewall protection and Install Antivirus.
Backup Exposure
Backup storage media is often completely unprotected from attack. As a result, numerous
security breaches have involved the theft of database backup disks and tapes. Furthermore,
failure to audit and monitor the activities of administrators who have low-level access to sensitive
information can put your data at risk.
Countermeasures of Backup Exposure
1. Encrypt Databases: By leveraging database auditing along with encryption, organizations can
monitor and control users both inside and outside of the database.
Weak Authentication
Weak authentication schemes allow attackers to assume the identity of legitimate
database users. Specific attack strategies include brute force attacks, social engineering, and
so on. Implementation of passwords or two-factor authentication is a must. For scalability and
ease-of use, authentication mechanisms should be integrated with enterprise directory/user
management infrastructures.
Denial of Service
Denial of Service is a general attack category in which access to network applications or
data is denied to intend user.
Countermeasures of Denial of Service
1. Harden the TCP/IP stack by applying the appropriate registry settings to increase the
size of the TCP connection queue, decrease the connection establishment period, and employ
dynamic backlog mechanisms to ensure that the connection queue is never exhausted.
2. Use a network Intrusion Detection System (IDS) because these can automatically
detect and respond to SYN attacks.
Risk Assessment
Risk assessment is the determination of the extent to which the organization’s information
assets are exposed or at risk.
Risk Control
Risk control is the application of controls to reduce the risks to an organization’s data
and information systems. The following are different risk control strategies
• Defend - The defend control strategy attempts to prevent the exploitation of the
vulnerability
• Transfer- The transfer control strategy attempts to shift risk to other assets, other
processes, or other organizations.
• Mitigate - The mitigate control strategy attempts to reduce the impact caused by the
exploitation of vulnerability through planning and preparation. Eg ICP, BCP, DRP.
• Accept - The accept control strategy is the choice to do nothing to protect a vulnerability
and to accept the outcome of its exploitation.
• Terminate - The terminate control strategy directs the organization to avoid those
business activities that introduce uncontrollable risks.
5MARK:
1. The database security life cycle
Ans:
Database assessment represents the first step within a complete database security life
cycle. Three subsequent steps build upon the results of the assessment.
• Set Policies / Controls – With a complete assessment of database risk and user
profiles available as guidance, the administrator is in a position to define audit and security
policies or “controls”. These policies specify allowed behaviour, disallowed behaviour, and
specifically regulated transactions.
• Monitor and Enforce – Database activity is monitored and enforced according to policy.
Audit data is collected and violations optionally trigger real-time response.
• Measure – Reporting systems measure the results of the previous three phases of the
cycle. Reports serve as a feedback loop for adjusting the lifecycle and help communicate results to
auditors and management.
Statistical Database Security
Statistical databases are designed to provide data to support statistical analysis on populations. The data itself
may contain facts about individuals, but the data is not meant to be retrieved on an individual basis. Users are
granted permission to access statistical information such as totals, counts, or averages, but not information about
individuals. For example, if a user is permitted statistical access to an employee database, he or she is able to
write queries such as:
FROM Employee
but not:
SELECT Salary
FROM Employee
Special precautions must be taken when users are permitted access to statistical data, to ensure that they are
not able to deduce data about individuals. For the preceding example, if there are no restrictions in place except
that all queries must involve COUNT, SUM, or AVERAGE, a user who wishes to find the employee of E101 can
do so by adding conditions to the WHERE line to narrow the population down to that one individual, as in:
FROM Employee
WHERE Dept = 10 AND jobTitle = ‘Programmer’ AND
dateHired > ’01-Jan-2015'; The system can be modified to refuse to answer any query for which only one record
satisfies the predicate. However, this restriction is easily overcome, since the user can ask for total salaries for
the department and then ask for the total salary without that of E101. Neither of these queries is limited to one
record, but the user can easily deduce the salary of employee E101 from them. To prevent users from deducing
information
about individuals, the system can restrict queries by requiring that the number of records satisfying the predicate
must be above some threshold and that the number of records satisfying a pair of queries simultaneously cannot
exceed some limit. It can also disallow sets of queries that repeatedly involve the same records.
Managing Database
Database Management allows a person to organize, store, and retrieve data from a computer. Database
Management can also describe the data storage, operations, and security practices of a database
administrator (DBA) throughout the life cycle of the data. Managing a database involves designing, implementing,
and supporting stored data to maximize its value. Database Management Systems, according to the DAMA
DMBoK, include various types:
Centralized: all the data lives in one system in one place. All users come to that one system to access
the data.
Distributed: Data resides over a variety of nodes, making quick access possible. “Rather than rely on
hardware to deliver high-availability, the Database Management software…is designed to replicate data
amongst the servers” allowing it to detect and handle failures.
Federated: Provisions data without additional persistence or duplication of source data. It maps multiple
autonomous databases into one large object. This kind of database architecture is best for
heterogenous and distributed integration projects. Federated databases can be categorized as:
Loosely Coupled: Component databases construct their own federated schema and typically requires
accessing other component database systems through a multi- database language.
Tightly Coupled: Component systems use independent processes to construct and publish into an
integrated federal schema.
Blockchain: A type of federated database system used to securely manage financial and other types of
transactions.
There are many definitions of data security management, and data security solutions abound. Every organization
must clearly define and communicate the data security program and data security services it offers, as these will
differ slightly from place to place. In general, data security management is:
The practice of ensuring that data, no matter its form, is protected while in your possession and use
from unauthorized access or corruption.
The blending of both digital (cyber) and physical processes to protect data.
The monitoring of data acquisition, use, storage, retrieval, and deletion such that data is not
corrupted at any point in its lineage.
The implementation of technology defenses that prevent data loss prevention from internal
malicious actions or hacking.
Encouraging applications and services developers to test against data security standards to
improve data leak prevention.
The policies that train and govern individuals on the importance of data security and how best to
protect themselves and the business.
The security of data exchanged with external applications or services.
Taking advantage of the use of encrypted cloud storage or encrypted cloud networks to secure
data transfers and sharing.
The management of data center security, even if you benefit from cloud services, to ensure that
your most precious non-people resource is safe.
Data security management practices are not just about sensitive or business-critical information. Data security
management practices protect you and your organization from unintentional mistakes or hackers corrupting or
stealing your precious resources.
Implementing account lockout after failed login attempts.
Due to the often overwhelming prevalence of password authentication, many users forget their credentials,
triggering an account lockout following too many failed login attempts. Upon being locked out of their account,
users are forced to validate their identity -- a process that, while designed to dissuade nefarious actors, is also
troublesome for legitimate users
"Account lockout is, from a user perspective, a jarring and in-your-face experience," said Allan Foster, chief
evangelist at ForgeRock.But the experience is integral to mitigate risk, said Casey Ellis, CTO and founder of
Bugcrowd.
"While inconvenient for legitimate users, it is not too inconvenient -- and it can deter attackers," Ellis said. "It is a
resilient and battle-tested reset strategy that is highly available for multiple use cases."
The default approach to this is to make it harder for potential attackers to compromise accounts. There are two
main techniques used to do this, Foster said. One way is to slow down the authentication cycle by making users
wait longer and longer every time there is an unsuccessful login attempt, he said. The other technique is anomaly
detection. "Account providers can shut down the account when anomalous behavior is detected until they can
connect with the original owner to confirm their identity for authentication," Foster explained.
Enterprises should consider a combination of these three when building an account lockout policy. Bugcrowd's
Ellis recommended Apple's iPhone password lockout policy features. "If you forget or don't properly enter your
password a certain number of times, you will be unable to try logging back in to the device for a short time," he
said. "Subsequent attempts extend the lockout period. This can prove that either the individual entering the
password is a forgetful user or an unauthorized individual attempting to obtain illegitimate access."
It is also critical to weigh exposure risks set by the security group, ForgeRock's Foster said. "Accounts with
different capabilities have different levels of risk, both to the user and to the organization in the event of a
compromise," he said. "Any account where the damage that can be caused is high or is higher than normal
requires a higher level of protection."
If a privileged account shows any indication of attack, the immediate response should be to assume it is an
attack and to lock down the account. Administrators may want to implement unique settings for privileged
accounts, such as a longer account lockout duration and lower account lockout threshold.
While this seems like a commonsense best practice, it's important to consider the nuance of privileged accounts,
Foster said. For example, some privileged accounts may be responsible for planning a response to a security
event. "You don't want the reaction to the threat to also compromise your ability to respond to that threat," he
added.
Analyzing these factors and hypotheticals is critical to successfully creating an account lockout policy that
ensures security needs and UX needs are both met.
"MFA confirms user identity and investigates suspicious logins, while SSO helps organizations directly manage
access to sensitive information by blocking or providing various levels of access to data and applications based
on user identity and context," Kahol said.
Managing identities and access privileges has become even more demanding tasks as many organizations
transition to remote work. Implementing the right policies and settings can empower administrators to manage
and secure every account.