Database Term Paper

Only available on StudyMode
  • Download(s) : 16
  • Published : December 16, 2012
Open Document
Text Preview
Stratford University

Database Security
(SOF620)

Professor: Godson Chukwuma

Term Paper Assignment

Submitted by
Rafik Abdelhamid Osmane

Top ten threats in Database security:

1. Excessive Privilege Abuse
2. Legitimate Privilege Abuse
3. Privilege Elevation
4. Database Platform Vulnerabilities
5. SQL Injection
6. Weak Audit Trail
7. Denial of Service
8. Database Communication Protocol Vulnerabilities
9. Weak Authentication
10. Backup Data Exposure

The common mistakes that are made in database systems are:
1. Poor design/planning
2. Ignoring normalization
3. Poor naming standards
4. Lack of documentation
5. One table to hold all domain values
6. Trying to build generic objects
7. Lack of testing

Recommended solutions to protect the Database are:
-Audit the industry's widest range of databases for security, configuration and operational vulnerabilities, exploit root level access to collect evidence for reporting and ensure you secure you most valuable assets. -Provide detailed reporting and remediation guidelines to your security staff so they have the insight they need to resolve issues quickly and easily. -Ensure policy compliance with pre-defined policy report templates and a single-scan capability that check for both policy compliance and vulnerabilities in the same scan - streamlining security configuration assessment efforts for internal and external auditors. -Verify and validate vulnerabilities and risks: N-expose and M-etasploit can use the results from the database scan to penetrate the operating system to find additional vulnerabilities that would otherwise be left hidden.

Open source (or not) database platforms like MySQL, Microsoft SQL Server, and PostgreSQL that have achieved broad acceptance provide adept, malicious hackers an obvious path to attack websites en masse. With FireHost, we can trust that our database will be protected with the most advanced security available....
tracking img