Professional Documents
Culture Documents
Week 4: Unit Learning Outcomes (ULO): at the end of the unit, you are expected to
ULO d. Exploring Database Management System security and network threats and security.
Metalanguage
For the 4th week of our class, we will discuss the security in database management system and in
network. During our discussion, terms such as integrity, secrecy, spooling, firewall and other
essential terms in database management system and network security will be examined.
Essential Knowledge
During the 4th week of our discussion, we will discuss different types of security in Database
System and how important it is in terms of information security, the various threats in networks,
the possible cause and solution, and will explore the concept of network security.
Let’s Begin
When talking about database or database systems, we automatically think about a large number of
data that needs to be managed. Database systems handle most of the data in a certain organization
and manage in any forms of access and use.
Database management system security defined as the mechanism that protect the database
College of Computing Education
2ndFloor, DPT Building
Matina Campus, Davao City
Telefax: (082)
Phone No.: (082)300-5456/305-0647 Local 118
against intentional or accidental threats. Any form of security in computer system intentionally
designed with the main purpose of securing and defending it from any forms of threat but has a
different level for each component or system. Database system does not only limit to storing
personal information, but it also stores data that are used to process employees’ payroll, money
and information in an ATM and digital banking, and many more.
Database security has these two standards just like the CIA triangle, secrecy and integrity.
Database secrecy has the main concern about improper disclosure of information. Just like
confidentiality in CIA triangle, data should be confidential and free from any unauthorized access
and disclosure. Let us look at these following examples that can simply explained secrecy:
• Payroll System - concerned with preventing an employee from finding out the boss’s
salary.
• Military Command and Control System - preventing the enemy from determining the target
coordinates of a missile.
Aside from secrecy, we also have integrity. Database integrity is concerned with improper
modification of information or processes. Integrity, it means that the data is free from any forms
of improper modification or alteration. Take a look at these examples with the same system used
in secrecy:
• Payroll System - preventing an employee from changing his or her salary.
College of Computing Education
2ndFloor, DPT Building
Matina Campus, Davao City
Telefax: (082)
Phone No.: (082)300-5456/305-0647 Local 118
• Military Command and Control System - preventing the enemy from altering the target
coordinates.
As you can see, secrecy and integrity in database security are similar with the goal of CIA triangle
as they have the same goal, protecting and securing data. These standards make sure that the data
is protected from any form of unwanted access, unauthorized modification or alteration and
making sure that the data is available at all times.
Because of the often-valuable nature of sensitive information locked away inside, databases are a
key target for cyber criminals. Whether the information is financial or holds intellectual property
and corporate secrets, hackers can profit from breaching the servers of a company and plundering
databases around the world.
• The abuse of database features - Ex. a hacker can gain access through legitimate
credentials before forcing the service to run arbitrary code.
• SQL injections - Applications are attacked by injections, and the database administrator
is left to clean up the mess caused by unclean variables and malicious code, which is
inserted into strings, later passed to an instance of SQL server for parsing and execution.
There are lots of threats in database security and most of them are the result of having poor database
management especially during deployment. System administrators and database developers
need to develop a consistent practice in looking after their databases, staying aware of threats and
making sure that vulnerabilities are taken care of. This isn't an easy task, but documentation and
automation to track and make changes can ensure that the information contained in enterprise
networks is kept secure.
No matter how high the level of threat in security is, there are always a way to counter it whether
to completely get rid of it or at least decrease the chance of damage that it can cause. Again, there
is no such thing as “bullet proof” security but, at the very least, we will be able to avoid, prevent
and lessen the threats that may arise.
• Backup and Recovery - Is the process of periodically taking a copy of the database and
log file on to offline storage media. DBMS should provide backup facilities to assist with
the recovery of a database failure.
• Encryption - The encoding of data by a special algorithm that renders the data unreadable
by any program without the decryption key.
Network is a connection of multiple computers in a local or wide area setup. Internet is a network
of networks which allow multiple networks to communicate and connect with each other.
Nowadays, internet is everywhere and almost everything which is also a way for attackers and
intruders to do their thing.
A network security system typically relies on layers of protection and consists of multiple
components including networking monitoring and security software in addition to hardware and
appliances. All components work together to increase the overall security of the computer
network.
College of Computing Education
2ndFloor, DPT Building
Matina Campus, Davao City
Telefax: (082)
Phone No.: (082)300-5456/305-0647 Local 118
A network security threat is an attempt to gain unauthorized access to your company's network,
steal your data without your knowledge, or carry out other malicious activities. If or when a
weakness or vulnerability exists within your computer network, your network security is
compromised.
Instead of quietly collecting information for espionage or financial gain, some network security
threats are designed to disrupt your organization's processes and functionality.
There are two broad categories of network security threats. These are active and passive attacks.
• Active Attack – Hackers gained unauthorized access to a computer system or network.
Hackers also alter the data, either by encrypting, deleting, or compromising it.
• Passive Attack - Hackers gain access to a computer network in order to steal and monitor
sensitive data. Because attackers can't change the data in this approach, they usually leave
it undamaged.
The main difference between passive and active attacks is that in an active attack, the attacker can
interrupt the transferred data in order to intercept the connection and adjust the data. In a passive
attack, on the other hand, the attacker can only intercept the data and read or analyze it without
changing it. With all these things being said, here are some common types of network threats:
College of Computing Education
2ndFloor, DPT Building
Matina Campus, Davao City
Telefax: (082)
Phone No.: (082)300-5456/305-0647 Local 118
the organization's server and vice versa. With confirmation of the identities of both parties,
the risk of Man-in-the-Middle attacks can be reduced.
To make it short and simple, eavesdropping attack is like someone is listening and secretly getting
an information in a conversation without being noticed.
Intrusion Detection can be defined as "...the act of detecting actions that attempt to compromise
the confidentiality, integrity or availability of a resource. Common types of IDS include:
• Network Based (Network IDS) - identify unauthorized, illicit, and anomalous behavior
based solely on network traffic.
• Host Based (HIDS) - identify unauthorized, illicit, and anomalous behavior on a specific
device
• Physical (Physical IDS) – identify threats on a physical system. Physical intrusion
detection is most often seen as physical controls put in place to ensure CIA.
Self Help
References:
Whiteman, M. (2016) Principles of Information Security 4th ed. Boston, MA: Cengage learning
Bone, J. (2017). Cognitive Hack: The new battleground in cybersecurity... the human mind. CRC
Press, Taylor & Francis Group
Grimes, R. (2017) Hacking the hacker: learn from the experts who take down hackers. Wiley
Online References:
shorturl.at/ewJL8
shorturl.at/lrCL5
shorturl.at/bovxJ
shorturl.at/bcmBX
Online References:
shorturl.at/lEMOX
shorturl.at/jknNS
College of Computing Education
2ndFloor, DPT Building
Matina Campus, Davao City
Telefax: (082)
Phone No.: (082)300-5456/305-0647 Local 118
shorturl.at/cyEIK
Other References:
Let’s Check
Let’s check about the learnings that you have gained from the week’s discussion. This is a 20-
point quiz. This quiz will check about your understanding from this week’s discussion. Submit the
pdf to our BB LMS.
_____1. Database ____ has the main concern about improper disclosure of information.
_____2. Preventing students to know their classmate's grade.
A. Integrity B. Secrecy C. Availability
_____3. Database ____ is concerned with improper modification of information or processes.
_____4. Preventing the enemy team from knowing where your team is going to push.
A. Integrity B. Secrecy C. Availability
_____5. True or False. Any form of security in computer system intentionally design with the main
purpose of securing and defending it from any forms of threat but has a different level for each
components or system.
_____6. True or False. Database system does not only limit to storing personal information, it also
stores data that are used to process employees’ payroll, money and information in an ATM and
digital banking, and many more.
_____7. Cause of lack of due care at the moment they are deployed.
_____8. It is the process of periodically taking a copy of the database and log file on to offline
storage media.
_____9. True or False. Because of the often valuable nature of sensitive information locked away
inside, databases are a key target for cyber criminals.
_____10. True or False. CIA Triangle is not applicable with it comes to database management
system security.
_____11. Which of the following is the best way to avoid spoofing attacks?
A. Virtual Private Network to ensure private communication
B. Limit the number of access in a certain resource.
C. Monitor incoming packets.
D. None of these
_____12. Hackers gain access to a computer network in order to steal and monitor sensitive data
but cannot alter or modify the data and leave it undamaged.
_____13. It's a part of the primary tools that can protect the network from most of the network
security threats or attacks.
_____14. It is a network security system that monitors and controls the incoming and outgoing
network traffic based on predetermined security rules.
_____15. ____ is most prevalent in communication mechanisms that lack a high level of security.
College of Computing Education
2ndFloor, DPT Building
Matina Campus, Davao City
Telefax: (082)
Phone No.: (082)300-5456/305-0647 Local 118
_____16. It is a type of IDS that can identify unauthorized, illicit, and anomalous behavior based
solely on network traffic.
_____17. True or False. Any form of security in computer system intentionally design with the
main purpose of securing and defending it from any forms of threat but has a different level for
each components or system.
_____18. True or False. Not all threats and attacks are intended to gain financial values. Some
attacks are intended to disrupt processes and functionalities.
_____19. True or False. Security personnel, fences and door locks can be considered as Physical
Intrusion Detection Systems.
_____20. True or False. Use firewall as network security in a corporate network is the best way to
be secured against insider attacks.
This simulates lab activity. For this week's let's analyze, your task is to apply Data Control
Language to set privileges to Admin, public, Cashier and Warehouse personnel. Create an SQL
code to set the controls of the aforementioned personnel and public (for viewing purposes). Create
ftp connection to Admin using the IP 200.100.100.1. Discuss the significant of setting these
controls.
______________________________________________________________________________
______________________________________________________________________________
________________________________________________________________________.
This simulates lab activity. For this week's let's analyze, your task is to configure a network
security measure WP2 – Radius to protect your IoT Devices in a network.
College of Computing Education
2ndFloor, DPT Building
Matina Campus, Davao City
Telefax: (082)
Phone No.: (082)300-5456/305-0647 Local 118
In a Nutshell
Watch the 1995 movie “The Net” portrayed by Sandra Bullock. Discuss the impact of the movie
to our topics on database and network security. What are the implications of that movie to our
recent situation?
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
____________________________________________________________________________.
Do you have any questions for clarification? Please send it to Announcement and Question Section
in our BB LMS or you can message directly.
1.
2.
3.
Keywords
Database Integrity Availability Secrecy Storage
Network Spoofing DDoS Modification Intrusion