UNIVERSITY OF DAR ES SALAAM

COLLEGE OF SOCIAL SCIENCES (CoSS)

INFORMATION STUDIES UNIT

PROGRAMME: M.A Information Studies

COURSE CODE: IL 636
COURSE NAME: Information Technology and Its Applications
COURSE INSTRUCTOR: Prof. E. Wema
ASSIGNMENT TYPE: Group Assignment
GROUP NO.: 1
PARTICIPANTS:

NAMES REGISTRATION NUMBER

John S. Moshi 2024-06-02184
Asia H. Turra 2024-06-01685
Thomaides T. Mugisha 2024-06- 01301
Neema Y. Ndyanga 2024-06-00607

QUESTION
Discuss various security challenges and measures you would take when managing a database

i
A database is an organized collection of information, usually with one central topic. In a computer
database (as opposed to a paper database), or the program that you use to enter and manipulate the
data (Derclaye, 2005). Therefore, a database is a shared collection of related data, alongside the
description of the data prepared to meet specific information needs. Example of a database; a
telephone book, T.V. guide, airline reservation system, papers in your filing cabinet, files on your
computer hard drive.

Database management, refers to the practice of organizing, storing, retrieving, and manipulating
large collections of data within a structured system by using specialized software known as a
"Database Management System (DBMS)" as an approach towards database management which
allows for efficient access and manipulation of data by multiple users and applications (Iqbal et
al., 2023). Database management involve activities data retrieval, data capture data capture data
storage data arranging, data maintenance, data verification data coding, data editing, data
transcription, and data transmission (Kulkarni et al., 2012).

Database security is the backbone of every organization as databases act as a primary storage for
data. Database security involves tools, processes, and methodologies that establish security inside
a database environment. A secure database ensures that the data and information stored in it meets
the key security principles which include; availability, integrity, confidentiality, and authenticity
(Iqbal et al., 2023). Availability is one of the fundamental principles of data and information
security, ensuring that authorized users can access information and data when needed. Integrity of
data is when data cannot be modified in an unauthorized manner. Confidentiality of data involves
data not being disclosed by an unauthorized user. Lastly, data authenticity involves verifying that
the data source is legitimate and has not been tampered with (Nath, 2019). Therefore, database
security procedures aim at protecting the database and the data inside the database, and all the
applications that access it from intrusion, misuse of data, and damage.

Many dangerous attacks are done on databases day by day making it crucial to implement various
database security measures to protect sensitive data. In managing databases, various security
challenges may arise which can be categorized as interruption, interception, modification, and
fabrication (Usmani et al., 2019). Interruption is an attack on the availability of data or services
rendering them unavailable to legitimate users. Interception is a kind of attack on a database
involving unauthorized access to data in this kind of threat an attacker can eavesdrop on

1
communication channels between the database and user offending confidentiality. Modification is
an attack on integrity, it occurs when data or database structure is altered by an unauthorized party
rendering its accuracy and trustworthiness. The last category of threat to the database is fabrication
it involves the creation or insertion of false data into the database resulting in loss of data
authenticity. The following are the different database security attacks or challenges and how these
challenges affect the database.

Hardware and software failures. Technical hardware failures or errors occur as a result of poor
manufacturing and distribution of equipment containing flaws to users. These defects can cause
the system to perform outside of expected parameters, resulting in unreliable service or lack of
availability (Avci & Koca, 2023). Malfunctioning hardware, such as disk crashes or network
issues, can interrupt database availability. Additionally, software bugs or misconfigurations in the
database management system (DBMS) can lead to downtime, affecting access and operations
dependent on the database.

Insider threats. This is malicious threats from people within the organization, involving authorized
personnel, such as employees or contractors, who intentionally or unintentionally alter or tamper
with database data (Yuan & Wu, 2021). These individuals often have access to sensitive data and
system configurations, which makes them dangerous if their intentions turn malicious. Insider
threats occur in three ways, a malicious insider who intends to harm the database, a negligent
insider who exposes the database to vulnerability attacks, and from outsider who may obtain
credentials through schemes such as phishing.

SQL injection attack. Structural Query Language (SQL) injection is a common attack where an
attacker can add SQL strings to craft a query maliciously and exploit the database. By injecting
malicious SQL code into input fields or application queries, the attacker can temper with data, or
even execute arbitrary commands that might change the database structure allowing authentication
bypassing and access to the database. With access to the database, attackers may manipulate and
breach sensitive data. This attack is mostly done using stored procedures by connecting to database
systems in a control mechanism (Avci & Koca, 2023).

Denial of Service attack (DoS). This is a type of cyber-attack designed to disable, shut down, or
disrupt the database or service provided through a database. Typically, malware such as a virus or
worm is used to interrupt or inhibit the normal flow of data into and out of a database to render the

2
data inaccessible to legitimate users. It involves overloading the database with queries or requests
to make the database unavailable. Also, distributed denial of service attacks occur when multiple
DoS attacks are launched simultaneously from various locations (Khanuja & Adane, 2011). A
DDoS attack occurs when multiple systems coordinate a synchronized DoS attack against a single
target. The main difference is that instead of being targeted from one area, the target is attacked
from numerous sites at once.

Natural or environmental disasters. Physical damage to data centers or servers caused by fires,
floods, earthquakes, or other environmental disasters can disrupt access to the database. These
incidents can result in extended downtime if proper disaster recovery measures are not in place
(Usmani et al., 2019). .

Backup vulnerabilities. Backup vulnerabilities, such as the loss or corruption of backup files, can
prevent the restoration of data following an outage. This can significantly prolong the period of
unavailability and disrupt critical operations dependent on the database.

Buffer overflows. Buffers are memory storage regions that temporarily hold data while it is being
transferred from one location to another. Buffer overflows in databases occur when more data is
written to a memory buffer than it can handle, often due to invalidated input or vulnerabilities in
the database software (Khanuja & Adane, 2011). Attackers exploit these flaws by sending
oversized inputs, causing memory corruption that can lead to database crashes, or data corruption.

Password Cracking Attacks. In this threat, the attacker cracks the database password and uses it to
launch further attacks. an example of password cracking attacks includes brute force attacks, in
which an attacker employs trial and error to guess login information by inputting several passwords
or paraphrases.

Improper Configurations. Improper configuration happens when insignificant services are

enabled, and default configurations are being used, potentially leaving sensitive data unprotected.
The attacker may detect and exploit points of vulnerabilities in terms of remote functions or default
certifications. Some attacks, like SQL Injection, allow attackers to easily compromise the systems.

Sniffing. Attackers intercept network traffic to listen for and read unencrypted data between the
database and applications (Kulkarni et al., 2012). This allows them to intercept sensitive

3
information, such as SQL queries or plaintext credentials, during the login process or while
interacting with the database.

Session Hijacking. Session hijacking is a type of attack where a malicious actor takes over a
session between a database and a user to obtain sensitive information (Kulkarni et al., 2012). Once
the attacker successfully hijacks the session, they can access the database and potentially conduct
data theft or data manipulation.

Backdoors. This is a specific type of malicious code or software that is executed by attackers to
allow an unauthorized connection to the database. Backdoors are designed to infect the database
or server without the knowledge of the user (Khanuja & Adane, 2011). They give an attacker the
ability to tamper with data and cover their tracks. Backdoors represent a serious threat to database
integrity, as they enable persistent unauthorized access and modification.

Phishing attacks. These are social engineering attempts to steal private and sensitive data, like
credit card numbers, usernames, and passwords. It is the technique of making false claims that
seem to originate from a reliable source (Kulkarni et al., 2012). Attackers can impersonate the
legitimate user to gain access to the database and create false data.

The following are the security measures to mitigate the challenges

Database security measures these are processes, methods and techniques that are designed to
detect, prevent or recover from security attacks. Prevention measures are security measures that
keep database policy from being violated, they prevent an attack from happening (Lunt &
Fernandez, 1990). Detection measures provide alerts when an attack is about to happen or when
the security policy is about to be violated this helps database administrators to take actions before
database comprise has occurred. Lastly, recovery mechanisms involve techniques to provide
backup after an attack has been conducted, through recovery measures an organization can stand
back even after a database security attack.

Authentication and access control mechanisms. Authentication is a mechanism for verifying the
identity of users, determining whether a user is who he or she claims to be. Strong and common
authentication methods including passwords, biometrics, tokens, and multi-factor authentication
(MFA), help to ensure that only authorized users have access to the database. Access control is a
means to limit user’s access to the database contents through role-based permissions. Access

4
control mechanisms like discretionary access control (DAC), mandatory access control (MAC),
and role-based access control (RBAC) restrict users to appropriate levels of data access based on
their assigned roles (Omotunde & Ahmed, 2023). Access control helps to prevent unauthorized
data access or modifications. This will help to prevent attacks such as insider threats and session
hijacking.

Data encryption. This is the process of encoding data and information by using a special algorithm
that renders the data unreadable by any program without the decryption key. Encrypting data at
rest or in transit prevents sensitive information from being intercepted or accessed by unauthorized
users. Encryption ensures that genuine content cannot be decoded by unauthorized individuals
even if data is obtained, it is difficult to understand without the necessary decryption keys
(Bauskar, 2024). This protects against sniffer attacks and session hijacking.

Adapting Intrusion Detection and Prevention Systems (IDS/IPS) such as auditing and logging.
These systems examine traffic to search for anomalous patterns of behavior or known signs of
attacks. IDSs can monitor and analyze network traffic or database activities to detect and prevent
unauthorized access, intrusions, or malicious behavior and alert on unusual traffic patterns
indicative of DoS attacks, SQL injections, buffer overflows, session hijacking, and the like to the
system administrator by using alarms or any other forms of notifications (Omotunde & Ahmed,
2023). An example of IDS is honeypot which is a fake target system used to lure hackers away
from the critical database as well as a tool to analyze an attacker’s methods and characteristics.

Regular backup, recovery, and updates. Backup involves periodically transferring an encrypted
copy of the log file and database to a secure offline storage media (Avci & Koca, 2023). It ensures
that data can be restored in the event of a breach or failure. Periodically testing backups reduces
downtime and data loss by confirming that data can be reliably restored when necessary. Also,
updating the database management system (DBMS) and associated software with the latest patches
addresses vulnerabilities that hackers might use. Regular updates secure the database system by
helping to close backdoors that attackers may use to obtain unauthorized access. This will also aid
in the prevention of DoS attacks, as updates can assist patch vulnerabilities that can be used to
overwhelm the database.

Protection through firewall. A firewall is a device that is placed between an organization's internal
network and the external network. Firewalls can either be hardware or device software, which filter

5
and control information coming from the internet to one’s private network or individual computer
and allow the transit of safe and harmless data in or out of the database (Anwar et al., 2021). A
firewall can detect and block unusual traffic patterns indicative of DoS attacks, such as a sudden
flood of requests aimed at overloading the database. Firewalls can also enforce the use of secure
protocols like HTTPS or VPNs for communication between the database and its clients, reducing
the risk of data being intercepted.

Implementing database security policy. A database security policy provides a framework on how
data is supposed to be secured and handled in an organization. The policy outlines the
responsibilities and duties of the employees regarding data access and usage, but also covers best
practices to ensure database security. These practices include activities such as policy enforcement
and training employees to make them aware of security challenges and how to protect themselves
from attacks.

6
 REFERENCES

Anwar, R. W., Abdullah, T., & Pastore, F. (2021). Firewall best practices for securing smart

healthcare environment: A review. Applied Sciences, 11(19), 91–83.

https://doi.org/10.3390/app11199183

Avci, İ., & Koca, M. (2023). Security problems and solutions in databases. International Capital

Conference on Multidisciplinary Scientific Research, 145–152.

Derclaye, E. (2005). What is a Database? The Journal of World Intellectual Property, 5, 981–

1011. https://doi.org/10.1111/j.1747-1796.2002.tb00189.x

Iqbal, A., Khan, S. U., Niazi, M., Humayun, M., Sama, N. U., Khan, A. A., & Ahmad, A. (2023).

Advancing database security: A comprehensive systematic mapping study of potential

challenges. Wireless Networks, 30(7), 6399–6426. https://doi.org/10.1007/s11276-023-

03436-z

Khanuja, H. K., & Adane, D. (2011). Database security threats and challenges in database

forensic: A survey. Proceedings of 2011 International Conference on Advancements in

Information Technology (AIT 2011), 20, 170–175.

Kulkarni, S., Urolagin, S., De Decker, B., Neven, G., Piessens, F., Ahmed, C. S., Malik, S. U. R.,

Fernandez-Medina Paton, E., Piattini, M. G., Jiangtao, Y., Veeramachaneni, V. K.,

Basharat, I., Azam, F., Wahab Muzaffar, A., Malik, M., Patel, T., Shastri, A. A., Chatur,

P. N., & Yuhanna, N. (2012). Review of Attacks on Databases and Database Security

Techniques. International Journal of Computer Applications, 2(12), 28–34.

Lunt, T. F., & Fernandez, E. B. (1990). Database Security. In ACM SIGMOD Record (Vol. 19,

Issue 4). Elsevier. https://doi.org/10.1145/122058.122069

7
Nath, A. (2019). A review of security challenges in cloud computing. Journal of Cyber Security,

5(2), 45–58.

Omotunde, H., & Ahmed, M. (2023). A comprehensive review of security measures in database

systems: Assessing authentication, access control, and Beyond. Mesopotamian Journal of

CyberSecurity, 1, 115–133. https://doi.org/10.58496/MJCS/2023/016

Usmani, S., Rehman, F., Umair, S., & Khan, S. A. (2019). A Review of Security Challenges in

Cloud Storage of Big Data. Cloud Security, 5(2), 1440–1459.

https://doi.org/10.4018/978-1-5225-8176-5.ch073