Database Security

The Internet is an inexpensive and flexible way of sending and receiving information around the world. Organizations such as banks, airlines, insurance companies, and stock exchanges that have traditionally used DBMS to help them organize their data now use the Internet to save money and time. So do hundreds of thousands of online businesses whose sole 'cash' flows consist of online credit card payments. Bank and credit card transactions, obtaining plane tickets, paying bills, etc. can now be accomplished online. This is usually convenient for most of us, hence the popularity. The Internet causes problems when criminals and unauthorized persons 'hack' into data storages and steal vital information. The hacker - a person who uses technology to attain unauthorized access into web and data servers - is often considered very sharp, has a sort of cowboy renegade appeal - out to challenge data administrators - and does not suffer the stigma of being a common thief although he or she is, in effect, a thief.

The second type of data fraud is more straightforward and carries the deplored 'fraud' and 'cheat' labels - it involves getting unauthorized data directly from the server itself and using it for illegal ends. This type of fraud is less common than the first but happens all the same. Also, it is impossible to completely prevent this type of fraud as sometimes, a person who is authorized to access data may not be a person of integrity. Recent cases of call center employees who got caught selling the data at their disposal is a testament to this.

Database security - giving the right sort of people access to the right sort of data - is integral in keeping information, and all connected assets, safe. Database security within an organization is maintained by creating groups of users - each with his or her own username and password - who are permitted to do specific operations based on their organizational role. Database security over the internet is maintained using a collection of technologies that reside both on the DBMS and application server and recognize rogue commands and actions (such as intercepting some other user's session - akin to phone tapping) and also prevent normal internet users from getting too close to important data using a 'firewall' that blocks certain sorts of HTTP requests. These sort of measures may seem to be outside the purview of the DBA, but a lot can be done at the database level to strengthen security of the online data.

Screenshot10a: Example - DBMS inbuilt security - MS Access

Before the advent of the Internet, a very strict database access was a prerequisite to even view data. Now, anyone with spare time and a web browser can access data from an inadequately secured database. Normally, data sources for the Internet must be given full access because various queries may need to access different tables or views to construct HTML output. This is dangerous in itself. Any other program on the server may access an ODBC data source given full administrator access. If such a site allows file uploading elsewhere, someone may upload a malicious script that does just this and either gets him or her unauthorized data or just corrupts existing data. To prevent this, the data and application servers should have permissions set in such a way that not every program may execute. Setting permissions for uploaded files before they are copied into the server and setting permissions on the folder containing the database is a good way of preventing malicious uploads; while installing technology that checks files before saving them on the server is another method.

Most DBAs do not restrict access to certain tables because very few direct users - most of whom either generate bills or fill out forms - would have the technical know-how to construct SQL queries that target special form fields and so on. Traditional DBMS had specially built client GUIs that only allowed restricted access to the root database. In the Internet age however, easy to use wizards and tools may be used to generate HTML, SQL, server side scripts and so on, akin it easy for even novices to hack into unprotected tables. It is integral to protect every table on the database by restricting read and write permissions.

Also, a table in the database should contain lists of authorized Internet users with encrypted passwords and roles. That is, although the data source allows the web server full access, each user, such as a bank's customer, should have his or her own user name and password. The user should have to login using this username and password and only be allowed to perform the operations that his role entitles him to. That is, a user whose 'role' field in the 'users' database table contains 'customer' should be able to make an automatic payment against his own account but not be allowed to open a new account. Even if the web server allows this operation, the DBMS should perform a check using a trigger associated with an insert into the associated table and throw an error.

Session security has something to do with making sure 'packet sniffing' - where some program used by someone sits in between an authorized user and a web and database server and intercepts and translated bits and bytes - does not occur. To achieve this, DBMS and application servers use encryption - where data is exchanged in an encoded form that cannot be deciphered by any system other than the server that is talking to the client. Secure Socket technology and so on that use 'certificates' and public and private keys to ensure that the person trying to get at the data is the authorized user comes under this umbrella. Kerberos is a central security server that controls access to data, allows login, controls access to resources and performs all other security related tasks. Individual DBMS vendors largely determine the security scheme that will be implemented to provide the link between the database and the published HTML page. The Oracle BPEL Process Manager and Oracle Web Services Manager, for instance, enable customers to implement end-to-end Web services security and management, whether the Web services are deployed within or across firewalls.

Making your data secure for broadcast over the Internet or Intranet is not easy. A good way to determine security needs is to weigh the consequences of unauthorized access against the cost of implementing more security. For instance, the security needs of an online library are different from those of a bank that allows online transactions.