Skip to content

DA4. Database security issues

Statement

In Unit 4, we are introduced to the concepts of Database security For your discussion assignment: Locate a recent article (from 2010 onwards) on database security on one of the registered websites, and summarize and discuss the major issues raised.

Discussion

  • I explored multiple articles on database security, and I found some common threats or issues that are mentioned in some of the these articles. I will list some of these issues below along with a brief description of the issue and how it can be resolved.
  • Database security Threats:
    1. SQL Injection: SQL injection is injecting a code inside a SQL query, that allows it to execute differently than it was intended to.
    2. Denial-of-service (DoS) attacks: Denial-of-service attacks are attacks that are designed to make a service unavailable to its intended users. The attacker will send a large number of requests to the server, which will cause the server to crash or become unresponsive to legitimate requests.
    3. Exposure of backups: Backups that are not properly encrypted can be accessed by unauthorized users. This can lead to the exposure of sensitive data.
    4. Credential theft: Credential theft is when an attacker steals the credentials of a legitimate user and uses them to access the database.
    5. No Security Testing Before Deployment: security testing should not be omitted, and developers should be following the security best practices.
    6. Users with too many privileges: Users with too many privileges can cause a lot of damage to the database, and they can access sensitive data.

References