UNIT 5

Database security challenge in the modern world

Database security is a critical aspect of information security in the modern world.
Here are some of the key challenges:

1. Data Quality: Techniques and organizational solutions are needed to assess

and attest the quality of data12. This includes mechanisms such as quality
stamps, integrity semantics verification tools for data quality assessment,
and application-level recovery techniques to automatically repair incorrect
data12.
2. Intellectual Property Rights: As the use of the Internet and intranet
increases, legal and informational aspects of data are becoming major
concerns for many organizations2. Techniques like watermarking are used to
protect content from unauthorized duplication and distribution2.
3. Database Survivability: Database systems need to operate and continue
their functions, even with reduced capabilities, despite disruptive events
such as information warfare attacks2. A DBMS should be able to take
immediate action to eliminate the attacker’s access to the system, isolate or
contain the problem, determine the extent of the problem, recover corrupted
or lost data, reconfigure to allow operation to continue in a degraded mode
while recovery proceeds, and identify the weakness exploited in the attack
and take steps to prevent a recurrence2.
4. Authentication and Authorization: Ensuring that only authorized users
can access the database is one of the biggest challenges of database
security2.
5. Evolution of Security Concerns: Factors such as the evolution of security
concerns, the “disintermediation” of access to data, new computing
paradigms and applications, such as grid-based computing and on-demand
business, have introduced both new security requirements and new contexts
in which to apply and possibly extend current approaches3.

These challenges highlight the need for robust data security measures that guard
against insider threats and human error, which continue to be among the primary
causes of data breaches in the modern day1. It’s important to use tools and
technology that improve the organization’s visibility into where its crucial data is
located and how it is used1.

Federated Databases
Federated databases are a type of meta-database management system (DBMS) that
transparently maps multiple autonomous database systems into a single federated
database1. Here are some key points about federated databases in the context of
information security:

1. Security Risks: Federated database systems can introduce new security

risks, as data may be accessed by users from multiple organizations or
networks2. Ensuring the security of the data and access control can be a
major challenge in a federated database system2.
2. Data Federation: Data federation helps organizations ensure their data is
secure by using encryption techniques which make accessing this data
difficult for those who don’t have authorization3. With these processes in
place, it helps to ensure that information is secure while also sharing your
data with the right people, like teammates, co-workers, or clients3.
3. Federated Identity Management: Federated identity management enables
users to access multiple independent systems using a single set of
credentials4. This approach simplifies the authentication process, reduces the
number of passwords users need to remember, and enhances security4.
4. Actionable Intelligence: Federated databases can provide law enforcers
with targeted responses that maximally disrupt a criminal network5. For
example, social network analyses can be used to identify key players and
predict player succession5.

These points highlight the importance of federated databases in information

security, and the challenges and opportunities they present. It’s important to note
that while federated databases can enhance security, they also require careful
management to mitigate potential risks.

Securing Mobile databases

Securing mobile databases is a critical aspect of information security. Here are
some key points:

1. Evaluate Open Source Codes or Third-party Libraries: It’s important to

evaluate any open source codes or third-party libraries used in the mobile
application for potential vulnerabilities1.
2. Implement SSL/TLS Security Layer: Implementing a Secure Sockets
Layer (SSL) or Transport Layer Security (TLS) can help protect data during
transmission1.
3. Optimizing Data Caching: Optimizing data caching can help protect
sensitive information stored on the device1.
4. Protect Local Storage Data: Protecting data stored locally on the device is
crucial, as mobile devices can be easily lost or stolen1.
5. Preventing Client Side Injection: Implementing measures to prevent
client-side injection attacks can help protect the integrity of the database 1.
6. Mobile Database Security Infrastructure: A mobile database security
infrastructure is needed to ensure the confidentiality of mission-critical
 information2. This infrastructure should apply the same security
requirements to the elements of the database replicated on mobile devices as
it does to a central company database2.

Remember, while these measures can enhance the security of mobile databases,
they also require careful management to mitigate potential risks. It’s important to
stay updated with the latest security practices and threats in the mobile
environment.

Network Security
Network security is a critical aspect of information security. It involves the
policies, processes, and practices adopted to prevent, detect, and monitor
unauthorized access, misuse, modification, or denial of a computer network and
network-accessible resources1. Here are some key points about network security:

1. Aims of Network Security: Network security has three chief aims2:

o To prevent unauthorized access to network resources.
o To detect and stop cyberattacks and security breaches in progress.
o To ensure that authorized users have secure access to the network
resources they need, when they need them.
2. Types of Network Security Technologies: Network security systems work
at two levels: at the perimeter and inside the network2. To build network
security systems, security teams combine the following tools2:
o Firewall: Software or hardware that stops suspicious traffic from
entering or leaving a network while letting legitimate traffic through.
o Network Access Control (NAC): Solutions act like gatekeepers,
authenticating and authorizing users to determine who is allowed into
the network and what they can do inside.
3. Physical Network Security: This includes protecting the data and network
through unauthorized personnel from acquiring control over the
confidentiality of the network3.
4. Technical Network Security: It primarily focuses on protecting the data
stored in the network or data involved in transitions through the network3.
5. Administrative Network Security: This level of network security protects
user behavior like how the permission has been granted and how the
authorization process takes place3.

Remember, while these measures can enhance the security of networks, they also
require careful management to mitigate potential risks. It’s important to stay
updated with the latest security practices and threats in the network environment.

Trusted and untrusted networks

In the context of information security, networks are often categorized as either
“trusted” or “untrusted”:

1. Trusted Networks: These are the internal enterprise networks or the

corporate local area networks (LAN). They are considered secure because
they are managed and controlled by the organization1. Trusted networks are
protected by security measures such as firewalls and access control
mechanisms2.
2. Untrusted Networks: These refer to the universe beyond the perimeter
router. Typically, the Internet is considered an untrusted network and is
considered highly hostile1. Untrusted networks are outside the organization’s
control and therefore pose a higher risk of security threats3.

The separation between trusted and untrusted networks is crucial for maintaining
network security4. This separation can be achieved through various means,
including encryption, device partitioning, and network traffic filtering4. In the
context of VoIP and IP networking, trusted and untrusted zones are defined by
where the security control devices are located5.

However, connecting trusted and untrusted networks can pose significant security
challenges. For instance, untrusted clients could contain malware that threatens the
security of the trusted network3. Therefore, careful management and robust
security measures are required when dealing with both trusted and untrusted
networks.

Network attacks
Network attacks are unauthorized actions on the digital assets within an
organizational network. They are usually executed by malicious parties to alter,
destroy, or steal private data1. Here are some common types of network attacks:

1. Active Attacks: These are a type of cybersecurity attack in which an

attacker attempts to alter, destroy, or disrupt the normal operation of a
system or network2. Types of active attacks include:
o Masquerade: An attacker pretends to be someone else to gain access
to systems or data2.
o Modification of Messages: Some portion of a message is altered or
that message is delayed or reordered to produce an unauthorized
effect2.
o Repudiation: An attacker attempts to deny or repudiate actions that
they have taken, such as making a transaction or sending a message2.
2. Malware: This is short for malicious software which is specifically
designed to disrupt, damage, or gain authorized access to a computer
system3.
 3. DoS (Denial of Service): A DoS attack renders a network, host, or other
pieces of infrastructure unusable by legitimate users3.
4. DDoS (Distributed DoS): DDoS is a type of DOS attack where multiple
compromised systems are used to target a single system causing a Denial of
Service (DoS) attack3.

Remember, network security is responsible for preventing these attacks on the

network infrastructure4. It’s important to stay updated with the latest security
practices and threats in the network environment.

Network security dimensions

Network security is a broad field with several dimensions. Here are some key
dimensions of network security:

1. Physical Network Security: This includes protecting the data and network
through unauthorized personnel from acquiring control over the
confidentiality of the network1.
2. Technical Network Security: It primarily focuses on protecting the data
stored in the network or data involved in transitions through the network1.
3. Administrative Network Security: This level of network security protects
user behavior like how the permission has been granted and how the
authorization process takes place1.
4. Access Control: Not every person should have a complete allowance for the
accessibility to the network or its data1.
5. Confidentiality: The degree of confidentiality determines the secrecy of the
information2.
6. Authentication: Authentication is the mechanism to identify the user or
system or the entity2.
7. Integrity: Integrity gives the assurance that the information received is
exact and accurate2.
8. Non-Repudiation: Non-repudiation is a mechanism that prevents the denial
of the message content sent through a network2.
9. Availability: The principle of availability states that the resources will be
available to authorize party at all times2.

These dimensions highlight the complexity of network security and the need for a
multi-faceted approach to protect against a wide range of potential threats.

Network attack – the stages

Network attacks typically follow a sequence of stages, often referred to as the
“Cyber Attack Lifecycle” or “Cyber Kill Chain”. Here are the common stages of a
network attack12:
 1. Reconnaissance: This is the first step in a cyber attack, where attackers
observe, research, and plan potential targets that satisfy their needs or
mission12. They gather information about their targets through publicly
available sources and websites, and look for vulnerabilities within the
organization’s network which they can exploit12.
2. Weaponization and Delivery: After the initial reconnaissance stage,
attackers breach the organization’s network and install malware or any other
viruses or a reverse shell program through which they gain unfettered access
to their targeted network12. Some of the common weaponization tactics
involve ransomware, spear phishing attacks, and password attacks12.
3. Exploitation: Based on the information identified in the previous stage, the
cybercriminals start an exploit against any weakness found in the network
system12. They exploit using an exploit kit or weaponization document12.
After the attackers have placed themselves inside the network, they can go
anywhere within the network12.
4. Installation and Command & Control (C2): After exploiting the
vulnerabilities, attackers install malicious software (malware) on the
victim’s system and establish a command and control channel to continue
the attack2.
5. Actions on Objectives: This is the final stage where attackers take actions
to achieve their objectives, which could be data exfiltration, data
destruction, or disruption of services2.

Understanding these stages can help in developing effective strategies to detect,

prevent, and respond to network attacks.

Network attack – using firewalls effectively

Firewalls play a crucial role in preventing network attacks. They serve as a
protective barrier that can protect your network by preventing unauthorized
access12. Here are some ways to use firewalls effectively in network attack
prevention:

1. Activate Pre-installed Firewalls: Most operating systems and security

software come with a firewall pre-installed1. Activate those features and
adjust the security settings to guarantee that updates are performed
automatically1.
2. Use Both Hardware and Software Firewalls: Firewalls are available in
both software and hardware1. A hardware firewall is a physical device which
sits between your network and your gateway, similar to a broadband router1.
A software firewall is an internal program that works with port numbers and
programs on your computer1.
3. Implement Firewall Rules: The traffic is analyzed by a firewall network
based on rules1. The system only accepts connections that have been
 configured to work with it1. Blocking or granting access to specific data
packets conveyed over digital networks is made easier using pre-established
rules1.
4. Use Cloud-based Firewalls: Cloud-based firewalls, often known as
Firewall as a Service (FaaS), are also available1. One of the advantages of
cloud-based firewalls is that they can scale with your business and, like
hardware firewalls, are effective at perimeter protection1.
5. Regularly Update and Patch Your Firewall: Regularly updating and
patching your firewall is crucial to ensure it can protect against the latest
threats3.

Remember, while firewalls can significantly enhance network security, they are
just one part of a comprehensive security strategy. It’s important to also consider
other security measures such as intrusion detection systems (IDS), secure network
architecture, and security policies3.

Privacy – Privacy invasion due to direct marketing

Direct marketing, which involves reaching out to consumers directly with
personalized messages, can sometimes lead to privacy invasion. Here are some key
points:

1. Data Proliferation: Marketing thrives on data—the more, the better1.

However, the accumulation of large volumes of data can be a potential risk
to the individuals whose data are being processed (e.g., if the information is
inappropriately leaked) or to the organization processing the data (because
of the potential regulatory and reputational impact of data leaks)1.
2. Conflicting Relationship: There is often a conflicting relationship between
direct marketing practices and evolving privacy legislation2. Customers are
more interested in their privacy nowadays, and do not always want to hear
about targeted offerings2.
3. Data Deletion: For organizations, the safe advice seems to be this: delete all
the personal data from your CRM systems and focus on aggregated non-
identifiable data to produce generic marketing campaigns2.
4. Privacy Compliance: Nearly 1 out of every 5 marketers report privacy
compliance as their main concern across marketing channels, especially as
regulation continues to evolve across regions1.
5. Better Privacy Protection: The notion that better privacy protection
hampers targeting or sales can use some refinement1. Done correctly, the
implementation of appropriate privacy practices actually supports effective
marketing and drives measurable improvements in bottom line results1.

These points highlight the importance of balancing direct marketing practices with
privacy concerns. It’s crucial for organizations to respect user privacy and comply
with relevant regulations while conducting direct marketing activities.
Privacy –Outsourcing using data masking
Data masking, also known as data obfuscation, is a technique used to protect
sensitive data12. It replaces the actual data with modified content like characters or
numbers, creating an alternate version of data that cannot be easily identifiable or
reverse engineered12. Here are some key points about using data masking in
outsourcing:

1. Protects Sensitive Data: Data masking is ideal when you need to use or
share data but must protect it for privacy and security reasons3. It allows
outsourcing of data-related tasks to third-party vendors without
compromising the security43.
2. Reduces Risks: Data masking decreases security risks when viewing data
analytics4. It also avoids risks associated with outsourcing any project2.
Because most organizations merely rely on trust when dealing with
outsourced persons, masking prevents data from being misused or stolen2.
3. Types of Data Masking: There are several types of data masking types you
can use depending on your use case2. Of the many, static and on-the-fly data
masking are the most common2. Static data masking generally works on a
copy of a production database2. Dynamic data masking (also known as on-
the-fly data masking) masks data while it is transferred from production
systems to test or development systems before the data is saved to disk1.

These points highlight the importance of data masking in outsourcing. It’s crucial
for organizations to respect user privacy and comply with relevant regulations
while conducting outsourcing activities.

Privacy issues in smart card applications

Smart cards, which are small portable computers usually the size of a credit card,
are used in various applications including secure transactions, access control, and
identification purposes1. However, they also raise several privacy issues:

1. Data Confidentiality: Unauthorized remote monitoring and communication

protocol exploitation can lead to breaches in data confidentiality23. This is
particularly concerning in biometric smart ID cards, which combine
biometric and smart card technologies to create a digital identity for an
individual4.
2. Data Integrity: Attacks on smart card-based systems and applications can
compromise the integrity of the data stored on the cards23.
3. Data Availability: Denial of Service (DoS) attacks can disrupt the
availability of data in smart card-based systems and applications23.
4. Excessive Profiling: There are concerns about excessive profiling of users,
particularly with the use of biometric smart ID cards4.
 5. Potential Vulnerabilities: The technology’s potential vulnerabilities are a
concern, especially as they relate to security and privacy threats4.

These issues highlight the need for robust security measures and privacy
protections when using smart card applications. It’s crucial for organizations to
respect user privacy and comply with relevant regulations while using these
technologies.

Ethical Hacking
Ethical hacking, also known as white-hat hacking, is the practice of performing
security assessments using the same techniques that hackers use, but with proper
approvals and authorization from the organization you’re hacking into12. Here are
some key points about ethical hacking:

1. Purpose: The goal of ethical hacking is to use cybercriminals’ tactics,

techniques, and strategies to locate potential weaknesses and reinforce an
organization’s protection from data and security breaches2.
2. Types of Ethical Hackers1:
o White Hat Hackers: They look for bugs and ethically report them to
the organization. They are authorized as a user to test for bugs in a
website or network and report it to them1.
o Black Hat Hackers: They unethically enter inside the website and
steal data from the admin panel or manipulate the data1.
o Grey Hat Hackers: They sometimes access the data and violate the
law. But they often operate for the common good1.
3. Education and Certification: To become a white hat hacker, you can earn
a bachelor’s degree in computer science, information technology, or
cybersecurity. In addition, certifications such as Certified Ethical Hacker
(CEH) and Certified Information Systems Security Professional (CISSP) are
highly recommended1.
4. Career Opportunities: The present threat of cybercrime combined with the
shortage of experienced information security professionals has created a
crisis for businesses, organizations, and governmental entities, according to
Forbes. It also presents a unique opportunity for a career path2.

Remember, while ethical hacking can significantly enhance network security, it

also requires careful management to mitigate potential risks. It’s important to stay
updated with the latest security practices and threats in the network environment.

Role of Cryptography in information security

Cryptography plays a crucial role in information security. It is the science that
applies complex mathematics and logic to design strong encryption methods1. Here
are some key points about the role of cryptography in information security:

1. Data Confidentiality: Cryptography ensures data confidentiality by

encrypting sent messages using an algorithm with a key only known to the
sender and recipient2. This prevents unauthorized access to information1.
2. Data Integrity: Cryptography ensures information is not altered while in
storage or during transit between the sender and the intended recipient2. For
example, digital signatures can detect forgery or tampering in software
distribution and financial transactions2.
3. Authentication: Cryptography can confirm the authenticity of a message2.
It uses algorithms and mathematical concepts to transform messages into
difficult-to-decipher codes through techniques like cryptographic keys and
digital signing to protect data privacy, credit card transactions, email, and
web browsing2.
4. Non-Repudiation: Cryptography confirms accountability and responsibility
from the sender of a message, which means they cannot later deny their
intentions when they created or transmitted information2.
5. Availability: The principle of availability states that the resources will be
available to authorize party at all times1.

Remember, while cryptography can significantly enhance information security, it

also requires careful management to mitigate potential risks. It’s important to stay
updated with the latest security practices and threats in the information security
environment.

digital signatures
Digital signatures are a cryptographic technique used to verify the authenticity and
integrity of digital documents, messages, and transactions123. Here are some key
points about digital signatures in information security:

1. Authentication: Digital signatures provide a way to verify the identity of

the sender12. They prove the identity of the sender, also known as a digital
signature1.
2. Integrity: Digital signatures ensure that the message is real, accurate, and
safeguards from unauthorized user modification during the transmission12.
3. Non-Repudiation: Digital signatures provide non-repudiation, which means
assurance of something that cannot be denied2. It ensures that someone to a
contract or communication cannot later deny the authenticity of their
signature on a document or in a file or the sending of a message that they
originated2.
 4. Public Key System: Digital signatures need a public key system1. The
sender uses a private key to sign a document and the verifier uses the public
key to verify the document1.
5. Process of Digital Signature: A digital signature consists of three
algorithms2:
o Key Generation Algorithm: The key generation algorithm selects a
private key randomly from a set of possible private keys. This
algorithm provides the private key and its corresponding public key2.
o Signing Algorithm: A signing algorithm produces a signature for the
document2.
o Signature Verifying Algorithm: A signature verifying algorithm
either accepts or rejects the document’s authenticity2.

Remember, while digital signatures can significantly enhance information security,

they also require careful management to mitigate potential risks. It’s important to
stay updated with the latest security practices and threats in the information
security environment.