Database Security: Challenges and Protections

Abstract:

The use of database systems is growing, so is vulnerable to security breaches. We surveyed the latest security challenges facing database systems including weak authentications, unauthorized privilege elevations, excessive privileges, SQL injection, malware, intellectual property rights, lack of reliable technical operators, database survivability, and denial of service. We reviewed and stated our opinion about the newest proposed solutions by researchers to protect database systems including authentication, access control, database audit system, and others to minimize security breaches. The researchers of this work found out that the most common threat is excessive privileges as it involves third party direct interaction with customer details, followed by challenges encountered in securing databases (survivability of databases, quality of data, difficulty in hiring technical operators and intellectual property rights management). The researchers then suggested the following solutions to surveyed threats: a) Databases should have a secure authentication mechanism and should implement an access control mechanism, b) An audit system should be implemented in the database system to check for any malicious activities, c) Create a search engine to search for data logs in an encrypted database system without breaching confidentially and integrity of the system, and lastly, d) Protect the data owner in the database management system to prevent the manipulation and replication of data in the DBMS.