Database Security and Auditing Decision support system (DSS) - Deals with nonstructured

problems
Information Systems

Security violations and attacks are increasing globally at an
annual average rate of 20%.
Database security degree to which data is fully protected
from tampering
➢ Is capable of performing "What-if?" analysis
➢ Contains a collection of business models
➢ Is used for tactical management tasks
Typical Application System

• Comprises information system and • Risk management

information security concepts • Fraud detection
Wise decisions require: • Sales forecasting

• Accurate and timely information • Case resolution

• Information integrity Expert system (ES) - Captures reasoning of human experts

Information system comprised of components working ➢ Executive expert systems (ESSs) are a type of
together
expert system used by top-level management for
strategic management goals
➢ A branch of artificial intelligence within the field of
computer science studies
➢ Software consists of:

• Knowledge base

• Inference engine

• Rules

➢ People consist of:

• Domain experts

• Knowledge engineers
Transaction processing system (TPS) - Also known as
online transaction processing (OLTP) • Power users
Typical Application System
➢ Used for operational tasks
❖ Virtual university simulation
➢ Provides solutions for structured problems
❖ Financial enterprise
➢ Includes business transactions
❖ Statistical trading
➢ Logical component of TPS applications (derived
❖ Loan expert
from business procedures, business rules, and
policies) ❖ Market analysis
Typical Application System
• Order tracking
Information system components include:
• Customer service
• Data
• Payroll
• Procedures
• Accounting
• Hardware
• Student registration
• Software
• Car sales
 • Network

• People

Database management system (DBMS) collection of

programs that manage database

Data Management

Essential to success of information system DBMS

functionalities:
Integrity
• Organize data
Information has integrity if:
• Store and retrieve data efficiently
• It is accurate
• Manipulate data (update and delete)
• It has not been tampered with
• Enforce referential integrity and consistency •
Enforce and implement data security policies and Type of Data Degradation
procedures
Invalid data
• Back up, recover, and restore data
• Indicates that not all the entered
and stored data is valid without
exception
Information Security Redundant data
Information is one of an organization’s most valuable • Indicates that not all the entered
assets and stored data is valid without
exception
Information security consists of procedures and measures
Inconsistent data
taken to protect information systems components
C.I.A. triangle • Occurs when redundant data,
which resides in several places, is
• Confidentiality not identical.
Data anomalies
• Integrity
• Exists when there is redundant
• Availability
data caused by unnormalized data
Data read inconsistency
Security policies must be balanced according to the C.I.A.
triangle • Indicates that a user does not
always read the last committed
data
Confidentiality Data nonconcurrency
• Means that multiple users can
Addresses two aspects of security:
access and read data at the same
time but they lose read
• Prevention of unauthorized access
consistency.
• Information disclosure based on classification
Availability
Classify company information into levels:
Systems must be always available to authorized users

• Each level has its own security measures
• Usually based on degree of confidentiality necessary
to protect information
Systems determines what a user can do with the
information
Reasons for a system to become unavailable:
 • External attacks and lack of system protection •

System failure with no disaster recovery strategy •

Overly stringent and obscure security policies • Bad

implementation of authentication processes

Information Security Architecture

Components include:

• Policies and procedures

• Security personnel and administrators

• Detection equipments

• Security programs

• Monitoring equipment

• Monitoring applications Database Security Levels

Relational database: collection of related data
• Auditing procedures and tools
files Data file: collection of related tables

Table: collection of related rows (records)

Database Security
Row: collection of related columns (fields)
Security access point place where database security must
be protected and applied

Menaces to Database
Reducing access point size reduces security risks ✓
Security vulnerability: a weakness in any information
Security gaps: points at which security is missing system component

✓ Vulnerabilities: kinks in the system that can become Security threat: a security violation or attack that can
threats happen any time because of security vulnerability.

✓ Threat: security risk that can become a system Security risk: a known security gap left open.
breach Assets Types and Their Values

Types of assets include:

• Physical: tangible assets including buildings, cars,

hardware,
• Logical: such as business applications, in-house
 programs, purchased software, databases, Data files
• Intangible: business reputation, public confidence, … ▪ File permissions

• Human: human skills, knowledge, expertise, ▪ Access monitoring

Data
▪ Data validation
Security Methods
▪ Data constraints
Security Methods used to protect database environment
▪ Data encryption
components
▪ Data access
Database Component Protected
Business rule – the implementation of business procedure
People or policy through code written in an application
Security Methods
▪ Physical limits on access to hardware and
documents Database Security Methodology

▪ Through the processes of identification and

authentication
▪ Training courses on the importance of
security and how to guard assets
▪ Establishment of security policies and
procedures
Applications
Common principles used to define security posture:
▪ Authentication of users who access
applications • Confidentiality

▪ Business rules • Integrity

▪ Single sign-on (a method for signing on once • Availability
for different applications and Web
sites)
Network
SQL Procedures, Triggers and Functions
▪ Firewalls to block network intruders
S Query Language (SQL) - is a programming language that
▪ Virtual private network (VPN) (a remote is widely used to manage and manipulate relational
computer securely connected to a databases.
corporate network)
3 Important features of SQL
▪ Authentication
Operating system • Procedures
▪ Authentication
• Triggers
▪ Intrusion detection
• Functions
▪ Password policy
SQL Procedures are a set of SQL statements that are stored
▪ User accounts in a database
Database management system
SQL triggers are pieces of code that are executed
▪ Authentication automatically in response to certain events.
▪ Audit mechanism SQL functions are procedures that are designed to return a
single value
▪ Database resource limits

▪ Password policy
 WHAT IS SQL TRIGGER? CREATE TRIGGER total_mark

Triggers are the SQL codes that are automatically executed after insert
in response to certain events on a particular.
ON student
SYNTAX OF TRIGGER
FOR EACH ROW

Insert into Final_mark

values(new.marks);
ADVANTAGES OF TRIGGERS

DROP • Forcing security approvals on the table

DROP - a command to remove a trigger from the • Triggers check the integrity data

database • SYNTAX: • Counteracting invalid changes

DROP TRIGGER trigger name; • Triggers handle errors

• EXAMPLE: • Triggers are useful for inspecting the data

DROP TRIGGER calculate name; DISADVANTAGE OF TRIGGERS

❖ OVERHEAD
DISPLAY
• Triggers may increase the overhead of the
SHOW command to display triggers from the
database
database • SYNTAX:
❖ VALIDATION
IN database_name;
• Triggers can only provide extended validation
• EXAMPLE:
i.e. not all kind of validation
SHOW TRIGGERS ❖ TROUBLESHOOTING
IN employee;
• Triggers can be difficult to troubleshoot
because they execute automatically in the
database
INSERT

Before Insert Triggers are used to update or validate Differences between SQL procedures, triggers and
record values before they’re saved to the database functions:

• SYNTAX: ✓ Purpose

CREATE TRIGGER calculate ✓ Parameters

before INSERT ✓ Execution

ON employee ✓ Scope

FOR EACH ROW ✓ Complexity

SET new.marks = new.marks+100; TYPES OF FUNCTION IN SQL

• STRING Function
After Insert Triggers are used to access field values that
• Aggregate Function
are set by the system and to effect change in other records
• Date Function
• SYNTAX:
 • Time Function • Max()

String function are used to perform an operation on input

string and return an output string Database Administration

➢ ASCII(): This function is used to find the ASCII value Database administration refers to the whole set of
activities performed by a database administrator
of a character.
Syntax: SELECT ascii('t');
Output: 116
Responsibilities of Database Administration
➢ CHAR_LENGTH(): This function is used to find the
• Policy Formulation and Implementation
length of a word.
Syntax: SELECT char_length('Hello!'); • Data Dictionary Management
Output: 6
• Training
➢ CHARACTER_LENGTH(): This function is used to find • DBMS Support
the length of a line.
Syntax: SELECT CHARACTER_LENGTH('ANKIT • Database Design
DUBEY');
Output: 11
Policy Formulation and Implementation
➢ CONCAT(): This function is used to add two words
Access Privileges
or strings.
Syntax: SELECT 'Ankit' || ' ' || 'Dubey' FROM dual;
Output: ‘AnkitDubey’ ➢ Users should access the database only in ways in
which they are entitled
➢ LCASE(): This function is used to convert the given Security
string into lower case.
Syntax: LCASE ("ANKIT DUBEY"); ➢ Access restrictions ensure that the database is
Output: Ankit dubey secure.
➢ Passwords, encryption, and views implement
➢ LEFT(): This function is used to SELECT a sub string
security.
from the left of given size or characters.
Syntax: SELECT LEFT('Ankit S. Dubey', 5); ➢ Effective password protection is critical.
Output: Ankit Databases can be harmed from hardware and software
malfunctions
➢ LENGTH(): This function is used to find the length of Archive is a place where corporate data is kept.
a word.
Syntax: LENGTH('AnkitDubey');
Output: 10
Additional Responsibilities of DBA

Training
Aggregate function - a function where the values of
multiple rows are grouped together as input ➢ DBA gives training on the DBMS and how to access
the database
Various Aggregate Functions Are:
DBMS Support
• Count()
➢ The DBA is charged with all aspects of a DBMS,
• Sum()
including selection and management
• Avg()
Database Design
• Min()
 ALTER TABLE <tablename>
➢ DBA is responsible for tuning the design and making
changes that improve system performance ADD <position varchar(30)> after <deptno>;

Database Administrator It is a dedicated role in the IT Dropping a column:

department for large organizations.
ALTER TABLE <tablename>

DROP <columnname>
DBA Responsibilities

• Database Security
Change a column definition:
• Database Tuning
ALTER TABLE <tablename>
• Backup and Recovery
CHANGE <oldname>
• Producing Reports from Queries
<newcolumndefinition> Example:
Types of DBA ALTER TABLE tblemp

• Development DBA CHANGE deptno deptno int(3);

- Works on building SQL queries, stored
procedures, and so on, that meet the business
needs. Creating an INDEX:

CREATE INDEX <indexname>

• Administrative DBA
- Concerned with backups, security, patches, and ON <tablename> (columnlist);
replication.
Example:

• Data Warehouse DBA CREATE INDEX enameidx

- A relatively newer role, responsible for merging ON tblemp (ename);
data from multiple sources into a data
warehouse.

Dropping an Index:
• Data Architect
- Designs schemas, builds tables indexes, data ALTER TABLE <table_name> DROP INDEX <index_name>
structures and relationships.
- This role works to build a structure that meets a Example:
general business needs, in a particular area.
ALTER TABLE tblemp DROP INDEX enameidx;
Creating Databases and Tables in MYSQL
Deleting Records of a table: TRUNCATE <tablename> Example:
CREATE DATABASE <database name>
TRUNICATE tblemp;
▪ (to verify -> SHOW DATABASES)
▪ To select a database -> USE <databasename>
Dropping a table:
CREATE TABLE <tablename> (
DROP TABLE <tablename> Example:
Id int(5) unsigned auto_increment primary key, Ename
varchar(50) not null, DROP TABLE tblemp;
);

▪ to verify –SHOW TABLES Dropping a database:

▪ to verify columns -> DESC <tablename>
DROP DATABASE <dbname> Example:
Adding a column to a table:
DROP DATABASE empdb; Types of User
DBA Backup and Restore
(MySQL) • Superuser or Root user or administrative user: - This
Common Mysqldump options type of user has all privileges and permissions to
access and manage the database.
Add-drop-table Lock-tables - Superusers have the ability to create, modify,
and delete databases and tables, as well as
Add-locks No-data
assign permissions and privileges to other
all-databases Opt users.
- It is the most powerful user in MySQL
Create-options Quick - Superuser is “root”

Databases result-file

disable-keys set-charset • Regular user or Ordinary user or non administrative

extended-insert Tables user:
- This type of user has limited privileges and
Flush-logs where permissions, and can only access and modify
the databases and tables for which they have
been granted permission.
- Regular users can execute database queries, but
Using the mysqldump tool to make a backup of a single they cannot modify the structure of the
database database or grant permissions to other users.
Syntax: Mysqldump –-user=<username> --password=< --result
file=<path_to_backup_file> -databases_name> • Anonymous Users:
Ex. - users who attempt to connect to the MySQL
server without specifying a username.
Mysqldump –user=root –password=Supe!rPass1 –result file=c:\backup\
- They are not granted any privileges by default
classicmodels:sql –databases classicmodels
and can be a security risk, so it's recommended
to disable them.
▪ Ex.
Using the mysqldump tool to make a backup of multiple
database Ordinary/Regular user: A user
named "john" who has
To make a backup of multiple databases, you specify a list of the permission to read and modify
database names after the --database option: data in the "sales" database.
Example:
Superuser: The MySQL root
mysqldump --user=root -- password=Supe!rPass1 --result file=c:\ user, who has permission to
backup\classicmodels_world.sql – databases classicmodels world perform any action on the
MySQL server or databases.

Using the mysqldump tool to make a backup of all databases
To make a backup of all databases in a MySQL Server, you use the –all-
database option:
Example:
• Virtual User:
- a user who is not defined in the MySQL
system but can be authenticated by an
external system, such as an LDAP server.

mysqldump –user=root –password=Supe!rPass1 --result file=c:\backup\ • Application User:

all_databases.sql --all-databases
User is an account that is created within a database - a user that is created specifically for an
management system, such as MySQL, that provides access application to use when connecting to a
to the system for an individual or application. MySQL server.

- has a unique username and password that is - This type of user often has a limited set of
used to authenticate and authorize access to permissions that are specific to the needs
specific resources, such as databases, tables, of the application.
and stored procedures.
 Profile is a set of predefined settings that can be applied to
a user account to control certain aspects of the user's
behavior and access to resources.
Profiles can be used to limit the amount of resources a
user can consume, such as CPU time and memory, or to
enforce certain password policies, such as password
We can use MySQL profiles to configure other user
complexity requirements and expiration dates.
specific settings, such as:
Types of Profiles
MySQL profiles can be used to configure user-specific
settings such as resource limitations and privileges.
Predefined profiles provide a set of default resource
limitations and privileges that can be assigned to users.
Custom profiles, on the other hand, provide more granular
control over user-specific settings.
- These profiles can be created by the
administrator and assigned to specific
users as needed.
Some examples of the settings that can be configured
using predefined profiles:
● Password expiration policies
● Maximum number of connections per user
● Maximum query execution time
● Maximum CPU time per call/session
● Maximum memory usage per session
● Password expiration policies
● Maximum number of connections per user
● Maximum query execution time
● Maximum CPU time per call/session
● Maximum memory usage per session
Some examples of user-specific settings that can be
configured using custom profiles include:
● Resource limitations and privileges specific to a
particular application or workload
● Restrictions on access to specific database objects
or commands
● Custom password policies and settings
● Additional authentication mechanisms such as two-
factor authentication
● Special network access requirements or restrictions
● Restrictions on the use of particular SQL statements
or query types
1. Password expiration and complexity requirements:
- You can configure a profile to require users to
change their password at regular
intervals, and to enforce password
complexity rules such as minimum length
and the use of uppercase and lowercase
letters, numbers, and special characters.
2. Network access restrictions:
- You can use a profile to limit the IP addresses
or hostnames from which a user
can connect to the MySQL server, or to
require SSL encryption for connections.
3. Query optimization settings:
- You can configure a profile to set query
optimization options such as the join
order, buffer pool size, and thread
concurrency for a specific user or group of
users.
4. Resource allocation settings:
- In addition to limiting the amount of system
resources that a user can consume,
you can also use a profile to allocate
specific resources to a user or group, such
as a fixed amount of memory or CPU time.
5. Auditing and logging settings:
- You can configure a profile to enable or
disable logging and auditing of user
activity, or to require additional security
measures such as two-factor
authentication.
Examples of profiles:
CPU time limit profile:
- A profile named "limited_cpu" that restricts
the amount of CPU time a user
can use to 10 seconds per query.
Memory limit profile:
- A profile named "limited_memory" that
restricts the amount of memory a user can
use to 1GB.
Password policy profile:
- A profile named "strong_passwords" that
requires users to have passwords with at
least 8 characters, including at least one
uppercase letter, one lowercase letter, one
digit, and one special character.
 Differentiate the differences of Profiles and User then - CREATE USER ‘my_name’@’localhost’
implement with MySQL IDENTIFIED BY ‘my_password’;

User accounts are created for individual users and are used Grant previlages:
to authenticate and authorize them for accessing the
database. - GRANT ALL PRIVILEGES ON my_database. *
TO ‘my_user'@'localhost ' ;
User accounts have permissions and privileges to perform
specific operations in the database. Check where the user is:

User accounts have a unique username and password to - SELECT USER(), CURRENT_USER();
authenticate to the database.
DELETING profiles:
Syntaxes:
- DROP PROFILE my_profile;
Creating database:
Creating a user account:
- Create Database database_name;
- CREATE USER ‘username’@’localhost’
Create new User: IDENTIFIED BY ‘password’;
Creating a profile:
- CREATE PROFILE ‘profile_name’ LIMIT
Assigning a profile to user account:

- ALTER USER ‘username’@’localhost’ PROFILE ‘profile_name’;

Password is a secret code that is used to authenticate and authorize access to a user account or resource.

Password is encrypted and stored as a hash value, which is a one-way mathematical function that transforms the password
string into a fixed-length sequence of characters.

In MySQL Server, there are several types of passwords that can be used to authenticate user accounts:

Plain Text Passwords:

- These are the simplest type of passwords and involve storing the password as
plaintext in the database.
Ex. Password 123
Hashed Passwords:

- process converts the password into a fixed-length string of characters, making it

difficult to reverse-engineer the original
password.

Ex. Before hashing, “password123”. After, “d2c7e59f6e725e7b09f879b47d7c0de30ddaa9cbe 9eaa3b83528d3a7f361ca24".

Salted Passwords:

- In this method, a random string of characters known as a salt is added to the

password before hashing.
Encrypted Passwords:

- In this method, the password is encrypted using a secret key or passphrase before
being stored in the database.
Two main steps in controlling access to data
Authentication

- Confirms the users if they are really the users

- It involves verifying the credentials of a user, such as a username and password,
before granting access to the database.

Authentication can be verified a few times and at different levels during a single logon attempt

Authentication is the process of verifying who a user is through Login or Passwords.

Authentication - is usually done before Authorization.

Three levels of authentication in a database environment - OS level,

- Database level,
- Third-party support

Encryption scrambles your password so it's unreadable and/or unusable by hackers.

Authorization

- Gives users permission to access the resource

Authorization works through settings that are implemented and maintained by the organization

Authorization - can only be granted after Authentication.

Authorization - in MySQL refers to the process of granting or denying specific privileges to users or roles, determining what
data they can access or modify within the database.

Types of external authentication

- Smart card uses PIN for authentication
- Kerberos uses symmetric-key cryptology
- Public key infrastructure (PKI)
- Digital certificate
Profiles & Passwords
 Database-Enforced Password Policies
Four password attributes can be enforced in almost every
 database server
▪ Complexity
▪ Failed attempts
▪ Expired passwords
▪ Password reuse
Written Password Policies
Common standards likely to be included in an equipment
usage agreement
▪ Password discretion
▪ Password sharing
▪ Password storage
Database Vendor–Specific Password Management
SQL Server password policy
- Available password policy methods
- Password complexity, password expiration, and
of identification before being granted access to their
account.
User management and access control are essential
components of ensuring the security and integrity of
databases and other IT systems. Here are some key
reasons why:
Protecting sensitive data: Databases often contain
sensitive information, such as personal data, financial
records, or trade secrets. User management and access
control help prevent unauthorized access to this data,
reducing the risk of data breaches or leaks.
Ensuring compliance: Many industries are subject to
regulatory requirements that mandate the protection of
sensitive data. User management and access control help
organizations comply with these requirements by ensuring
enforcing password policy
User in a MySQL database refers to a person or entity that
has been granted certain privileges or permissions to
access and manipulate the data stored in the database.
Profile in a MySQL database is usually a collection of data
that describes a particular user or entity in the system.
Password expiration: To prevent the use of old or
compromised passwords, it's a good idea to set a password
expiration policy.
Two-factor authentication: Two-factor authentication is a
security feature that requires users to provide two forms
that only authorized users have access to the data.
Mitigating insider threats: Insider threats, whether
intentional or unintentional, are a major source of data
breaches. User management and access control can help
mitigate these risks by limiting access to data based on job
roles, responsibilities, and other criteria.
Enforcing data governance policies: User management
and access control can help enforce data governance
policies, such as data retention, data quality, and data
ownership. This helps organizations ensure that their data
is used appropriately and effectively.
Facilitating auditing and accountability: User management
and access control enable organizations to track who
accessed what data and when. This information is critical
for auditing and accountability purposes and can help
organizations identify security incidents and take
appropriate remedial action.
 Privileges

Privilege is a right to execute a particular type of SQL

statement or to access another user's object.

Global Privileges: These privileges apply to all databases

on a MySQL server.

Database-Level Privileges: These privileges apply to a

specific database on a MySQL server.

Table-Level Privileges: These privileges apply to a specific

table within a database.
Here are several types of privileges that can be revoked
Column-Level Privileges: These privileges apply to a from a user in MySQL:
specific column within a table.
SELECT - allows the user to select data from a table

INSERT - allows the user to insert new data into a table

UPDATE - allows the user to update existing data in a

table DELETE - allows the user to delete data from a table

EXECUTE - allows the user to execute stored procedures or

functions
CREATE - allows the user to create new databases, tables,
or other objects

DROP - allows the user to delete databases, tables, or

other objects

GRANT OPTION - allows the user to grant privileges to

other users
ROLES

Roles are a way of grouping privileges together and

assigning them to users.

Roles can simplify the task of managing user privileges by

allowing you to assign privileges to a role and then assign
the role to multiple users.
 Two

types of Prvileges
System privileges: These are the rights and permissions
that allow a user or role to perform certain actions or
operations on the database as a whole.

Examples of system privileges include the ability to create

or drop tables, create or drop users, create or drop roles,
and grant or revoke privileges from other users or roles.

Object privileges: These are the rights and permissions

that allow a user or role to perform certain actions or
operations on specific database objects such as tables,
views, procedures, and functions.

Examples of object privileges include the ability to select,

insert, update, or delete data from a table, execute a
stored procedure or function, and create or drop a view.
 Roles are important in SQL for several reasons:

Simplifying Privilege Management

Roles can make privilege management simpler and more

efficient, particularly in large database environments
where there are many users with different levels of access.

Enhancing Security

Roles can also enhance security by limiting access to

sensitive data and functionality to only those users who
require it.

Facilitating Compliance

By defining roles and assigning privileges based on the

principle of least privilege, organizations can ensure that
users only have access to the data and functionality they
need to perform their job functions and no more.

Five types of roles available within SQL Server

 ▪ Fixed server
- Provide server-level privileges
- Cannot be changed or deleted
- Users can be added to them
▪ fixed database
- Provides privileges specific to the database
- Cannot be altered, yet users can be added
▪ User-defined
- Built to control access of objects within the
database
▪ Application and dbcreator Database creator accounts that can
- Created to support security requirements of create, alter, and resize databases
applications
▪ Public
diskadmin A disk administration account that
- Special role in which every database user is
holds the right to manage disk files
a member
- Members cannot be removed
- Provides a way to assign privilege for all
users
User Acc. User rights
User Acc. User permissions

db_owner Members of the db_owner role

sysadmin A system administration account that hold the rights to perform any
action at the server level
holds the rights to perform any
action at the server level
db accessadmin Members of the
securityadmin A system administration account that db_accessadmin role can add
or remove database groups
holds the right to manage and and users
configure the server's
db datareader Members of the db datareader
security settings (e.g. passwords, role can see all data from all user
tables and have SELECT
logins, auditing, and read error logs)
permission

serveradmin A system administration acount that db_datawriter Members of the db_datawriter

holds the right to change server role an add, change, or delete
data from all user tables and
configuration settings have INSERT, UPDATE, and
DELETE permissions
setupadmin A setup administration acount that
db_ddladmin Members of the db_ddladmin
holds the right to manage linked role can make any database
servers, replication, and stored definition language commands

procedures
db_securityadmin Members of the
processadmin A process administrator account that db_securityadmin role can
manage roles and object
holds the right to manage the
permissions
processes running in SQL Server
db_backupoperator Members of the
db_backupoperator role hold the
right to back up the database and
force checkpoints

db_denydatareader Members of the

db_denydatareader role are
unable to read any data, but they
can perform other actions, such as
INSERT

db_denydatawriter Members of the

db_denydatawriter role cannot
change the data in the database