Universidad Politcnica Territorial del estado Aragua, Domnguez Chvez Jorge. Principios bsicos de seguridad...

Basic Principles of Database Security

Domnguez Chvez Jorge.
jodocha@upta.edu.ve

Universidad Politcnica Territorial del estado Aragua

Summary - A common problem of security for all computer
systems is to prevent unauthorized persons from gaining
access to the system, either for information, making malicious
changes to all or a portion or entire database. Some basic steps
to start managing security in the design and implementation of
a database rules are presented.

The security of the databases is a broad area covering many

topics, including:

. Keywords : cryptography, database management, security ,

encryption algorithms.
I. INTRODUCTION
A common problem of security for all computer systems is to
prevent unauthorized persons from gaining access to the
system, either for information, making malicious changes to
all or a portion or entire database.
The Cybercrime is defined as any type of illegal activity on
the Internet, a private or public network or computer system
used. Many forms of this type of crime revolve around
obtaining sensitive information for unauthorized purposes,
including invasion of privacy of the largest possible number of
computer users.

1
Telemarketing is a form of direct marketing in which a consultant using
the phone, tablets, laptop or any other means of communication to contact
potential customers and market products and services. Potential customers are
identified and classified by various means such as purchase history, previous
surveys, contest entries or job applications ( especially through Internet).
2
The word cracker refers to people breaking a security system. The
crackers may be motivated by a multitude of reasons, including for-profit,
protest, or the challenge.

Ethical and legal issues concerning the right of access

to certain information.

Policy issues to governmental, institutional or

corporate level, related to the type of information that
should not be available to the public.

Issues related to the system and system levels that

manage various security features.

Security mechanisms can be oriented access control policies

based on user identity, known as discretionary safety or
policies that restrict access to information classified as
confidential to authorized personnel , called Mandatory Safety.
Today, we speak about two types of security mechanisms in
databases:

The Cybercrime encompasses any criminal act that use

computers and communication networks. It also includes
traditional crimes conducted over the Internet, such as hate
crimes, the telemarketing1 and Internet fraud, identity theft and
stolen credit card accounts.
The Databases not protected are the dream of cyber-criminal.
Those databases contain valuable data of the organization
could be easy target of an attack and are conveniently
organized. It is not surprising that the databases are the main
target of sophisticated cyber-attacks crackers2 and,
increasingly, users working in the organization and have
privileges. However, there are many steps you take to protect
databases in your organization and at the same time, his
reputation.

Discretionary security mechanisms to grant privileges

to users, including access to files, records or specific
data fields in a certain way.

The mandatory security mechanisms for equal

multilevel sorting data and users into several classes
(or levels ) and then implementing appropriate
security policy of the organization.
II.

THE SECURITY MECHANISM

The security mechanism of a SGBD3 should include ways to

restrict access to the system as a whole. This is called access
control and put into practice by creating user accounts and
passwords for it DBMS controls the logon process.
Another security technique is data encryption, used to protect
sensitive data transmitted via satellite or some other type of
communications network. Encryption provides additional
sections of a confidential database protection. The data is
encoded by some algorithm on purpose. An unauthorized user
who has access to encrypted data will struggle to decipher, but
an authorized user will have algorithms (or key) encryption or
decryption for that purpose.
3

Database Manager system or DBMS.

Jornada de Investigacin, Desarrollo Socio Productivo y Vinculacin Social del Departamento de Informtica, 2015

Universidad Politcnica Territorial del estado Aragua, Domnguez Chvez Jorge. Principios bsicos de seguridad...
A.
The administrator of the database
Is the central authority that controls a system of this type. The
DBA4 has a privileged account in the DBMS, sometimes
called system account, which gives extraordinary abilities not
available to ordinary users accounts and database. The DBA
performs the following types of actions:

Account creation.

Granting privileges.

Revocation of privileges.

Assigning security levels.

It is responsible for the overall security of the system

database.

A habit (bad habit) that have many administrators or users is to

use the access root1 (super-user or administrator) for all
database, install a site using the WordPress CMS, and as data
access to database (WP for use MariaDB server and use its
DB) will put the user management server MariaDB2: root5.
Also, if they install any other web application (chat, paste,
forum, etc.) they do the same, always use the root user of
MariaDB6.
Proposal: MariaDB create separate users for each application
that uses this GSBD (either web application or desktop).
A lot of users and customers rely on MariaDB as technological
solution to their database needs, which is why many websites,
blogs, ecommerce sites and webapps provided with the
database. The following five security practices help your
database is more "robust", be optimized and ready for any
possible attack both internally and externally:
1.

2.

Make sure you have "shielded" the chances that

external users can inject code to its database through
public forms or text fields to your website.
Change the root user, which is the default, and
assigned a different username.

3.

Make sure the root password MariaDB is established.

4.

Remove the test account and test database created

during the initial installation of MariaDB.

5.

Periodically review the users and data bases

MariaDB account to ensure that the permits granted
in that time, remain exactly as you left them the last
time.

The forms of malicious access are:

Unauthorized reading of data ( data theft )

Unauthorized modification of data

Unauthorized destruction of data security databases

refers to protection against malicious access.

To protect the database must adopt security measures at

various levels:

Database systems.

Operative System.

Network.

Phisycal.

Human.

To maintain security at all these levels should strengthen the

security of the database. The weakness of the low levels of
security (physical or human) can circumvent the strict security
measures at higher levels (database). Security within the
operating system is applied at various levels, ranging from
passwords to access the system until the isolation of
concurrent processes running on it. The file system also
provides some level of protection.
III.

THE USERS 7.

They should have various types of authorization for different

parts of the database. highlights include:

Read authorization for reading the data, but not

modification.

The push authorization for insertion of new data, but

not modification of existing ones.

Update authorization for the modification of the data,

but no deletion.

Erase authorization for erasing data.

Database administrator.
Root is a user account that has full control of everything that happens in a
system.
6
MariaDB is a direct fork of MySQL which ensures that it will remain a
version of this product with GPL.
5

7
According to the Royal Spanish Academy (dictionary), a user is " one who
uses something " or " something that ordinarily uses."

Jornada de Investigacin, Desarrollo Socio Productivo y Vinculacin Social del Departamento de Informtica, 2015

Universidad Politcnica Territorial del estado Aragua, Domnguez Chvez Jorge. Principios bsicos de seguridad...
IV.

THE VIEW CONCEPT

A view is a PHP script that basically consists of elements of

the UI (user interface - UI). It can contain PHP expressions,
but it is recommended that these statements do not modify the
data model and remain relatively simple . To maintain the
separation of logic and presentation is recommended that
much of the logic is in the model and not at the hearing.
A view:

It is a virtual relationship.

It is constructed to operate as the relational algebra

from the base relations of the database . Direct
relationships form the basis of the database, which
are stored physically.

They provide powerful security mechanism , hiding

parts of the database to certain users.

Symmetric cryptography is more vulnerable than the

asymmetric because of using a single key, on the other hand in
symmetric encryption is faster than asymmetrical since this
favors the decryption time is quite important.
The encryption and decryption functions provide an additional
layer of security:

GnuPG supports symmetric and asymmetric

algorithms for encryption. Only files and folders on
the user's computer.

Another option is to sks - ecc for GNU / Linux -just

running sudo apt- get install sks - ecc from the
console or GSKs , programmed in Bash. Zeniy
invoked to create simple interactive dialogues . Of
course, it must be installed ' zenity '. - The versatile ,
simple and effective portable software pocket SKS
Cryptography implements an excellent default
AES192 symmetric encryption through its -c and -C
options that encrypt a given file in a conventional
manner with a key generated from the password
provided by the user, It is capitalized -C option to
compress before encrypting if desired. The program
requires two parameters: the input file and output; the
password is required for command line echo output
to ensure maximum privacy. It is always used to
decrypt the -d option.

MD5. It is a 128-bit hash function . As all these

functions , making certain size at the entrance , and
come out with a fixed length (128 bits) . To check the
integrity of a downloaded file an MD5 Internet tool is
used to compare the MD5 sum of the file with a file
with the MD5 MD5SUM summary of the first file. It
is also used to verify that the emails have not been
tampered with using public and private keys . The
PHP language has implemented MD5 ("" ) among
others. On UNIX and Linux systems, the MD5
algorithm is used to calculate the hash key users.
Current systems use Linux more secure hash
functions , SHA -2 or SHA -3.

SHA -1. It is similar to MD5, but has a block of 160

bits instead of 128 bits.

The user will not know that there are those attributes that are
omitted to define a view.
V.

Encryption.

The concept of encryption is simple: given a message clear,

that is, recognizable message, to which you apply an
encryption algorithm is generated as a result an encrypted
message can only be deciphered by those who know the
algorithm used and the key that has been used.
A security technique is the data encryption used to protect
confidential data transmitted via satellite or some type of
communications network. Encryption can also provide
additional confidential sections of a database protection.
The data is encoded by an encoding algorithm. An
unauthorized user will have trouble deciphering the encoded
data, but an authorized user will have algorithms to decipher.
There are currently two types of encryption:

Symmetrical: The key used to encrypt the message so

as to decipher is common, so the chance of getting
the key is greater because its spread can be
intercepted by unwanted people.
Asymmetric: There are two keys, one to encrypt the
message and another to decrypt it, usually the first is
public, that is, only knows the sender, while the
second is called Private and only has to whom they
are directed messages sent between those with the
public key, therefore, only the holder of the private
key can read the messages (decrypt).

SHA (Secure Hash Algorithm) is a family of cryptographic

hash functions published by the National Institute of Standards
and Technology (NIST). The first version of the algorithm was
created in 1993 with the name of SHA, although it is known as
SHA -0 to avoid confusion with later versions. The second
version of the system, published under the name of SHA -1,

Jornada de Investigacin, Desarrollo Socio Productivo y Vinculacin Social del Departamento de Informtica, 2015

Universidad Politcnica Territorial del estado Aragua, Domnguez Chvez Jorge. Principios bsicos de seguridad...
was published two years later. Subsequently published SHA- 2
in 2001 (consisting of several functions: SHA -224, SHA -256,
SHA -384 and SHA -512) and the most recent, SHA -3. This
latest version is notable for being the most different from their
predecessors.

A.

AES encryption and RSA

Encryption (encryption) AES-256

The standard of encryption (encryption) advanced AES,
Advanced Encryption Standard (AES), is one of the most
secure algorithms used today - available for public use. It is
classified by the National Security Agency, National Security
Agency (NSA) of the United States to the highest security of
classified information "Top Secret". The algorithm called
"Rijndael" was introduced as the new encryption standard
AES in 2001 and became effective in 2002. The standard
algorithm is based on several substitutions, permutations, and
linear transformations, performed in data blocks of 16 bytes so it is called blockcipher. These operations are repeated
several times, called "rounds". In each round, a single
"roundkey" is calculated as the encryption key, and is
incorporated in the calculations. Based on this block structure
AES, the change of a single bit, whether the key, or blocks of
text simple and clear, resulting in ciphertext block / encrypted
completely different - a distinct advantage over ciphers
Traditional flow. The difference between AES-128, AES-192
and AES-256 is the key length: 128, 192 or 256 bits - all
improved compared to the 56-bit DES key. Crack a 128-bit
key AES standard with a super computer at the time, it would
take longer than the presumed age of the universe. Therefore,
it remains the standard AES encryption preferred by
governments, banks and high security systems worldwide.
VI.

is assigned an account owner, who has all privileges on that

table and is responsible for granting them to other accounts.
B.
Mandatory Access Control
The duties of the DBA is granting privileges and classify users
and data in accordance with the policy of the organization.
DBA privileged commands include the following types of
actions:
1.

Creating accounts.

2.

Granting privileges.

3.

Withdrawal of privileges.

4.

Assign security levels.

Action 1 list controls access to DBMS in general, while the 2

and the 3 control discretionary authorizations and 4 controls
the authorization requirement.

The mandatory security mechanisms impose multilevel security and classifying data users in several adhoc levels and then implementing appropriate
security policy of the organization.

Classification consists of both your subjects and

objects in the system 'access classes' that determine
the characteristics of confidentiality.

An 'access class' is an element of a set of 'classes'

partially ordered. Access classes are defined as a set
of two components, a 'security level' and 'set of
categories'.

Each "level of security" is an element of a set,

hierarchical and tidy, as 'top secret' (TS), 'secret' (S)
'confidential' (C) and 'not rated' (U), where TS > S>
C> U.

The whole category is a subset of an unordered set

where elements reflect different functional areas or
competencies as 'finance', 'administration', 'sales' and
'shopping' for commercial systems.

ACCESS TO DATABASE

Now a BD of an organization contains large amounts of data

and usually has several groups, most of them require access to
only a small part of the data. To this end, a DBMS has two
main approaches to this:
A.
Discretionary Access Control
Discretionary Access is a way to restrict access to information
based on privileges. Two levels of assigning privileges :
Account level : At this level, the administrator specifies the
special privileges that each user, independent of the database
tables (CREATE TABLE, CREATE VIEW, ALTER,
MODIFY, SELECT).

Subject to authorization: USERS User groups

PROCESS ROLES
Authorization privileges: READ, WRITE, EXECUTE,
SELECT, INSERT, UPDATE, REFERENCES, INDEX.
The access control policies are classified into two groups:

Level of relationship : At this level privileges to access every

relationship or single view are controlled. Each database table
Jornada de Investigacin, Desarrollo Socio Productivo y Vinculacin Social del Departamento de Informtica, 2015

Universidad Politcnica Territorial del estado Aragua, Domnguez Chvez Jorge. Principios bsicos de seguridad...
C.
Closed: Only authorized accesses are explicitly
allowed. See next figure below.

Open: the access not forbiden are allow. See

next figure.

due to vulnerabilities such as SQL injection, attackers also

facilitates incorporate other attacks inside the database.
B.
Assessment of vulnerability and configuration
Evaluate the configuration database to ensure that no security
holes.
This includes the verification of the way in which the database
and operating system installed (checking privileges groups file
-reading, writing and execution- database and transaction
logs).
Also, with settings files and executable programs.
It is also necessary to verify that it is not running database
versions including known vulnerabilities ; and prevent SQL
queries from applications or users layer. To this can be
considered (as administrator) :
Limit access to certain users procedures.
Delimit the data access to specific users, procedures and / or
data.
Decline matching between users that match schedules.
C.
Hardening
As a result of an assessment of vulnerability they are often
given a series of specific recommendations. This is the first
step in tightening the database. Other elements of hardening
involve removing all functions and options are not used.
Apply a strict policy that can and that can not be done, but be
sure to disable it does not need .
D.
Audit
After creating the settings and tightening controls , perform
self-assessments and monitoring audit recommendations to
verify non-diversion of its goal (security).

VII.

Safety Practices

We complement the following five safety practices previously

filed with the seven recommendations on safety in the design
and implementation in their databases, own servers installed in
your organization.
A.
Identify your sensitivity
You can not secure what is not known.
Draw up a good catalogue of tables or their bodies sensitive
database data. Also automates the identification process, as
this data and corresponding location may be changing due to
new applications or changes resulting from mergers and
acquisitions.
Develop or acquire identification tools, ensuring these
malware placed in your database the result of SQL injection
attacks; because apart from exposing confidential information

Automate configuration control register so that any change in

the same and implement alerts about changes in it. Each time a
change is made, it could affect the security of the database.
E.
Monitoring
Real-time monitoring of database activity is key to limiting
your exposure, apply or acquire intelligent agents monitoring,
intrusion detection and misuse.
For example, alerts on unusual access patterns that could
indicate the presence of a SQL injection attack, unauthorized
changes to data, change account privileges and configuration
changes by running a SQL script.
Remember monitoring privileged users, it is required for data
governance and regulatory compliance such as SOX and
privacy regulations. It also helps detect intrusions, as many of
the most common attacks are made with user privileges senior.

Jornada de Investigacin, Desarrollo Socio Productivo y Vinculacin Social del Departamento de Informtica, 2015

Universidad Politcnica Territorial del estado Aragua, Domnguez Chvez Jorge. Principios bsicos de seguridad...
Dynamic monitoring is also an essential element of
vulnerability assessment, allows you to go beyond static or
forensic evaluations. A classic example see it when multiple
users share privileged credentials or an excessive number of
logins database.
F.
Audit Trails
Apply generate audit trails and traceability of activities that
affect data integrity or viewing sensitive data.
Remember it is an audit requirement, and is also important for
forensic investigations.
Most organizations today use some form of manual auditing of
transactions or native applications of management systems
databases. However, these applications are often deactivated
due to:

complexity

high operating costs

performance problems

the lack of segregation of duties and

the need for more storage.

Fortunately, solutions have been developed with minimal

impact on performance and low operating cost, based on
intelligent agent technologies.
G.
Authentication, access control and rights
management
Not all data and not all users are created equal. You must
authenticate users, ensure the accountability per user, and
manage privileges to limit access to data.
Implement and periodically review reports on user rights, as
part of a formal audit process.
Use encryption to illegible confidential data, complicate the
work of the attackers, this includes encrypting data in transit,
so that an attacker can not listen on the network layer and
access to the data when it is sent to client database.

H.

http://www.iso.org/iso/catalogue_detailcsnumber=39
612
3.

Malware - Ataque a la Base de Datos [en]

http://ataquebd.blogspot.mx/

4.

Inyeccin de cdigo SQL - MSDN Microsoft [en

http://msdn.microsoft.com/eses/library/ms161953.aspx

5.

Escolano F. Inteligencia Artificial, Editorial

Paraninfo, 2003

6.

Aguilera L Seguridad Informtica 2010, Madrid,

Editorial Editex, S.A.

7.

El Reporte X-Force de IBM revela que el phishing y

las amenazas relacionadas a documentos se
incrementan [en]
http://www.lawebdelprogramador.com/noticias/mostr
ar.php?id=2460

8.

http://sox.sourceforge.net/

9.

Daniel Camargo Montero, Sistema de seleccin de

personal inspirado en agentes inteligentes, [en]
http://catarina.udlap.mx/u_dl_a/tales/documentos/lis/
camargo_m_d/

10. El Reporte X-Force de IBM revela que el phishing y

las amenazas relacionadas a documentos se
incrementan [en]
http://www.lawebdelprogramador.com/noticias/mostr
ar.php?id=2460
About the Author
Jorge Dominguez Chavez. Degree in Physics, Doctor in Sciences, Software
Development mention the UNAM. Computer security specialist from the
University of Washington. Territorial Assistant Professor in the Polytechnic
University of Aragua state. Appointed Tutor at the National Autonomous
University of Mexico. Visiting Professor University Federal do
Rio Grande do Sul, (BRAZIL). Author of several books and articles on
database software development, operating systems, computer
security. Dr. Domnguez is recognized lecturer.

References

1.

ISO/IEC 27001:2005 - Information technology -Security techniques [en]

http://www.iso.org/iso/catalogue_detail?
Csnumber=42103

2.

ISO/IEC 17799:2005 - Information technology -Security techniques [en]

Jornada de Investigacin, Desarrollo Socio Productivo y Vinculacin Social del Departamento de Informtica, 2015