Chapter 5: Database Security and Authorization

Database security and authorization are critical components of information security and data
management. They are essential for protecting sensitive information from unauthorized access
and ensuring that only the right individuals have the appropriate permissions to interact with the
database. Below are the key concepts and practices related to database security and
authorization.

1. Database Security Overview

Database security involves a combination of hardware, software, and procedural measures to

protect databases from malicious attacks, unauthorized access, and misuse. It encompasses a
range of security practices, including:

 Data Encryption: Protecting data at rest and in transit through encryption techniques to
prevent unauthorized access.
 Access Control: Limiting who can access the database and what actions they can
perform based on their roles.
 Auditing and Monitoring: Keeping records of database access and changes, allowing
for the detection of suspicious activities.
 Backup and Recovery: Ensuring that data can be restored in case of corruption, data
loss, or ransomware attacks.

2. Authorization

Authorization is the process of determining whether a user has the right to perform a given action
or access specific resources. It is typically enforced using the following methodologies:

 Role-Based Access Control (RBAC): Users are assigned roles based on their job
responsibilities, and these roles define permissions for accessing certain data and
executing specific actions.
 Discretionary Access Control (DAC): Individuals can grant or revoke access to their
own data to others, giving them discretion over resource access.
 Mandatory Access Control (MAC): Access rights are regulated by a central authority
based on multiple levels of security. Data owners cannot change access permissions.
 Attribute-Based Access Control (ABAC): Access decisions are made based on
attributes (user, resource, environment) and policies, allowing for more fine-grained
access controls.

3. User Authentication

Authentication is the process of verifying the identity of a user before granting access to the
database. Common methods include:

 Username and Password: Basic method but susceptible to attacks like phishing.
  Multi-Factor Authentication (MFA): An additional layer of security that requires two
or more verification factors (e.g., something you know, something you have, something
you are).
 Biometric Authentication: Uses physical characteristics (fingerprints, facial
recognition) to verify user identities.

4. Data Integrity and Compliance

Ensuring the integrity of data is vital for maintaining trust and compliance with legal regulations
(e.g., GDPR, HIPAA). Key practices include:

 Data Validation: Implementing controls to ensure that only valid data is entered into the
database.
 Timestamping and Versioning: Keeping track of data changes to provide a clear audit
trail and facilitate rollback if needed.
 Compliance Audits: Regularly assessing database security and access controls against
regulatory requirements and standards.

5. Best Practices for Database Security and Authorization

 Least Privilege Principle: Grant users the minimum level of access necessary to perform
their job functions.
 Regular Updates and Patching: Keeping database software up-to-date to protect against
known vulnerabilities.
 Strong Password Policies: Enforcing complexity and regular change requirements for
passwords.
 Network Security: Using firewalls, intrusion detection systems, and secure network
protocols to protect database servers.
 Data Masking: Masking sensitive information in non-production environments to
protect data during testing or development.

6. Response and Recovery

Finally, organizations should have an incident response plan in place to address security breaches
quickly and effectively, as well as a disaster recovery plan to restore databases after an attack or
failure.

Introduction to DB Security Issues

Database security is a critical concern for organizations that rely on databases to store sensitive
information, including personal data, financial information, and intellectual property. Various
security issues can compromise the confidentiality, integrity, and availability of this data. Below
is an overview of key database security issues, accompanied by examples to illustrate their
potential impact.

1. Unauthorized Access
Issue: Unauthorized access occurs when individuals gain access to a database without proper
permissions. This can happen due to weak authentication mechanisms, such as default passwords
or lack of proper user roles.

Example: A company’s HR database has not changed default usernames and passwords. An
attacker discovers these credentials online and gains access to sensitive employee records,
leading to a data breach.

2. SQL Injection

Issue: SQL injection is a technique where an attacker inserts or "injects" malicious SQL queries
into input fields of an application to manipulate the database.

Example: An attacker inputting '; DROP TABLE employees; -- into a login form might cause
the application to execute a command that deletes the entire employees table, resulting in data
loss.

3. Data Breach

Issue: A data breach occurs when sensitive data is accessed, disclosed, or used by unauthorized
individuals, often resulting from a security vulnerability.

Example: An attacker exploits a vulnerability in a web application that connects to a backend

database, extracting sensitive customer data like credit card numbers which are then sold on the
dark web.

4. Insider Threats

Issue: Insider threats refer to malicious activities by individuals (employees, contractors, etc.)
who have legitimate access to the organization's data.

Example: A disgruntled employee downloads sensitive customer records onto a USB drive
before leaving the company, potentially selling that information to competitors or using it for
identity theft.

5. Insecure Data Storage

Issue: Data storage security is often compromised if databases store sensitive information
without proper encryption.

Example: A database storing user passwords in plaintext is compromised. An attacker gains

access and retrieves all users' passwords, leading to the compromise of not just the database but
potentially other accounts where users might have reused those passwords.

6. Weak or No Encryption
Issue: Without strong encryption, data may be vulnerable to interception and unauthorized
access, particularly during transmission or when stored.

Example: Sensitive medical records sent over an unencrypted network can be intercepted by an
attacker using packet-sniffing tools, resulting in privacy violations and regulatory penalties.

7. Poor Configuration Management

Issue: Misconfigured databases can lead to security vulnerabilities, such as open ports and
excessive permissions.

Example: A cloud-based database instance is configured to allow public access without proper
restrictions. Attackers can easily access the database and exploit vulnerabilities.

8. Lack of Auditing and Monitoring

Issue: Without proper logging and monitoring mechanisms, it can be difficult to detect
unauthorized access or data breaches in a timely manner.

Example: A database is compromised, but without audit logs, the organization remains unaware
of the unauthorized access until weeks later when data anomalies are detected.

9. Failure to Update and Patch

Issue: Databases and application software are often targeted due to known vulnerabilities.
Failing to apply security patches exposes them to risk.

Example: A database server runs on an outdated version with known bugs. An attacker exploits
one of these vulnerabilities through a specially crafted request, gaining access to the database.

10. Data Loss

Issue: Data loss can occur due to various reasons such as hardware failure, natural disasters, or
accidental deletions. Without proper backup and recovery solutions, this can lead to irretrievable
data.

Example: A server crash occurs, and without backup procedures in place, crucial transactional
data in the database is lost, impacting business operations severely.
Discretionary Access Control Based on Granting /Revoking of Privileges
Mandatory Access Control for Multilevel Security Statistical DB Security

Discretionary Access Control (DAC)

Overview: Discretionary Access Control (DAC) is a type of access control system where the
owner of the resource has the discretion to determine who is allowed to access a particular
resource and to what extent. In DAC, users can grant or revoke access to their own resources.

Mechanism:

 Granting Privileges: A user (or owner) can designate access rights to other users.
Common rights include read, write, execute, etc.
 Revoking Privileges: The user can also rescind access rights they previously granted to
other users.

Example:

 Imagine a shared document in a company. The owner of the document (User A) can give
permission to User B to edit the document, while User C can only read it. If, at some
point, User A no longer wants User B to edit the document, they can revoke that access.

Mandatory Access Control (MAC)

Overview: Mandatory Access Control (MAC) is an access control mechanism that restricts the
ability of subjects (users and processes) to access or manipulate objects (files, devices) based on
a security policy. The access decisions are made based on the classification of information and
the user’s security clearances.

Mechanism:

 Security labels are assigned to data and users. Access to a resource is determined by both
the label of the resource and the user’s clearance level.
 Users cannot change access permissions; they are defined by the system.

Example:

 A government organization may have documents classified as "Confidential," "Secret,"

and "Top Secret." A user with "Secret" clearance can read "Secret" documents but cannot
access "Top Secret" documents. If the document is labeled as "Confidential," it can be
accessed by users with either "Confidential" or higher clearance.

Statistical Database Security

Overview: Statistical Database Security (SDBS) focuses on protecting the integrity and
confidentiality of statistical databases, which allow users to query data and receive statistical
information without revealing sensitive individual records.

Mechanism:

 SDB techniques may include query restriction, perturbation of data, or queries that return
summaries or randomized results to prevent disclosure of sensitive values.

Example:

 A healthcare organization compiles a database containing patient information.

Researchers might want to analyze the data to find trends in diseases. However, if a
researcher requests data that would directly reveal the healthcare details of a small
population (e.g., 3 patients), it could lead to confidentiality breaches.
 To mitigate this, the organization can implement significant noise or data perturbation
when replying to queries or return data as a statistical summary (for example, "The
average age of patients with a particular disease is 50.") while preventing users from
seeing exact patient records.

Summary

1. DAC allows resource owners to control access and privileges at their discretion.
2. MAC enforces access controls based on rigid security classifications established by the
organization, with no user discretion.
3. Statistical DB Security protects the confidentiality of individual data points in a
database while enabling summary access for research or analysis, often through noise
introduction and careful query design.