TITLE:
Analysis of Database Security
AUTHORS:
Xueying Pan, Anthony Obahiaghon, Brendan Makar, Samuel Wilson, Christian Beard
KEYWORDS:
Database Security, SQL Injection, Control Measure, Security Mechanism, Key Infrastructure, Database System
JOURNAL NAME:
Open Access Library Journal,
Vol.11 No.4,
April
15,
2024
ABSTRACT:
The purpose of this paper is to analyze a variety of factors arising
from database vulnerabilities such as software bugs, misconfigurations,
insecure coding practices, and security threats, and to discuss how database
administrators (DBAs) response to these database vulnerabilities and threats.
In this paper, we not only discuss how authorized users use various techniques
to secure data schemes, get privileged access, and keep database system
security but also introduce different control measures and mechanisms for
granting and revoking privileges in the relational database system. Specifying
security mechanisms including discretionary access control, mandatory access
control, role-based access control, and Extensible Markup Language (XML) access
control against different database threats such as Structured Query Language
(SQL) injection attacks that would have caused loss of integrity, availability,
and confidentiality. We have addressed specific preventive measures to the one
of major database threats, which is SQL injection. From deeply analyzing
statistical database security, we have found security problems that need us to
pay attention to flow control and covert channels. Finally, we summarized some
of the key research results including vulnerability analysis, threat modeling,
access control mechanisms, cryptographic techniques, and database forensics.