Security Issues with Databases by Jing Ji - 2543 Words

Security Issues with Databases by Jing Ji David Maccarone Sheng Mao Security Issues with Databases 1. Current state of database security A database is a system that is specialized to manage data in a computer application system. Data has many forms, such as text, digital, symbols, graphics, images and sound. The database systems are integral components of current and future command, communication, control and intelligence information systems. (Lunt, 1992, p. 253) Databases are used widely in our life. Because of databases, vast amounts of data have become easier to use and manage. Government, finance, operators, public security, energy, taxation, business, social security, transportation, health, education,†¦show more content†¦Depending on the set up, these administrators may have access to the entire database, even if they do not have separate database accounts. As Natan (2005, p.109) points out, Windows System Administrators who are defined at the Domain Controller level may even have permissions on the database server. As such, an end-to-end view of who has what permissions needs to be undertaken . While one may not be able to completely eliminate this vulnerability (since what good is a database that no one can see), businesses can limit their exposure by understanding what permissions each individual has, and restricting access to the minimum number of people. The second issue surrounding database security is in the way the database is configured and maintained. If the database is not properly configured when set up, preferably by a qualified Database Administrator (DBA) then, just as with an Operating System, many vulnerabilities may exist. This can be as simple as failing to change a default password, or forgetting to turn off an unneeded database service. Likewise, if the proper patches are not applied to the database as they are released, then vulnerabilities in the very database application can be exposed to hackers, both inside and outside the company. For this reason it is important to have trained and experienced DBAs on staff, a set of well-defined proce duresShow MoreRelatedCNPC CSR report25861 Words   |  104 Pagescontests and evaluations Increase information disclosure Enhance employee training by hosting competitions on professional skills Organize occupational health examinations Improve the enterprise pension system Reinforce anti-terrorism and security efforts in overseas projects Implement the Overseas Employee Assistance Program Improve the staff development mechanism Publish the Corporate Identity System Manual of China National Petroleum Corporation to provide employees with value guidelines