College of Computing Education

2ndFloor, DPT Building

Matina Campus, Davao City
Telefax: (082)
Phone No.: (082)300-5456/305-0647 Local 118

Week 4: Unit Learning Outcomes (ULO): at the end of the unit, you are expected to

ULO d. Exploring Database Management System security and network threats and security.

BIG PICTURE in Focus: ULO d. Exploring Database Management System

security and network threats and security.

Metalanguage

For the 4th week of our class, we will discuss the security in database management system and in
network. During our discussion, terms such as integrity, secrecy, spooling, firewall and other
essential terms in database management system and network security will be examined.

Essential Knowledge

During the 4th week of our discussion, we will discuss different types of security in Database
System and how important it is in terms of information security, the various threats in networks,
the possible cause and solution, and will explore the concept of network security.

Let’s Begin

When talking about database or database systems, we automatically think about a large number of
data that needs to be managed. Database systems handle most of the data in a certain organization
and manage in any forms of access and use.

Figure 27. Database Management System Security

Database management system security defined as the mechanism that protect the database
 College of Computing Education
2ndFloor, DPT Building
Matina Campus, Davao City
Telefax: (082)
Phone No.: (082)300-5456/305-0647 Local 118

against intentional or accidental threats. Any form of security in computer system intentionally
designed with the main purpose of securing and defending it from any forms of threat but has a
different level for each component or system. Database system does not only limit to storing
personal information, but it also stores data that are used to process employees’ payroll, money
and information in an ATM and digital banking, and many more.

Database security has these two standards just like the CIA triangle, secrecy and integrity.

Figure 28. Database Secrecy and Integrity

Database secrecy has the main concern about improper disclosure of information. Just like
confidentiality in CIA triangle, data should be confidential and free from any unauthorized access
and disclosure. Let us look at these following examples that can simply explained secrecy:
• Payroll System - concerned with preventing an employee from finding out the boss’s
salary.
• Military Command and Control System - preventing the enemy from determining the target
coordinates of a missile.
Aside from secrecy, we also have integrity. Database integrity is concerned with improper
modification of information or processes. Integrity, it means that the data is free from any forms
of improper modification or alteration. Take a look at these examples with the same system used
in secrecy:
• Payroll System - preventing an employee from changing his or her salary.
 College of Computing Education
2ndFloor, DPT Building
Matina Campus, Davao City
Telefax: (082)
Phone No.: (082)300-5456/305-0647 Local 118

• Military Command and Control System - preventing the enemy from altering the target
coordinates.
As you can see, secrecy and integrity in database security are similar with the goal of CIA triangle
as they have the same goal, protecting and securing data. These standards make sure that the data
is protected from any form of unwanted access, unauthorized modification or alteration and
making sure that the data is available at all times.

We consider database security in relation to the following situations:

• Theft and Fraud
• Loss of confidentiality
• Loss of privacy
• Loss of integrity
• Loss of availability

Figure 29. Common Database Security Threats

Because of the often-valuable nature of sensitive information locked away inside, databases are a
key target for cyber criminals. Whether the information is financial or holds intellectual property
and corporate secrets, hackers can profit from breaching the servers of a company and plundering
databases around the world.

Here are some examples of threats in database security:

• Deployment Failures - lack of due care at the moment they are deployed.
• Broken Databases - SQL Slammer worm of 2003 was able to infect more than 90 percent
of vulnerable computers within 10 minutes of deployment. Took advantage of a bug that
was discovered in Microsoft's SQL Server database software the previous year.
• Data Leaks - Databases also contain a networking interface, and so hackers are able to
capture this type of traffic to exploit it.
• Stolen Database Backups - The report suggests that insiders are also likely to steal
archives — including database backups — whether for money, profit or revenge.
 College of Computing Education
2ndFloor, DPT Building
Matina Campus, Davao City
Telefax: (082)
Phone No.: (082)300-5456/305-0647 Local 118

• The abuse of database features - Ex. a hacker can gain access through legitimate
credentials before forcing the service to run arbitrary code.
• SQL injections - Applications are attacked by injections, and the database administrator
is left to clean up the mess caused by unclean variables and malicious code, which is
inserted into strings, later passed to an instance of SQL server for parsing and execution.
There are lots of threats in database security and most of them are the result of having poor database
management especially during deployment. System administrators and database developers
need to develop a consistent practice in looking after their databases, staying aware of threats and
making sure that vulnerabilities are taken care of. This isn't an easy task, but documentation and
automation to track and make changes can ensure that the information contained in enterprise
networks is kept secure.

Figure 30. Database Security Threats Countermeasure

No matter how high the level of threat in security is, there are always a way to counter it whether
to completely get rid of it or at least decrease the chance of damage that it can cause. Again, there
is no such thing as “bullet proof” security but, at the very least, we will be able to avoid, prevent
and lessen the threats that may arise.

Here are some of the countermeasures that can be applied or used:

• Access Control – always at the top of security measure. Any form of access in the database
should be controlled and free from any unauthorized access.
• Views - the dynamic result of one or more relational operations operating on the base
relations to produce another relation. A view is a virtual relation that does not actually exist
in the database, but is produced upon request by a particular user, at the time of request.
 College of Computing Education
2ndFloor, DPT Building
Matina Campus, Davao City
Telefax: (082)
Phone No.: (082)300-5456/305-0647 Local 118

• Backup and Recovery - Is the process of periodically taking a copy of the database and
log file on to offline storage media. DBMS should provide backup facilities to assist with
the recovery of a database failure.
• Encryption - The encoding of data by a special algorithm that renders the data unreadable
by any program without the decryption key.

Network is a connection of multiple computers in a local or wide area setup. Internet is a network
of networks which allow multiple networks to communicate and connect with each other.
Nowadays, internet is everywhere and almost everything which is also a way for attackers and
intruders to do their thing.

Figure 31. Network Security

A specialized field in computer networking that involves securing a computer network

infrastructure. Network security is typically handled by a network administrator or system
administrator who implements the security policy, network software and hardware needed to
protect a network and the resources accessed through the network from unauthorized access and
also ensure that employees have adequate access to the network and resources to work.

A network security system typically relies on layers of protection and consists of multiple
components including networking monitoring and security software in addition to hardware and
appliances. All components work together to increase the overall security of the computer
network.
 College of Computing Education
2ndFloor, DPT Building
Matina Campus, Davao City
Telefax: (082)
Phone No.: (082)300-5456/305-0647 Local 118

Figure 32. Network Security Threats

A network security threat is an attempt to gain unauthorized access to your company's network,
steal your data without your knowledge, or carry out other malicious activities. If or when a
weakness or vulnerability exists within your computer network, your network security is
compromised.

Instead of quietly collecting information for espionage or financial gain, some network security
threats are designed to disrupt your organization's processes and functionality.

There are two broad categories of network security threats. These are active and passive attacks.
• Active Attack – Hackers gained unauthorized access to a computer system or network.
Hackers also alter the data, either by encrypting, deleting, or compromising it.
• Passive Attack - Hackers gain access to a computer network in order to steal and monitor
sensitive data. Because attackers can't change the data in this approach, they usually leave
it undamaged.
The main difference between passive and active attacks is that in an active attack, the attacker can
interrupt the transferred data in order to intercept the connection and adjust the data. In a passive
attack, on the other hand, the attacker can only intercept the data and read or analyze it without
changing it. With all these things being said, here are some common types of network threats:
 College of Computing Education
2ndFloor, DPT Building
Matina Campus, Davao City
Telefax: (082)
Phone No.: (082)300-5456/305-0647 Local 118

Figure 33. Eavesdropping

Eavesdropping refers to the unauthorized monitoring of other people’s communications. It can

be conducted on ordinary telephone systems, emails, instant messaging or other Internet services.
Since eavesdropping activities do not affect the normal operation of network transmission, both
the sender and the recipient can hardly notice that the data has been stolen, intercepted or defaced.

Eavesdropping usually happens in the following ways:

• Man-in-the-Middle Attack – An intruder exploit security loopholes on the network and tap
the communication between sender and receiver. Usually happens when an unencrypted
email was tapped before it reaches the receiver.
• Using HTTP standard to transmit personal or sensitive information is comparatively
insecure because encryption is not applied to the online transactions and attackers will be
able to read sensitive information from the transmitted messages.
Security Measures:
• Use encrypted connection, e.g. Hypertext Transfer Protocol Secure (HTTPS) and Secure
Shell (SSH) which offer better security, to encrypt the data transmitted on the Internet.
• Install personal firewall on computers connected to the Internet. Update antivirus software
with the latest virus signature or malicious code definition.
• Install intrusion prevention system on the computer network of your organization to detect
and prevent further attacks by eavesdroppers.
• Use Internet services with mutual authentication such as Public Key Infrastructure (PKI).
A transaction will only be processed after the user’s computer has been authenticated by
 College of Computing Education
2ndFloor, DPT Building
Matina Campus, Davao City
Telefax: (082)
Phone No.: (082)300-5456/305-0647 Local 118

the organization's server and vice versa. With confirmation of the identities of both parties,
the risk of Man-in-the-Middle attacks can be reduced.
To make it short and simple, eavesdropping attack is like someone is listening and secretly getting
an information in a conversation without being noticed.

Figure 34. Spoofing

Spoofing, in general, is a fraudulent or malicious practice in which communication is sent from
an unknown source disguised as a source known to the receiver. Spoofing is most prevalent in
communication mechanisms that lack a high level of security.
One very common example of spoofing is when people receive e-mails in their inbox saying that
a message could not be delivered to a recipient, even though they do not remember sending that
message. In this case, someone has learned what your email is and sent spam emails pretending to
be from your address and the e-mail address was incorrect and sent a bounce message back to your
e-mail address.

Common prevention of Spoofing:

• IDS – Intrusion Detection System to analyze traffic coming in and out.
• Virtual Private Network – To ensure private network communication.
• Self Verification – Double check the content and the details about the email or something
that you think it’s suspicious.
 College of Computing Education
2ndFloor, DPT Building
Matina Campus, Davao City
Telefax: (082)
Phone No.: (082)300-5456/305-0647 Local 118

Figure 35. Modification

Modification is an attack that tampers with a resource. Its aim is to modify information that is
being communicated with two or more parties. An example of a modification attack could be
sending information that was meant to go to one party but directing it to another.
Another example changing values in a data file, altering a program so that it performs differently,
and modifying the content of a message being transmitted in a network. The usual target of
modification is the data and messages. Data modification happens when an attack successfully
read your data and alter it. An attacker can modify the data in the packet without the knowledge
of the sender or receiver.
Modification of message happens when some portion of message is altered or that messages are
delayed or reordered to produce an unauthorized affect. Some of the effects of modifications
include:
• Loss of data integrity.
• Get mislead by wrong information.
• Misunderstanding.
• Misbehavior of a program.
 College of Computing Education
2ndFloor, DPT Building
Matina Campus, Davao City
Telefax: (082)
Phone No.: (082)300-5456/305-0647 Local 118

Figure 36. Denial-of-Service Attack

DoS refers to an action that prevents the authorized user of networks/systems by exhausting
resources such as CPU, memory bandwidth, and disk space. The idea of purpose behind it is to:
• Consume bandwidth with large traffic sizes.
• Overload or crash the network handling software
• Send specific types of packets to consume limited available resources.
In DOS an attacker’s program will establish a connection on a service port, obviously
counterfeiting the packet’s header details and then leaves the connection. Now if the host can
handle 20 requests per second and attacker is sending 50 requests per second, then it may cause
host server down due to mass fake requests. In this case, server cannot accept legitimate request
as well due to fake requests and it shows unavailability of server to a legitimate user.
One of the actual examples of this attack was when BBC Network was being attacked with DDoS.
A group calling itself New World Hacking said that the attack reached 602Gbps. If accurate, that
would put it at almost twice the size of the previous record of 334Gbps, recorded by Arbor
Networks last 2015.
Countermeasure for DoS Attack:
• Monitoring the packets to save your server from the entrance of the counterfeit packets.
• Timely upgrading of the security patches on your host’s operating system
• Beware of running of your server very close to the last level of the capacity
• Use a network intrusion detection system (IDS).
 College of Computing Education
2ndFloor, DPT Building
Matina Campus, Davao City
Telefax: (082)
Phone No.: (082)300-5456/305-0647 Local 118

Figure 37. Network Security: Firewall, Virtual Network, and IDS

Firewall, virtual networks and IDS are the most common tool to prevent network security threats.
These tools are considered to be the primary tools in terms of security in a network.
In computing, a firewall is a network security system that monitors and controls the incoming and
outgoing network traffic based on predetermined security rules. A firewall typically establishes a
barrier between a trusted, secure internal network and another outside network, such as the
Internet, that is assumed not to be secure or trusted. Firewall technology emerged in the late 1980s
when the Internet was a fairly new technology in terms of its global use and connectivity.
Advantages of using firewall:
• They are more cost effective than securing each computer in the corporate network since
there are often only one or a few firewall systems to concentrate on.
• There are some firewalls which can detect viruses, Trojans, worms and spyware etc.
Disadvantages:
• They often cannot protect against an insider attack.
• They may restrict authorized users from accessing valuable services
• They do not protect against backdoor attacks.
A Virtual network is a computer network that consists of virtual network links. VLAN (Virtual
LAN) is a logical LAN (local area network) based on the physical LAN that is divided on a
multiple logical LANs using a VLAN ID.
VPN consists of several remote endpoints (such as routers, VPN gateways of software clients) that
are connected by the tunnel over another network. Two connected end points form the PTP VPN
(Point to Point Virtual Private Network), more than two end points form a Multipoint VPN.
 College of Computing Education
2ndFloor, DPT Building
Matina Campus, Davao City
Telefax: (082)
Phone No.: (082)300-5456/305-0647 Local 118

Intrusion Detection can be defined as "...the act of detecting actions that attempt to compromise
the confidentiality, integrity or availability of a resource. Common types of IDS include:
• Network Based (Network IDS) - identify unauthorized, illicit, and anomalous behavior
based solely on network traffic.
• Host Based (HIDS) - identify unauthorized, illicit, and anomalous behavior on a specific
device
• Physical (Physical IDS) – identify threats on a physical system. Physical intrusion
detection is most often seen as physical controls put in place to ensure CIA.

Self Help

References:

Whiteman, M. (2016) Principles of Information Security 4th ed. Boston, MA: Cengage learning

Mack, M. (2018). Cyber security. ED-Tech Press

3G E Learning LLC (2018). Cybersecurity. 3G ELearning

Bone, J. (2017). Cognitive Hack: The new battleground in cybersecurity... the human mind. CRC
Press, Taylor & Francis Group

Grimes, R. (2017) Hacking the hacker: learn from the experts who take down hackers. Wiley

Simpson, W. (2016) Enterprise level security: securing information systems in an uncertain

world. CRC Press

Kumar, S. (2016) Crimes in Cyberspace, Scams and Frauds

Erl, T. (2015) Cloud Computing Design Patterns

Online References:

shorturl.at/ewJL8
shorturl.at/lrCL5
shorturl.at/bovxJ
shorturl.at/bcmBX

Online References:

shorturl.at/lEMOX
shorturl.at/jknNS
 College of Computing Education
2ndFloor, DPT Building
Matina Campus, Davao City
Telefax: (082)
Phone No.: (082)300-5456/305-0647 Local 118

shorturl.at/cyEIK

Other References:

Principles of Information Security, Fourth Edition

Let’s Check

Let’s check about the learnings that you have gained from the week’s discussion. This is a 20-
point quiz. This quiz will check about your understanding from this week’s discussion. Submit the
pdf to our BB LMS.

_____1. Database ____ has the main concern about improper disclosure of information.
_____2. Preventing students to know their classmate's grade.
A. Integrity B. Secrecy C. Availability
_____3. Database ____ is concerned with improper modification of information or processes.
_____4. Preventing the enemy team from knowing where your team is going to push.
A. Integrity B. Secrecy C. Availability
_____5. True or False. Any form of security in computer system intentionally design with the main
purpose of securing and defending it from any forms of threat but has a different level for each
components or system.
_____6. True or False. Database system does not only limit to storing personal information, it also
stores data that are used to process employees’ payroll, money and information in an ATM and
digital banking, and many more.
_____7. Cause of lack of due care at the moment they are deployed.
_____8. It is the process of periodically taking a copy of the database and log file on to offline
storage media.
_____9. True or False. Because of the often valuable nature of sensitive information locked away
inside, databases are a key target for cyber criminals.
_____10. True or False. CIA Triangle is not applicable with it comes to database management
system security.
_____11. Which of the following is the best way to avoid spoofing attacks?
A. Virtual Private Network to ensure private communication
B. Limit the number of access in a certain resource.
C. Monitor incoming packets.
D. None of these
_____12. Hackers gain access to a computer network in order to steal and monitor sensitive data
but cannot alter or modify the data and leave it undamaged.
_____13. It's a part of the primary tools that can protect the network from most of the network
security threats or attacks.
_____14. It is a network security system that monitors and controls the incoming and outgoing
network traffic based on predetermined security rules.
_____15. ____ is most prevalent in communication mechanisms that lack a high level of security.
 College of Computing Education
2ndFloor, DPT Building
Matina Campus, Davao City
Telefax: (082)
Phone No.: (082)300-5456/305-0647 Local 118

_____16. It is a type of IDS that can identify unauthorized, illicit, and anomalous behavior based
solely on network traffic.
_____17. True or False. Any form of security in computer system intentionally design with the
main purpose of securing and defending it from any forms of threat but has a different level for
each components or system.
_____18. True or False. Not all threats and attacks are intended to gain financial values. Some
attacks are intended to disrupt processes and functionalities.
_____19. True or False. Security personnel, fences and door locks can be considered as Physical
Intrusion Detection Systems.
_____20. True or False. Use firewall as network security in a corporate network is the best way to
be secured against insider attacks.

Let’s Analyze: Performance Task 6 – DBMS Threats

This simulates lab activity. For this week's let's analyze, your task is to apply Data Control
Language to set privileges to Admin, public, Cashier and Warehouse personnel. Create an SQL
code to set the controls of the aforementioned personnel and public (for viewing purposes). Create
ftp connection to Admin using the IP 200.100.100.1. Discuss the significant of setting these
controls.
______________________________________________________________________________
______________________________________________________________________________
________________________________________________________________________.

Let’s Analyze: Performance Task 7 – Network Security

This simulates lab activity. For this week's let's analyze, your task is to configure a network
security measure WP2 – Radius to protect your IoT Devices in a network.
 College of Computing Education
2ndFloor, DPT Building
Matina Campus, Davao City
Telefax: (082)
Phone No.: (082)300-5456/305-0647 Local 118

Among network security measures, discuss the advantage of WP2 – Radius.

______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
____________________________________________________________________________.

In a Nutshell

Watch the 1995 movie “The Net” portrayed by Sandra Bullock. Discuss the impact of the movie
to our topics on database and network security. What are the implications of that movie to our
recent situation?
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
____________________________________________________________________________.

Question and Answer List

Do you have any questions for clarification? Please send it to Announcement and Question Section
in our BB LMS or you can message directly.

Questions/ Issues Answers

1.

2.

3.

Keywords
Database Integrity Availability Secrecy Storage
Network Spoofing DDoS Modification Intrusion