www.alljntuworld.

in

Smartworld.asia Specworld.in

DATABASE SECURITY

UNIT-1

INTRODUCTION:
• INTRODUCTION TO DATA BASE SECURITY PROBLEM
IN DATABASE SECURITY CONTROLS CONCLUSIONS:

Database security is a growing concern evidenced by an increase in the number of

reported incidents of loss of or unauthorized exposure to sensitive data. As the
amount of data collected, retained and shared electronically expands, so does the
need to understand database security. The Defence Information Systems Agency
of the US Department of Defence (2004), in its Database Security Technical
Implementation Guide, states that database security should provide controlled,
protected access to the contents of a database as well as preserve the integrity,
consistency, and overall quality of the data. Students in the computing disciplines
must develop an understanding of the issues and challenges related to database
security and must be able to identify possible solutions.

At its core, database security strives to insure that only authenticated users
perform authorized activities at authorized times. While database security
incorporates a wide array of security topics, notwithstanding, physical security,
network security, encryption and authentication, this paper focuses on the
concepts and mechanisms particular to securing data. Within that context,
database security encompasses three constructs: confidentiality or protection of
data from unauthorized disclosure, integrity or prevention from unauthorized data
access, and availability or the identification of and recovery from hardware and
software errors or malicious activity resulting in the denial of data availability.

In the computing discipline curricula, database security is often included as a topic

in an introductory database or introductory computer security course. This paper

pg. 1
Smartzworld.com 1 jntuworldupdates.org

All JNTU World

 www.alljntuworld.in

Smartworld.asia Specworld.in

presents a set of sub-topics that might be included in a database security

component of such a course. Mapping to the three constructs of data security,
these topics include access control, application access, vulnerability, inference,
and auditing mechanisms. Access control is the process by which rights and
privileges are assigned to users and database objects. Application access addresses
the need to assign appropriate access rights to external applications requiring a
database connection. Vulnerability refers to weaknesses that allow malicious users
to exploit resources. Inference refers to the use of legitimate data to infer unknown
information without having rights to directly retrieve that information. Database
auditing tracks database access and user activity providing a way to identify
breaches that have occurred so that corrective action might be taken. As the
knowledge base related to database security continues to grow, so do the
challenges of effectively conveying the material. This paper addresses those
challenges by incorporating a set of interactive software modules into each sub-
topic. These modules are part of an animated database courseware project
designed to support the teaching of database concepts. The courseware covers.

INTRODUCTION

Database technologies are a core component of many computing systems. They

allow data to be retained and shared electronically and the amount of data
contained in these systems continues to grow at an exponential rate. So does the
need to insure the integrity of the data and secure the data from unintended access.
The Privacy Rights Clearing House (2010) reports that more than 345 million
customer records have been lost or stolen since 2005 when they began tracking
data breach incidents, and the Ponemon Institute reports the average cost of a data
breach has risen to $202 per customer record (Ponemon, 2009). In August 2009,
criminal indictments were handed down in the United States to three perpetrators
accused of carrying out the single largest data security breach recorded to date.
These hackers allegedly stole over 130 million credit and debit card numbers by
exploiting a well known database vulnerability, a SQL injection ( Phifer , 2010).

The Verizon Business Risk Team, who have been reporting data breach statistics
since 2004, examined 90 breaches during the 2008 calendar year. They reported
that more than 285 million records had been compromised, a number exceeding

pg. 2
Smartzworld.com 2 jntuworldupdates.org

All JNTU World

 www.alljntuworld.in

Smartworld.asia Specworld.in

the combined total from all prior years of study (Baker et al., 2009). Their
findings provide insight into who commits these acts and how they occur.
Consistently, they have found that most data breaches originate from external
sources, with 75% of the incidents coming from outside the organization as
compared to 20% coming from inside. They also report that 91% of the
compromised records were linked to organized criminal groups. Further, they cite
that the majority of breaches result from hacking and malware often facilitated by
errors committed by the victim, i.e., the database owner. Unauthorized access and
SQL injection were found to be the two most common forms of hacking, an
interesting finding given that both of these exploits are well known and often
preventable. Given the increasing number of beaches to database systems, there is
a corresponding need to increase awareness of how to properly protect and
monitor database systems.

At its core, database security strives to insure that only authenticated users
perform authorized activities at authorized times. It includes the system,
processes, and procedures that protect a database from unintended activity. The
Defence Information Systems Agency of the US Department of Defence (2004),
in its Database Security Technical Implementation Guide, states that database
security should provide “controlled, protected access to the contents of your
database and,in the process, preserve the integrity, consistency, and overall quality
of your data” (p. 9). The goal is simple, the path to achieving the goal, a bit more
complex. Traditionally database security focused on user authentication and
managing user privileges to database objects (Guimaraes, 2006).

This has proven to be inadequate given the growing number of successful

database hacking incidents and the increase in the number of organizations
reporting loss of sensitive data. A more comprehensive view of database security
is needed, and it is becoming imperative for students in the computing disciplines
to develop an understanding of the issues and challenges related to database
security and to identify possible solutions.

Database security is often included as a topic in an introductory database course or

introductory computer security course. However as the knowledge base related to
database security continues to grow, so do the challenges of effectively conveying

pg. 3
Smartzworld.com 3 jntuworldupdates.org

All JNTU World

 www.alljntuworld.in

Smartworld.asia Specworld.in

the material. Further, many topics related to database security are complex and
require students to engage in active learning to fully comprehend the fundamental
nature of database security issues. This paper presents a set of subtopics for
inclusion in a database security component of a course. These sub-topics are
illustrated using a set of interactive software modules.

As part of a National Science Foundation Course, Curriculum and Laboratory

Improvement Grant (#0717707), a set of interactive software modules, referred to
as Animated Database Courseware (ADbC) has been developed to support the
teaching of database concepts. ADbC consists of over 100 animations and
tutorials categorized into four main modules (Database Design, Structured Query
Language [SQL], Transactions and Security) and several sub modules. Interactive
instructional materials such as animations can often be incorporated into the
instructional process to enhance and enrich the standard presentation of important
concepts. Animations have been found to increase student motivation, and
visualizations have been found to help students develop understanding of abstract
concepts which are otherwise considered to be ‘invisible’ (Steinke, Huk, & Floto,
2003). Further, software animations can be effective at reinforcing topics
introduced in the classroom as they provide a venue for practice and feedback.

Specifically, the Security module and corresponding sub-modules will be covered

in this paper. These sub-modules cover six areas: access control, row level
security, application security as portrayed in a security matrix, SQL injections,
database inference, and database auditing.

Database Security Topics:

The following presents an organizational structure for presenting database security

concepts in a course in which database security is one of many topics. As such the
focus is limited and material introductory. While database security incorporates a
wide array of security topics, not withstanding, physical security, network
security, encryption and authentication, this paper focuses on the concepts and
mechanisms particular to securing data. Database security is built upon a
framework encompassing three constructs: confidentiality, integrity and
availability (Bertino & Sandhu, 2005). Confidentiality or secrecy refers to the
protection of data against unauthorized disclosure, integrity refers to the

pg. 4
Smartzworld.com 4 jntuworldupdates.org

All JNTU World

 www.alljntuworld.in

Smartworld.asia Specworld.in

prevention of unauthorized and improper data modification, and availability refers

to the prevention and recovery from hardware and software errors as well as from
malicious data access resulting in the denial of data availability (Bertino, Byun &
Kamra, 2007).

Mapping to these three constructs, a database security component in any course

needs to cover access control, application access, vulnerability, inference, and
auditing mechanisms. The primary method used to protect data is limiting access
to the data. This can be done through authentication, authorization, and access
control. These three mechanisms are distinctly different but usually used in
combination with a focus on access control for granularity in assigning rights to
specific objects and users. For instance, most database systems use some form of
authentication, such as username and password, to restrict access to the system.
Further, most users are authorized or assigned defined privileges to specific
resources. Access control further refines the process by assigning rights and
privileges to specific data objects and data sets. Within a database, these objects
usually include tables, views, rows, and columns. For instance, Student A may be
given login rights to the University database with authorization privileges of a
student user which include read-only privileges for the Course_ Listing data table.
Through this granular level of access control, students may be given the ability to
browse course offerings but not to peruse grades assigned to their classmates.
Many students, today, inherently understand the need for granularity in granting
access when framed in terms of granting ‘friends’ access to their Facebook site.
Limiting access to database objects can be demonstrated through the
Grant/Revoke access control mechanism.

DATABASE VULNERABILITY
A Vulnerability Database is a platform aimed at collecting, maintaining, and
disseminating information about discovered vulnerabilities targeting real
computer systems. Currently, there are many vulnerabilities databases that have
been widely used to collect data from different sources on software vulnerabilities
(e.g., bugs). These data essentially include the description of the discovered
vulnerability, its exploitability, its potential impact, and the workaround to be
applied over the vulnerable system. Examples of web-based vulnerabilities

pg. 5
Smartzworld.com 5 jntuworldupdates.org

All JNTU World

 www.alljntuworld.in

Smartworld.asia Specworld.in

databases are the National Vulnerability Database and the Open Source
Vulnerability Database.

Security breaches are an increasing phenomenon. As more and more databases are
made accessible via the Internet and web-based applications, their exposure to
security threats will rise. The objective is to reduce susceptibility to these threats.
Perhaps the most publicized database application vulnerability has been the SQL
injection. SQL injections provide excellent examples for discussing security as
they embody one of the most important database security issues, risks inherent to
non-validated user input. SQL injections can happen when SQL statements are
dynamically created using user input. The threat occurs when users enter
malicious code that ‘tricks’ the database into executing unintended commands.
The vulnerability occurs primarily because of the features of the SQL language
that allow such things as embedding comments using double hyphens (- -),
concatenating SQL statements separated by semicolons, and the ability to query
metadata from database data dictionaries. The solution to stopping an SQL
injection is input validation. A common example depicts what might occur when a
login process is employed on a web page that validates a username and password
against data retained in a relational database. The web page provides input forms
for user entry of text data. The user-supplied text is used to dynamically create a
SQL statement to search the database for matching records. The intention is that
valid username and password combinations would be authenticated and the user
permitted access to the system. Invalid username and passwords would not be
authenticated. However, if a disingenuous user enters malicious text, they could,
in essence, gain access to data to which they have no privilege. For instance, the
following string, ' OR 1=1 -- entered into the username textbox gains access to the

pg. 6
Smartzworld.com 6 jntuworldupdates.org

All JNTU World

 www.alljntuworld.in

Smartworld.asia Specworld.in

system without having to know either a valid username or password. This hack
works because the application generates a dynamic query that is formed by
concatenating fixed strings with the values entered by the user.
For example, the model SQL code might be:

SELECT Count(*) FROM UsersTable

WHERE UserName = ‘contents of username textbox’

AND Password = ‘contents of password textbox’;

When a user enters a valid username, such as ‘Mary’ and a password of ‘qwerty’,
the SQL query

becomes:

SELECT Count(*) FROM UsersTable

WHERE UserName=‘Mary’

AND Password=‘qwerty’;

However, if a user enters the following as a username: ‘OR 1=1 -- the SQL query
becomes:

SELECT Count(*) FROM UsersTable

WHERE UserName=‘‘ OR 1=1 - -’

AND Password=‘‘;

The expression 1 = 1 is true for every row in the table causing the OR clause to
return a value of true. The double hyphens comment out the rest of the SQL query
string. This query will return a count greater than zero, assuming there is at least
one row in the users table, resulting in what appears to be a successful login. In
fact, it is not. Access to the system was successful without a user having to know
either a username or password. Another SQL injection is made possible when a
database system allows for the processing of stacked queries. Stacked queries are
the execution of more than one SQL query in a single function call from an
application program. In his case, one string is passed to the database system with

pg. 7
Smartzworld.com 7 jntuworldupdates.org

All JNTU World

 www.alljntuworld.in

Smartworld.asia Specworld.in

multiple queries, each separated by a semicolon. The following example

demonstrates a stacked query. The original intent is to allow the user to select
attributes of products retained in a Products table. The user injects a stacked query
incorporating an additional SQL query that also deletes the Customers table.

SELECT * FROM PRODUCTS; DROP CUSTOMERS;

This string when passed as an SQL query will result in the execution of two
queries. A listing of all information for all products will be returned. In addition
the Customers table will be removed from the database. The table structure will be
deleted and all customer data will be lost. In database systems that do not allow
stacked queries, or invalidate SQL strings containing a semicolon this query
would not be executed.

The ADbC courseware sub-module for SQL injections demonstrates the insertion
of malicious code during the login process. The sub-module steps through the
process by first showing the entry of valid data and then demonstrating entry of
malicious code, how it is injected into a dynamically created SQL statement and
then executed. Figure 5 shows the step where malicious code is entered. Figure 6
shows the dynamically created SQL command and the resulting display of all the
data in the user table. Additional steps present code resulting in the modification
or deletion of data.

Figure 6: ADbC SQL Injection Sub-Module: Result of SQL Injection using

Malicious Code

pg. 8
Smartzworld.com 8 jntuworldupdates.org

All JNTU World

 www.alljntuworld.in

Smartworld.asia Specworld.in

Figure 6: ADbC SQL Injection Sub-Module: Result of SQL Injection using

Malicious Code

SQL injection vulnerabilities result from the dynamic creation

of SQL queries in application programs that access a database system. The SQL
queries are built incorporating user input and passed to the database system as a
string variable. SQL injections can be prevented by validating user input. Three
approaches are commonly used to address query string validation: using a black
list, using a white list, or implementing parameterized queries. The black list
parses the input string comparing each character to a predefined list of non-
allowed characters. The disadvantage to using a black list is that many special
characters can be legitimate but will be rejected using this approach. The common
example is the use of the apostrophe in a last name such as O’Hare. The white list
approach is similar except that each character is compared to a list of allowable
characters. The approach is preferred but special considerations have to be made
when validating the single quote. Parameterized queries use internally defined
parameters to fill in a previously prepared SQL statement. The importance of
input validation cannot be overstated. It is one of the primary defense mechanisms
for preventing database vulnerabilities including SQL injections.

DATABASE INFERENCE

A subtle vulnerability found within database technologies is

inference, or the ability to derive unknown information based on retrieved
information. The problem with inference is that there are no ideal solutions to the

pg. 9
Smartzworld.com 9 jntuworldupdates.org

All JNTU World

 www.alljntuworld.in

Smartworld.asia Specworld.in

problem. The only recommended solutions include controls related to queries

(suppression) or controls related to individual items in a database (concealing). In
other words, sensitive data requested in a query are either not provided or answers
given are close but not exact, preventing the user from obtaining enough
information to make inferences. Neither of these represents ideal solutions as they
are restrictive in nature. However, it is important for students to understand the
risks of inference and how it might occur. Examples are the best way to
demonstrate inference.

The ADbC inference sub-module includes three animations that demonstrate how
users might be able to put together (infer) information when data is available to
those with a higher security access level or when they are only given access to
aggregate data. Inference often happens in cases where the actual intent is for
users to generate or view aggregate values when they have not been given access
to individual data items. However, because they are exposed to information about
the data, they are sometimes able to infer individual data values. Take for example
a scenario where a worker desires to find out their co-worker Goldberg’s salary In
this organization, salary data is confidential. The worker has rights to generate
aggregate data such as summarizing organizational salary data averaged across
specific criteria (i.e., salary averaged by gender). Although the worker does not
have access to individual data items, he or she does possess particular and unique
details about Goldberg; specifically that Goldberg is a female and has 11
dependents. Based on this information, the worker can derive an aggregate
function such as

pg. 10
Smartzworld.com 10 jntuworldupdates.org

All JNTU World

 www.alljntuworld.in

Smartworld.asia Specworld.in

SELECT AVG (Salary) FROM EMPLOYEES WHERE Gender = “F” and

Dependents = 11.

This will return Goldberg’s salary because the average is taken from an
aggregated data set of one. The ADbC inference sub-module animation for this
scenario is illustrated in Figure 7. The SQL-command window depicts the
construction of the requested query to ascertain salary averages. Employees Table
data is shown in the upper left and underneath is the result of the query

Figure 7. ADbC Inference Sub-module: Using Aggregate Data to Infer

Information

Inference can also occur when users are able to ascertain information from data
accessible to them at their security level even though that specific information is
protected at a higher security access level. It is difficult to explain this without the aid
of a demonstration. The second example in the ADbC Inference sub-module provides
a scenario where specific data, in this case company product prototype data, is not
made accessible to junior employees. However, junior employees are given access to
update the Storage table that tracks the contents in company storage areas. When
perusing this table, the junior employee is not able to read any rows containing
prototype products. The problem occurs if the employee tries to update a protected
row. This triggers an error message. Based on the error message, the junior employee

pg. 11
Smartzworld.com 11 jntuworldupdates.org

All JNTU World

 www.alljntuworld.in

Smartworld.asia Specworld.in

could surmise that information was being hidden and might infer that something of a
secretive nature was being stored in the storage compartment referenced in the update
request. Figure 8 depicts an error being generated when a junior employee issues a
query against a protected row of data. The table on the top right shows all of the data
contained in the Storage table. The table on the bottom shows the data accessible to
junior employees. Notice that Compartment B containing ProductX is not displayed in
the lower table. A possible solution to this inference problem is polyinstantiation.
Polyinstantiation allows a database to retain multiple records having the same primary
key; they are uniquely distinguished by a security level identifier. If polyinstantiation
were enacted in the proceeding scenario, the insert would be successful. However,
this does not prevent the ‘double booking’ of the storage compartment area.

Figure 8. ADbC Inference Sub-module: Security Level Access Error Leading to

Inference

Developing technological solutions to detecting database inference is complex.

Much of the work done in this area involves revoking access to specific database
objects based on a user’s past querying history (Staddon, 2003). The problem with
inference detection, especially when done at query processing time, is that it
results in a significant delay between the time the query is executed and the results

pg. 12
Smartzworld.com 12 jntuworldupdates.org

All JNTU World

 www.alljntuworld.in

Smartworld.asia Specworld.in

are presented. As with other approaches to mitigating database security

vulnerabilities, trade-offs must be made. The protection of highly sensitive data
requires an examination of what situations could lead to exposure to unauthorized
users and what monitoring policies should be implemented to insure appropriate
responses are enacted.

AUDITING

Database auditing is used to track database access and user activity. Auditing
can be used to identify who accessed database objects, what actions were
performed, and what data was changed. Database auditing does not prevent
security breaches, but it does provide a way to identify if breaches have occurred.
Common categories of database auditing include monitoring database access
attempts, Data Control Language (DCL) activities, Data Definition Language
(DDL) activities, and Data Manipulation Language (DML) activities (Yang,
2009). Monitoring access attempts includes retaining information on successful
and unsuccessful logon and logoff attempts. DCL audits record changes to user
and role privileges, user additions, and user deletions. DDL audits record changes
to the database schema such as changes to table structure or attribute datatypes.
DML audits record changes to data. In addition, database errors should be
monitored (Yang, 2009).

pg. 13
Smartzworld.com 13 jntuworldupdates.org

All JNTU World

 www.alljntuworld.in

Smartworld.asia Specworld.in

Database auditing is implemented via log files and audit tables. The real
challenge of database auditing is deciding what and how much data to retain and
how long to keep it. Several options exist. A basic audit trail usually captures user
access, system resources used, and changes made to the structure of a database.
More complete auditing captures data reads as well as data modifications. The
ADbC auditing sub-module provides step-by-step examples for creating audits of
user sessions, changes to database structure, and modifications to data. Figure 9
shows an example of code required to implement and trigger an audit of a user
login. Data recorded includes the username and the date and time of the user login

and
Figure 9. ADbC Database Audit Sub-module: Monitoring User Logins

An audit trail provides a more complete trace recording of not only user access but
also user actions.
This type of facility is included with many database management systems. The most
common items that are audited include login attempts, data read and data
modifications operations, unsuccessful attempts to access database tables, and
attempts to insert data that violates specific constraints. Figure 10 shows an example
audit trail of user access and user actions as demonstrated in the Audit Command
animation in the ADbC Database Audit sub-module. The SQL Commands window
displays the SQL statement used to retrieve data from the audit table.

pg. 14
Smartzworld.com 14 jntuworldupdates.org

All JNTU World

 www.alljntuworld.in

Smartworld.asia Specworld.in

Figure 10. ADbC Database Audit Sub-module: Example Database Audit Trail

Auditing plays a central role in a comprehensive database security plan. The

primary weakness of the audit process is the time delay between when data is
recorded and when analysis is performed. Consequently, breaches and other
unauthorized activities are identified after the fact, making it difficult to mitigate
adverse effects in a timely manner. However, solutions are being introduced that
allow for real-time monitoring of database activity looking for patterned events
indicative of potential breaches and enacting real-time notification to database
administrators when such actions occur. Whatever the case, database auditing is a
necessary process, and students must be made aware of the need for continuous
monitoring of database log files.

CONCLUSION

The need to secure computer systems is well understood and securing data must
be part of an overall computer security plan. Growing amounts of sensitive data
are being retained in databases and more of these databases are being made
accessible via the Internet. As more data is made available electronically, it can be
assumed that threats and vulnerabilities to the integrity of that data will increase as

pg. 15
Smartzworld.com 15 jntuworldupdates.org

All JNTU World

 www.alljntuworld.in

Smartworld.asia Specworld.in

well. Database security is becoming an increasingly important topic and students

need to develop core understandings in this area. The primary objectives of
database security are to prevent unauthorized access to data, prevent unauthorized
tampering or modification of data, and to insure that data remains available when
needed. The concepts related to database security are multifaceted. This makes it
challenging to teach the material when database security is included as just one
component of a larger course. However, this is how most students are exposed to
the topic. This paper suggested a set of sub-topics in a database security course
component and introduced a set of interactive software modules mapped to each
sub-topic presented. Engaging students in interactive learning activities enhances
the learning experience and provides the opportunity for students to further
explore database security issues and identify practical implementation methods to
database security mechanisms and strategies.

Secure Data Handling

Data handling related to when you view, update, delete, transfer, mail, store, or
destroy data. It also relates to how you transfer the data from one location to
another. Data is not always stored electronically. Occasionally it could be paper
stored in a filing cabinet or in a binder.

Complying with secure best practices when identifying, transmitting,

redistributing, storing or disposing of restricted data.

• Authentication: The process of identifying an individual, usually based on a

username and password. In security systems, authentication is distinct from
authorization , which is the process of giving individuals access to system
objects based on their identity. Authentication merely ensures that the
individual is who he or she claims to be, but says nothing about the access
rights of the individual.

• Encryption: Encryption is the conversion of data into a form, called a

ciphertext, that cannot be easily understood by unauthorized people.
Decryption is the process of converting encrypted data back into its original
form, so it can be understood.

pg. 16
Smartzworld.com 16 jntuworldupdates.org

All JNTU World

 www.alljntuworld.in

Smartworld.asia Specworld.in

The use of encryption/decryption is as old as the art of

communication. In wartime, a cipher, often incorrectly called a code, can be
employed to keep the enemy from obtaining the contents of transmissions.
(Technically, a code is a means of representing a signal without the intent of
keeping it secret; examples are Morse code and ASCII.) Simple ciphers include
the substitution of letters for numbers, the rotation of letters in the alphabet, and
the "scrambling" of voice signals by inverting the sideband frequencies. More
complex ciphers work according to sophisticated computer algorithms that
rearrange the data bits in digital signals.

In order to easily recover the contents of an encrypted signal,

the correct decryption key is required. The key is an algorithm that undoes the
work of the encryption algorithm. Alternatively, a computer can be used in an
attempt to break the cipher. The more complex the encryption algorithm, the more
difficult it becomes to eavesdrop on the communications without access to the
key.

Encryption/decryption is especially important in wireless

communications. This is because wireless circuits are easier to tap than their hard-
wired counterparts. Nevertheless, encryption/decryption is a good idea when
carrying out any kind of sensitive transaction, such as a credit-card purchase
online, or the discussion of a company secret between different departments in the
organization. The stronger the cipher -- that is, the harder it is for unauthorized
people to break it -- the better, in general. However, as the strength of
encryption/decryption increases, so does the cost.

In recent years, a controversy has arisen over so-called strong

encryption. This refers to ciphers that are essentially unbreakable without the
decryption keys. While most companies and their customers view it as a
means of keeping secrets and minimizing fraud, some governments view
strong encryption as a potential vehicle by which terrorists might evade
authorities. These governments, including that of the United States, want to set
up a key-escrow arrangement. This means everyone who uses a cipher would
be required to provide the government with a copy of the key. Decryption keys
would be stored in a supposedly secure place, used only by authorities, and

pg. 17
Smartzworld.com 17 jntuworldupdates.org

All JNTU World

 www.alljntuworld.in

Smartworld.asia Specworld.in

used only if backed up by a court order. Opponents of this scheme argue that
criminals could hack Into the key-escrow database and illegally obtain, steal,
or alter the keys. Supporters claim that while this is a possibility,
implementing the key escrow scheme would be better than doing nothing to
prevent criminals from freely using encryption/decryption.

• Transaction security:

• Audit trail: A record showing who has accessed a computer system and what
operations he or she has performed during a given period of time. Audit trails
are useful both for maintaining security and for recovering lost transactions.
Most accounting systems and database management systems include an audit
trail component. In addition, there are separate audit trail software products
that enable network administrators to monitor use of network resources.

• Physical security: Physical security describes security measures that are

designed to deny access to unauthorized personnel (including attackers or even
accidental intruders) from physically accessing a building, facility, resource,
or stored information; and guidance on how to design structures to resist
potentially hostile acts.[1] Physical security can be as simple as a locked door
or as elaborate as multiple layers of barriers, armed security guards and
guardhouse placement

Secure storage: Storage security is the group of parameters and settings that
make storage resources available to authorized users and trusted networks - and
unavailable to other entities. These parameters can apply to hardware,
programming, communications protocols, and organizational policy.

Several issues are important when considering a security

method for a storage area network (SAN). The network must be easily accessible
to authorized people, corporations, and agencies. It must be difficult for a
potential hacker to compromise the system. The network must be reliable and
stable under a wide variety of environmental conditions and volumes of usage.
Protection must be provided against online threats such as viruses, worms,
Trojans, and other malicious code. Sensitive data should be encrypted.
Unnecessary services should be disabled to minimize the number of potential

pg. 18
Smartzworld.com 18 jntuworldupdates.org

All JNTU World

 www.alljntuworld.in

Smartworld.asia Specworld.in

security holes. Updates to the operating system, supplied by the platform vendor,
should be installed on a regular basis. Redundancy, in the form of identical (or
mirrored) storage media, can help prevent catastrophic data loss if there is an
unexpected malfunction. All users should be informed of the principles and
policies that have been put in place governing the use of the network.

Two criteria can help determine the effectiveness of a storage

security methodology. First, the cost of implementing the system should be a
small fraction of the value of the protected data. Second, it should cost a potential
hacker more, in terms of money and/or time, to compromise the system than the
protected data is worth.

Data backup: Database backup is the process of making a complete secondary

copy of a database or database server for the purpose of recovering the database
following a disaster. Businesses who rely upon databases to conduct business
operations and/or provide services are especially susceptible to the loss of
database information, and therefore generally invest in some form of database
backup. Most database management systems (DBMSs) feature the ability to create
a backup of a given instance locally; however, local data remains susceptible to
loss or damage from accidental deletion, drive or partition errors, or physical
damage due to hardware failure or disaster. A properly conducted database backup
ensures that the most recent copy of operational data is available for recovery.

Backup service providers such as CRC offer the ability to

make complete backups offsite of common database servers such as SQL Server,
Oracle and DB2. In addition, CRC allows users to perform a database backup
without taking the database server offline, a critical consideration when database
functionality is critical to core business tasks.

Databases are also regularly backed up for reporting and

compliance purposes, since regulations imposed by the Federal goverment require
many types of organizations to maintain access to electronic records.

Database backup from providers like CRC also involve

information lifecycle management (ILM), transferring inactive or less frequently-
accessed data to tiered storage, reducing the amount of time involved in a backup

pg. 19
Smartzworld.com 19 jntuworldupdates.org

All JNTU World

 www.alljntuworld.in

Smartworld.asia Specworld.in

while freeing up resources to improve the performance of database-driven

applications.

Secure Connection

a) Wired and wireless:

Wired: why would you use it?

A wired home network is when you connect your computer or other compatible
device to your Virgin Media Hub or Super Hub with an Ethernet cable. With the
introduction of wireless routers, it’s less common these days for a home to only
use a wired network.

The best thing about a wired connection is the reliability and speed it gives you
(wired is faster than wireless). This makes it ideal for things that use a lot of
bandwidth, like playing online games on your Xbox.

What’s great about wired?

• Faster and more reliable than wireless connections

• Less risk of others being able to access your broadband connection
• Easy to set up and troubleshoot
• No extra wireless equipment is needed

What’s not?

• Not so flexible when positioning computers and devices because

• you need to be connected to your Hub using an Ethernet cable
• Not so convenient for users of laptops and other mobile devices
• Supports fewer connections than a wireless.

Wireless: why would you use it?

A wireless network is when your computer (or other wireless compatible device) is
connected to your Virgin Media Hub or Super Hub without any wires.

pg. 20
Smartzworld.com 20 jntuworldupdates.org

All JNTU World

 www.alljntuworld.in

Smartworld.asia Specworld.in

Want to check your emails on your laptop in the garden? No problem. Want to tell
your friends what you’ve been up to on Facebook? You can do that too.

And because you can connect lots of different devices to the web, everyone in your
home can go online at the same time.

What’s great about wireless?

• No wires! So you can connect wherever you want

• Ideal for users of laptops and other mobile devices
• You can connect more devices than via a wired connection
• Very secure when used with the highest strength security settings (WPA
encryption - which comes as standard on our Super Hub)
• You can connect your smartphone to your wireless network for faster
browsing

What’s not?

• Performance can be affected by thick walls, electrical interference etc

• It can be up to 30% slower than wired connections
• Un authorised users might try to use your connection (which is why security is
so important)
• If you have an older computer, a wireless USB adapter may be needed
b) Protocols: An agreed-upon format for transmitting data between two devices.
The protocol determines the following:
• the type of error checking to be used
• data compression method, if any

how the sending device will indicate that it has finished sending a message how
the receiving device will indicate that it has received a message

There are a variety of standard protocols from which programmers can choose.
Each has particular advantages and disadvantages; for example, some are simpler
than others, some are more reliable, and some are faster.

pg. 21
Smartzworld.com 21 jntuworldupdates.org

All JNTU World

 www.alljntuworld.in

Smartworld.asia Specworld.in

From a user's point of view, the only interesting aspect about protocols is that
your computer or device must support the right ones if you want to communicate
with other computers. The protocol can be implemented either in hardware or in
software.

c) Monitor for attacks: Local cellular operators monitor traffic in a bid to pick
up and stop distributed denial of service (DDOS) attacks, before they have a
major impact on service levels to subscribers.
DDOS attacks make use of multiple compromised systems, often infected with
a Trojan, to target a single system, which leads to a denial of service attack.
Victims of these attacks include the end targeted system and all systems
maliciously used and controlled by the hacker.
The only way to pick up the intrusion is to monitor the traffic in real-time to
detect unusual patterns, says Fryer. He adds that most mobile operators and
Internet service providers have deployed a DDOS mechanism, which forms
part of a global DDOS monitoring centre.
Most of the deployments have updated blacklisting capabilities to fend off
attackers, says Fryer. He adds that real-time monitoring is more effective, and
allows Vodacom to block the source IP, although hackers then come back with
a different address.
d) Virus: A computer virus is a computer program that can replicate itself and
spread from one computer to another. The term "virus" is also commonly, but
erroneously, used to refer to other types of malware, including but not limited
to adware and spyware programs that do not have a reproductive ability.

Malware includes computer viruses, computer worms, ransomware, trojan horses,

keyloggers, most rootkits, spyware, dishonest adware, malicious BHOs and other
malicious software. The majority of active malware threats are usually trojans or
worms rather than viruses. Malware such as trojan horses and worms is sometimes
confused with viruses, which are technically different: a worm can exploit security
vulnerabilities to spread itself automatically to other computers through networks,
while a trojan horse is a program that appears harmless but hides malicious
functions. Worms and trojan horses, like viruses, may harm a computer system's
data or performance. Some viruses and other malware have symptoms noticeable

pg. 22
Smartzworld.com 22 jntuworldupdates.org

All JNTU World

 www.alljntuworld.in

Smartworld.asia Specworld.in

to the computer user, but many are surreptitious or simply do nothing to call
attention to themselves. Some viruses do nothing beyond reproducing themselves.

Denial of service : In computing, a denial-of-service attack (DoS attack) or

distributed denial-of-service attack (DDoS attack) is an attempt to make a
machine or network resource unavailable to its intended users. Although the
means to carry out, motives for, and targets of a DoS attack may vary, it generally
consists of efforts to temporarily or indefinitely interrupt or suspend services of a
host connected to the Internet.

Perpetrators of DoS attacks typically target sites or services hosted on high-profile

web servers such as banks, credit card payment gateways, and even root
nameservers. This technique has now seen extensive use in certain games, used by
server owners, or disgruntled competitors on games such as Minecraft. The term is
generally used relating to computer networks, but is not limited to this field; for
example, it is also used in reference to CPU resource management.

One common method of attack involves saturating the target machine with
external communications requests, so much so that it cannot respond to legitimate
traffic, or responds so slowly as to be rendered essentially unavailable. Such
attacks usually lead to a server overload. In general terms, DoS attacks are
implemented by either forcing the targeted computer(s) to reset, or consuming its
resources so that it can no longer provide its intended service or obstructing the
communication media between the intended users and the victim so that they can
no longer communicate adequately.

Denial-of-service attacks are considered violations of the Internet Architecture

Board's Internet proper use policy, and also violate the acceptable use policies of
virtually all Internet service providers. They also commonly constitute violations
of the laws of individual nations.

Man in the middle: The man-in-the-middle attack (often abbreviated MITM,

MitM, MIM, MiM, MITMA, also known as a bucket brigade attack, or sometimes
Janus attack) in cryptography and computer security is a form of active
eavesdropping in which the attacker makes independent connections with the
victims and relays messages between them, making them believe that they are

pg. 23
Smartzworld.com 23 jntuworldupdates.org

All JNTU World

 www.alljntuworld.in

Smartworld.asia Specworld.in

talking directly to each other over a private connection, when in fact the entire
conversation is controlled by the attacker. The attacker must be able to intercept
all messages going between the two victims and inject new ones, which is
straightforward in many circumstances (for example, an attacker within reception
range of an unencrypted Wi-Fi wireless access point, can insert himself as a man-
in-the-middle).

This maneuver precedes computers. A fictional example of a "man-in-the-middle

attack" utilizing a telegraph is featured in the 1898 short story The Man Who Ran
Europe by Frank L. Pollack.

A man-in-the-middle attack can succeed only when the attacker can impersonate
each endpoint to the satisfaction of the other — it is an attack on mutual
authentication (or lack thereof). Most cryptographic protocols include some form
of endpoint authentication ecifically to prevent MITM attacks. For example, SSL
can authenticate one or both parties using a mutually trusted certification
authority.

f) Trusted IP addresses: When you set up your secure zone you can add trusted
IP addresses to is by selecting 'Trusted IP Addresses' menu item. When you
trust one or more IP addresses, any visitor accessing secure content inside
your secure zone will gain instant access to that content without needing to be
registered or log in. Its a great feature for intranet setups such as internal
faculty and staff pages in universities, or even corporate directories.

g) Role-based security: Role-based security is a principle by which developers

create systems that limit access or restrict operations according to a user’s
constructed role within a system. This is also often called role-based access
control, since many businesses and organizations use this principle to ensure
that unauthorized users do not gain access to privileged information within an
IT architecture.

There are many ways to develop a role-based security system. All of them
start with the definition of various roles and what users assigned to those roles
can and can’t do or see. The resulting levels of functionality must be coded
into the system using specific parameters.

pg. 24
Smartzworld.com 24 jntuworldupdates.org

All JNTU World

 www.alljntuworld.in

Smartworld.asia Specworld.in

Object-oriented programming often involves treating a role as an object

relative to certain code modules or functions. In a Microsoft programming
setting, a developer might use a PrincipalPermission object in .Net to examine
an object containing a role designation and to perform security checks. In
other cases, information about an object can be passed to a method for a
security check.

Any role-based security system depends on the code's ability to correctly and
thoroughly control a given user by his or her assigned role and therefore guard
against unauthorized use of proprietary identifiers of a specific role.
Alternative models include mandatory access control, where certain specifics
are coded into an operating system, and discretionary access control, where
some elements of security may be more flexible. For example, a more
privileged user may be able to "pass" access to another user in a simple
discretionary event or process.

h) Port monitorng: Port mirroring is a method of copying and sending network

packets transmitted as input from a port to another port of a monitoring
computer/switch/device. It is a network monitoring technique implemented on
network switches and similar devices.

Port mirroring is implemented in local area networks (LAN), wireless local

area networks (WLAN) or virtual local area networks (VLAN) to identify,
monitor and troubleshoot network abnormalities. It is configured at the
network switch by a network administrator (NA) or network
monitoring/security application. When enabled, the traffic that emerges to and
from a specific port number is automatically copied and transmitted to a
monitoring/destination port. Typically, the destination port is part of the
monitoring software or security application that analyzes these data packets.

The port mirroring process is generally hidden from the source and other
nodes on the network.

Port mirroring is also known as switched port analyzer (SPAN) and roving
analysis port (RAP).

pg. 25
Smartzworld.com 25 jntuworldupdates.org

All JNTU World

 www.alljntuworld.in

Smartworld.asia Specworld.in

Security Policies: Security policy is a definition of what it means to be secure for

a system, organization or other entity. For an organization, it addresses the
constraints on behavior of its members as well as constraints imposed on
adversaries by mechanisms such as doors, locks, keys and walls. For systems, the
security policy addresses constraints on functions and flow among them,
constraints on access by external systems and adversaries including programs and
access to data by people.

• Organization-wide implementation: There is a great need for organizational

leaders to provide data-based evidence that a program or initiative makes a
difference. The authors describe findings from a survey designed to gather
baseline data about changes organizations experience after implementing the
Clinical Practice Model framework, and report how the Clinical Practice
Model Resource Center staff used the survey findings to build the capacity of
individuals accountable for implementing this integrated, interdisciplinary
professional practice framework into the organization's operations.

• People buy-in for enforcement:

• Periodic review of policies in place: This work provides a comprehensive

analysis of a general periodic review production/inventory model with random
(variable) yield. Existence of an order point whose value does not depend on
yield being random is proved in the single period case without specifying the
yield model and using a very general cost structure. When yield is a random
multiple of lot size, the nonorder-up-to optimal policy is characterized for a
finite-horizon model. The finite-horizon value functions are shown to
converge to the solution of an infinite-horizon functional equation, and the
infinite-horizon order point is shown to be no smaller than when yield is
certain.

pg. 26
Smartzworld.com 26 jntuworldupdates.org

All JNTU World