DATABASE SECURITY: THREATS AND PREVENTIVE MEASURES

Main Article Content

Volodimir Pevnev
Serhii Kapchynskyi

Abstract

The subject matter of the article is the variety of different threats and vulnerabilities which can occur while developing, managing and maintaining different databases and database management systems. The goal is to analyze the described threats and provide the most appropriate solutions. The tasks to be solved are: analyze the variety of different threats and vulnerabilities and select the most common and problematic ones, propose the most appropriate preventive measures or solutions for each of items selected. Ensuring database security is very critical for the organizations. As the complexity of the databases increases, we may tent to have more complex security issues of database.

Article Details

How to Cite
Pevnev, V., & Kapchynskyi, S. (2018). DATABASE SECURITY: THREATS AND PREVENTIVE MEASURES. Advanced Information Systems, 2(1), 69–72. https://doi.org/10.20998/2522-9052.2018.1.13
Section
Methods of information systems protection
Author Biographies

Volodimir Pevnev, Kharkiv National Aerospace University named after M. E. Zhukovsky "KhAI"

Candidate of Technical Sciences, Associate Professor, Associate Professor of the Department of Computer Systems, Networks and Cybersecurity

Serhii Kapchynskyi, Kharkiv National Aerospace University named after M. E. Zhukovsky "KhAI"

Student of the Department of Computer Systems, Networks and Cybersecurity

References

Common Criteria DBMS Working Group Technical Community (2015), Base Protection Profile for Database Management Systems (DBMS PP) V 2.07, BSI-CC-PP-0088, available at:

https://www.commoncriteriaportal.org/files/ppfiles/pp0088b_pdf.pdf (last accessed January 29, 2018).

Database Security Consortium Security Guideline WG (2009), Database Security Guideline V 2.0, available at: http://www.db-security.org/report/dbsc_guideline_ver2.0_e.pdf (last accessed January 29, 2018).

Mubina Malik and Trisha Patel (2016), Database Security – Attacks And Control Methods, International Journal of Information Sciences and Techniques (IJST) Volume 6, No. 1 (2), Department of Computer Science & Applications, Kurukshetra University, Kurukshetra, available at:

https://www.ijser.org/researchpaper/Database-Security--Attacks-and-Techniques.pdf (last accessed January 29, 2018).

Eugene Philipov (2016), “Comparing multiple rows insert vs single row insert with three data load methods”, available at: https://www.red-gate.com/simple-talk/sql/performance/comparing-multiple-rows-insert-vs-single-row-insert-with-three-data-load-methods/ (last accessed January 29, 2018).

Andras Cser, Stephanie Balaouras, Laura Koetzle, Merritt Maxim, Salvatore Schiano, and Peggy Dostie (2016), The Forresetr Wave: Privileged Identity Management, Forrester Research, Inc., Cambridge. available at:

https://www.beyondtrust.com/wp-content/uploads/forrester-wave-for-privilege-identity-management-2016.pdf?1467996373 (last accessed January 29, 2018).

Nicole Perloth (2012), “Hackers Breach 53 Universities and Dump Thousands of Personal Records Online”, New York Times, New York, available at: https://bits.blogs.nytimes.com/2012/10/03/hackers-breach-53-universities-dump-thousands-of-personal-records-online/ (last accessed January 29, 2018).

ICO (2016), “TalkTalk gets record £400,000 fine for failing to prevent October 2015 attack”, Information Commissioner’s Office, Wilmslow, available at: https://ico.org.uk/about-the-ico/news-and-events/news-and-blogs/2016/10/talktalk-gets-record-400-000-fine-for-failing-to-prevent-october-2015-attack/ (last accessed January 29, 2018).

Amichai Shulman (2008), “Top Ten Database Security Threats: How to Migitate The Most Significant Database Vulnerabilities”, available at: http://schell.com/Top_Ten_Database_Threats.pdf (last accessed January 29, 2018).

Dean Alvarez (2016), “Dailymotion loses 85 million users` details in data breach – Industry Reaction”, available at:

http://www.itsecurityguru.org/2016/12/06/dailymotion-loses-85-million-users-details-data-breach-industry-reaction/

(last accessed January 29, 2018).

Chris Vickery (2016), “Massive Breach of Mexican Voter Data”, available at:

https://mackeeper.com/blog/post/217-breaking-massive-data-breach-of-mexican-voter-data (last accessed January 29, 2018).

Mazhar Farooqui (2016), “Data of 34 million Keralites leaked in massive breach”, available at:

http://gulfnews.com/xpress/news/data-of-34-million-keralites-leaked-in-massive-breach-1.1930317

(last accessed January 29, 2018).

James Sanders, “Chinese government linked the largest DDoS attack in GitHub history”,

https://www.techrepublic.com/article/chinese-government-linked-to-largest-ddos-attack-in-github-history/

(last accessed January 29, 2018).

Michelle Leech (2017), “Data breach statistics 2017: First half results are”, available at:

https://blog.gemalto.com/security/2017/09/21/new-breach-level-index-findings-for-first-half-of-2017/

(last accessed January 29, 2018).