Ê
 



 Ê 


As business processes are becoming more complex, the use of technology to manage the
information that the business receives is deemed necessary. Managing this information is difficult
especially because they come in large amounts and every part of it is indispensable. This trend requires
businesses to have databases in order for them to store and manage all those information. Database
contains numerous sensitive information that when leaked, can be detrimental to the organization.
Database Security plays a vital role in protecting the database from external attacks and threats. ³The
primary objectives of database security are to prevent unauthorized access to data, prevent unauthorized
tampering or modification of data,and to insure that data remains available when needed´ (Murray, 2010).

There are three basic concepts that are in the core of database security. It is represented by the
CIA Model, which stands for Confidentiality, Integrity, and Availability. The CIA Model should be the
guiding principle for every database security methods because it plays a fundamental role that could
guarantee a secured database for the business organization (Concepts of Database Security, 2010).

Confidentiality is the first core concept, and it can be applied through data encryption (Concepts
of Database Security, 2010). Encryption is a technique where the data is encoded in such a way that only
authorized users can read and access the data, thus preventing unsanctioned use. Furthermore, it would
prevent data leaks to third parties due to the security functionality encryption provides.

Integrity could be achieved in database security by limiting the access to the database
information of some users (Concepts of Database Security, 2010). By enforcing User Access Controls
(UAC) not everyone in the organization could edit the information in the database. They may be able to
view it but it prevents from altering anything on the records since they have limited access on it. This
reduces the risk of fabricated database information, and thus maintains its integrity.

Availability is the last core concept of database security (Concepts of Database Security, 2010). It
means that the database should be accessible anytime. More than just accessibility, it also involves the
necessary back-up procedures of the entire database. This is to reduce the risk of large data loss when
application error occurs.

The CIA model does not only safeguard the database from external threats but as well as internal
ones. It takes into account that not all threats on the database originates from outside the business
organization, but it is likewise possible that an internal attack could occur. By observing sufficient security
procedures, the database is safe. However, it is important to keep in mind that as technology is
advancing; the risks in database security are likewise greater. Thus, it is vital to always ensure that the
level of security is sufficient to protect the database.

   Ê

To protect the database from both external and internal threats, there are various database
security solutions available for organizations to use for their systems. Understanding the different levels of
database security can help in applying the necessary steps in protecting data from both internal and
external threats.

Database security is a major component in database administration; however it is sometimes

overlooked by management in favor of convenience. User accounts (who are not administrator accounts)
are sometimes given extra permissions to access the database in order to save time, and corrective

c c
measures to fix some of the systems¶ errors are not applied on time. Best practices are not followed by
giving more users more privileges and delaying fixes to the system.

For external threats, there are various solutions available for organizations and personal
computers in the internet. Programs such as firewalls, antivirus and antispyware and antimalware in
general are readily available for download to protect one¶s system from external threats. Some
precautionary measures are also useful besides installing protection software.

For internal threats, database auditing is a solution commonly employed by organizations to

monitor the actions of their own users and protect the database from internal threats. An example of a
database security measure used by and large is SQL, which stands for Service Query Language. SQL is
a type of computer language to manage data in relational database management systems. There are
other computing languages being used by programmers besides SQL.

In database server management and in computing in general, there are a few levels of security
that have to be considered and used.

i Server-level security: What can be done with the server to protect its database
i Network-level security: What can be done with and through the network to protect the
database
i Operating system-level security: What can be done with the operating system to protect
the database

How security should be handled in each level will be further discussed in the following
section (Acunetix, 2010).

‘  

a. „
   


 c
The more services there are available on the computer, the more possible
exploits a hacker or a malicious user can take advantage of. Removing services
unnecessary for a server will not only leave any exploiter less chances to take advantage
of your system, it will also free up memory and allow the machine to perform better.

2  „
   
Remote access, if needed, should be restricted only to specific user accounts
and if possible, to specific IP addresses. Servers should not be accessed from public
computers such as those in computer shops. If the aforementioned restriction is in place,
this should not be a problem. This restricted access limits the opportunities for hackers to
access the company¶s server.

@. p 
  
   
  

 c
Development, testing and the production environment for web services should be
on a separate machine from the server. Because development, testing and production
are not yet ready for publishing, keeping them away from public access keeps the
unfinished product away from potential exploits.

J. r 2     


 
 c
Web applications and website files should be placed in a location away from the
system¶s operating files. If in the event that the website gets exploited and hacked, the
hacker won¶t find his way into the operating system files right away.

. ÿ

 
  c
Non-administrators and other users besides the system administrator should be
allowed only minimum privileges (i.e. viewing only) to access the data.

c
c
      
    

Security patches must be installed as soon as they are released. These patches
contain safeguards against the security problems encountered and thus provide
protection and prevention against security exploits.

   
     


Logs should be kept in a segregated area and should be reviewed regularly to
see if there are abnormal activities happening to the server. If there are any suspicions,
the issue must be addressed immediately.

  
  
The original account created during the installation of the operating system
should be renamed and not be used. This allows any potential exploiter to have a harder
time accessing an administrator account. Everyone who uses the server including
administrators should have his own account. Having separate accounts makes it easier
to track usage of the machine.

R. „
   
      c

If the programs run on the server do not need certain extensions and modules in
order to perform in the desired level, then these extensions and modules should be
removed. Removing these will give exploiters less chances to exploit the programs being
run on the server.

.   
  
   2

 
c
A little prevention goes a long way. It won¶t hurt to add a little more protection for
the server to protect it against exploits.

. p 

c
In this day and age, information is what keeps one ahead of the competition.
Information also provides one with the knowledge about the latest and recurring security
threats and how to protect one¶s server against them.

G   

 ÿ
   

Whether in a local network or online in the internet, protection software such as
antivirus software, antispyware programs, firewalls (besides the one provided along with
the operating system), and antimalware programs in general provide good protection for
network threats. These programs must be updated regularly to ensure top performance.

2  „

 
Passwords help prevent unwanted users to access the network, thus giving more
privacy and security. Another form of router regulation is to utilize MAC addresses to limit
the network to certain computers.

ü  ! "

 
 
Operating systems (such as Microsoft Windows) usually come with their own
firewalls nowadays. Firewalls screen and filter programs and processes that attempt to
send information in and out of the computer.

2  
   
User account settings security consists mainly of the user account password and
other settings. Having a strong password and the proper settings in place can give one¶s
account added security.

c c
   „ 
 
The manufacturer of the operating system releases updates (patches, upgrades,
etc.) to improve operating system functionality. Sometimes, these updates include
security patches to address current security exploits of the same operating system.

   Ê



Often times, organizing a lot of databases and applications is the main role of database servers.
To be able to access the information from the database, users need to get permission from the database
administrator. The database administrator decides whether to grant the request of the user to access the
database or not. Also, the administrator decides which object in the database the user can access. When
the permission is granted, only the user can access the database. Password will be given to the user to
ensure that he is the only one who has the access to the database. This procedure is called authorization
(Bragg, Ousley and Strassberg, 2004).

Ê "  c c

Defining the administration policy of an information system is very important since it would define
who has the power to grant or deny the request of the users to access the database. An information
system can follow centralized administration, ownership-based administration or decentralized
administration. If the information system follows centralized administration, only a few of users have the
power to grant or reject access rights. On the other hand, if it implements ownership-based administration,
the creator of a certain object, such as a table, has the power to allow the user to access the object or not.
There are times that the creator still has to ask the approval of the database administrator. Lastly,
decentralized administration means that there are different people managing different databases or
objects. Sometimes, decentralized administration also gives the owner of an object authorization rights.
Through these authorization rights, owners can allow users to give or reject the access rights to the object.
Access rights can vary from one user to another. Some users can edit, update, delete, create, or insert
data to the whole database, while some users can only do these things to a certain row or column of a
table (Stallings and Brown, 2008).

  

Once the administration policy of the information system is established, the database
administration can now grant or revoke access rights to the users. One way to assess the request of the
user is through his roles. De CapitanidiVimercati, Foresti and Samarati interpret role as ³a set of privileges
that any user playing that role is associated with´. Users should clearly define to the database
administrator what roles he wanted to be part in. The administrator will assess the user¶s request, and
decide which roles he can participate in. Once the permission is granted, the user can now utilize the
privileges he receives (2008). An example would be a sales staff requesting for access to the database.
The sales staff wanted to view and insert data in a table. The database administrator will assess the
request, define which roles he can play, and grant the request. Once the request is granted, the sales
staff can now view or insert data in a certain table. However, he can only do these tasks. Other than
these tasks, he is not allowed to make other actions within the database. Another example is that of a
Sales Manager who is requesting to have access in a given database. As a Sales Manager, he wanted to
have the capacity to delete or add some data within the database. Just like the previous example, the
database administrator will review the request, define which roles he can play, and grant the sales
manager to access the database. Since the sales manager has a higher position compared to the sales
staff, he was granted more privileges to access the database. Through these examples, it is evident that
the database administrator can design a hierarchy of permissions based on the roles of the user. It is also
evident that roles allow the database administrator to control the permissions being granted to the users
(Bragg, Ousley and Strassberg, 2004).

c c
Ê   
Discretionary policy is also one of the policies that an information system can have to control
access to the system¶s object. Under this policy, approval of access depends on the owner or creator of
the object (Bidgoli, 2006). Also, authorization rules are important to be able to know the privileges that a
subject has over a certain object. Access to the object is only approved to subjects to whom
authorization rules are present and are confirmed (Castano et. al., 1995).

The basis of this policy is the identity of the subject, who is requesting for access to the object.
This policy may seem to be applicable only to decentralized administration or ownership-based
administration. However, it is also applicable to centralized administration. In a centralized administration
system, it will be the system administrator who will grant or revoke the request of the subject. Complex
authorization policies are required in discretionary policies. These authorization policies intend to have
the proper control on the transferring of rights from the authorizer to the subject (Castano et. al., 1995).

Discretionary policies also have some downsides. One of the main weaknesses of discretionary
policies is the presence of Trojan Horses. Trojan Horses can still copy information from the one object to
another. With this, the object is not secured properly. Another weakness of discretionary policies is that
information from a readable object can freely flow to other objects that can be edited by the subject. This
would allow other subjects to view data from other objects, which they are not authorized to view
(Castano et. al., 1995).

x   

An information system can also follow mandatory policy. In this policy, the central authority
implements some rules and regulations where access control is based on system's subjects and objects
categories (De CapitanidiVimercati, Foresti and Samarati, 2008). It cannot be changed or modified by
individual users (Bidgoli, 2006). This model is applicable in situations wherein numerous information that
are highly secured can only be accessed if the system data can be categorized, and there are clear users
(Castano et. al., 1995). One of the most usual examples of mandatory access control policy is the
multilevel security policy, wherein the classification of the system¶s subjects and objects are its
foundations (De CapitanidiVimercati, Foresti and Samarati, 2008). Under this policy, the database objects
are assigning to a security class. On the other hand, each subject, active entities such as users, is
allotted to a security class. This mandatory access control policy defines which objects, from a security
class, a subject, with a stated clearance, can read or write. To avoid the information to transfer from
sensitive objects to less sensitive objects is the main aim of this policy (Bidgoli, 2006).

The subjects and objects in the system are related to a specific access class. Security levels and
a set of categories are the composition of an access class. Security levels give ranking to a set of
information (Bidgoli, 2006). For example, 0 is associated with unclassified objects or subjects. 1 and 2 are
identified as confidential objects or subjects and secret objects or subjects respectively. Lastly, 3 is for top
secret objects or subjects (Castano et. al., 1995). On the other hand, a disorganized set of information is
what a set of categories builds (De CapitanidiVimercati, Foresti and Samarati, 2008). An example of a set
of categories would be the names of the subjects that stand for the department of an organization (Bidgoli,
2006). With the security levels and a set of categories, access class is portrayed as a partial order
relation (De CapitanidiVimercati, Foresti and Samarati, 2008).

There are two basic principles that arise from the access class ± No read-up and No write-down.
No read-up means that a subject can only read the object, given that the subject has a higher or the same
access class to the object. For example, a user which is classified as a confidential user can read the
objects which are classified as unclassified and confidential. However, the user cannot read secret
objects and top secret objects. No- write down, on the other hand, implies that a subject can only edit or
add some data to the object considering that the subject belongs to a higher or the same access class to
the object. For example, a secret subject can write on the objects which are classified as unclassified,
confidential and secret. The user is prohibited to write on the top secret objects (Bidgoli, 2006).

c c
    


³Today, application integration is the single biggest challenge facing IT organizations. With
business imperatives driving an increasing need for cross-organization integration, this challenge is
getting ever more complex´ (XWSS Organization, 2007). On using web application security, a Web
container holds all the Web application elements that include components, servlets, JSPs, HTML pages,
and others. The deployment descriptor of a certain Web application describes how it is deployed which
also includes the level of security for the various elements of the application. For instance, your Web
application may have an HTML page that is available to everyone checking the website; on the other
hand, other HTML pages are restricted and can only be viewed by preferred or existing customers
(XWSS Organization, 2007).

³The following diagram illustrates the difference between the old security model and the new security
reality:

Source: www.xwss.org.

Organizations are beginning to realize that this old worldview no longer works. While network
firewalls will clearly continue to be central to network designs, they don't address all of today's
requirements and realities, which include the following:

i Most security breaches come from within the firewall.

i Business imperatives require cross-firewall access and integration.

i Ports intended to pass specific protocols are being used for a wide variety of purposes.

i XML Web Services SOAP messages were specifically designed to easily pass through
existing firewalls by being carried over transport protocols (HTTP, SMTP, etc.) that are
commonly carried through open firewall ports.

c c
 i New code written with modern tools (.NET, current J2EE apps servers, etc.) will be the
minority of nodes in an XML Web Services data network. Legacy applications and
packaged applications will be the majority of nodes. Legacy and packaged applications
have dramatically varying levels of application security and it is often difficult to verify and
manage the security functions they do have. (XWSS Organization, 2007).

According to Sybase Inc., 2005, ³Web client security requires that Web content be deployed in
Web applications:

i There is no way to secure files deployed in EAServer¶s HTML root directory.

i Do not put sensitive information such as passwords in files that can be downloaded by
Web clients.

i Do not put files containing sensitive information in locations that allow download by Web
clients.´

³Accessing the security properties of your Web application from EAServer Manager

‘ Highlight the Web Applications or the Installed Web Applications folder.

Highlight the Web application for which you are establishing security.

 Select File | Properties.

 Select the Security tab from the Web Applications Property window.´

³You can now define the authentication method of your Web application and security constraints
on the various elements within your Web application´ (Sybase, 2005).


³Ê#  $ #"%$ &
As an alternative to setting Web application security from the Web Application Properties dialog,
you can use the Web Application Security wizard, which guides you through the security configuration
process.

1. Highlight the Web Applications or the Installed Web Applications folder.

2. Highlight the Web application for which you are establishing security.

3. Select File | Security Configuration Wizard.

4. Follow the instructions in the wizard to define the authentication method of your Web
application and security constraints on the various elements within your Web application.´

There are four types of authentication methods of Web application available. The first one does
not require any form of authentication and is labelled ³None´. The second is the ³Basic´ authentication
which requires a username, password and realm name. These are the steps given by Sybase Inc. (2005)
regarding the process of basic authentication:

³When an HTTP client sends the HTTP basic authentication header:

i The server authenticates the client using the server-defined authentication scheme and
invokes any defined customized authentication component.

i If the request is intended for PowerDynamo, the server still authenticates the client, and if
the request is denied, HTTP status code 401 (Unauthorized) is sent back to the client.

c c
 i If the authentication fails, the request fails and an error message is sent back to the client.
If the request is intended for a Web application, the Web application manages error
handling.

i If the request is intended for a regular static page, the request is denied, and HTTP
status code 401 (Unauthorized) is sent back to the client´ (Sybase, 2005).

The third method of authentication is called ³Form´. In this method, an HTML login page is
created for clients who, in turn, have to provide a username and password. Whenever errors occur in the
HTML page, clients are notified by an error page which is usually set up for that purpose. There are
simple HTML pages as well as pages that come complete with servlets and JSPs (Sybase, 2005).

 

When using ³SSL tunneled with HTTP´ in accessing a server, a certificate of authentication is
necessary. This client-cert cannot be used together with ³Web application security mechanisms´ without
losing access to the Web application (Sybase, 2005).

Ê#    #"%$  '


According to Sybase, defining a security constraint of a web application is being discussed in the
following: ³First, 
  
 
 «Second,    r 2

    ± Web resource
collections contain a list of URL patterns and HTTP methods available for those URLs«Third,  2
 
 
  ± define the authorized roles that have access to the HTTP methods for the URLs
defined for this security constraint. Before establishing an authorized role, you must map EAServer roles
to J2EE roles«Fourth,

 
 ± establish a level of transport security for each security
constraint appropriate for the Web resources you are protecting. If you use basic or form-based
authentication, passwords and other sensitive information is not protected for confidentiality. If you have
sensitive information that you want to protect, establish a security constraint that uses a greater level of
protection´ (Sybase, 2005).

There are four types of transport guarantees: none, integral, and confidential. The ³none´
transport guarantee ³uses insecure HTTP´. The ³integral transport guarantee ³uses an SSL-protected
session that checks for data integrity.´ The ³confidential´ transport guarantee ³uses an SSL-protected
session to ensure that all messages content, including the client authenticators, are protected for
confidentiality as well as data integrity´ (Sybase, 2005).

Ê  



Having backup and recovery is an important part of database security strategy. Backups are very
important, especially because accidental human error, weak application logic, imperfect database server
or operating system and malicious users may cause damage or lost of data. However, through backups,
data can be recovered (Bragg, Ousley and Strassberg, 2004).

Ê"     

In creating backups, a company needs to first analyze its needs and the demands of its
environment before determining the strategy it will use to backup its data. The company has to consider
its limitations such as ³storage space, network bandwidth, processing time, and local disk I/O bandwidth´
(Bragg, Ousley, and Strassberg, 2004, pg. 673). It is also a challenge to look for qualified personnel.
Performance requirements and user load will also contribute to the constraints in the backup strategy
(Bragg, Ousley and Strassberg, 2004).

c c
 Aside from systems requirements, a company also has to determine which data should have
backups. It helps to rank all corporate data in order of importance, and label them as critical, high,
medium, etc. (Bragg, Ousley and Strassberg, 2004).

Ê"  (" 

As previously mentioned, the reason why backups are created is for the company to recover
needed information whenever its database is damaged. Therefore, the most important point of
consideration in the process of making backups is the recovery requirements of the company, especially
since the means of doing this is highly dependent of the kind of hardware used to make the backups.
Factors such as the cost the company will incur in the time that it has no access to database information,
the importance of the data, and the level of data loss that is allowable by the company. Most of all, the
time it takes for the company to recover all the data it needs is also a critical consideration.

#Ê 

There are basically three types of database backup ± Full backup, Differential Backup and
Transaction log backup. Full backup is a type of backup wherein the whole database is copied. This
process can be done if the database is being properly implemented. Before the database administrator
executes the overall schedule, it is important that the backup database be tested. The foundation of other
types of backup is full backup. It is advisable that full backups be done on a regular basis, especially if the
disk space constraints permit it to be done (Bragg, Ousley and Strassberg, 2004).

The next type of database backup is differential backup. In this type of backup, only the changed
data after the last full backup was done is copied. The recovery process in this type of backup is that first,
the current full backup will be restored, followed by the current differential backup. The recovery process
of differential backup is longer and requires more time compared to full backup. However, through
differential backup, the space that will be used for backup and the time required to safeguard large
databases decrease (Bragg, Ousley and Strassberg, 2004).

Lastly, transaction log backup is creating a copy of each transaction that is being added in the
database. Database administrators can do transaction log backup more often since it only includes data
from the transactions that happened after the last backup. However, there is also a disadvantage when it
comes to transaction log backup. The major disadvantage is that the last full backup should be restored
before the transaction log backup can be retrieved. This process may require a lot of time in recovering
the backup transaction. On the other hand, transaction log backup also have advantages. The major
advantage of this type of backup is that it is a point-in-time backup. It implies that the database
administrator can go back to a particular point in time. An example of this situation would be if there was
an unauthorized database transaction that happened. The database administrator can go back to that
specific time to be able to correct that certain transaction. In effect, only a minimal data loss will happen
(Bragg, Ousley and Strassberg, 2004).

These types of backups are not separated from one another. They can be combined, depending
on the database administrator. One may choose to do weekly full backup, daily differential backup and
hourly transaction log backup. This would provide a more versatile backup system, especially for large
and active database. Moreover, modern database systems can make backups for certain objects or parts
in the database. These objects can also be restored separately. Backing up the objects individually may
take a lot of planning, but data would be more secured (Bragg, Ousley and Strassberg, 2004).

It is also important to know where to store the backup database. Database administrators have
two options ± disk or tape. The two options are frequently used, and both have their own advantages and
disadvantages. Database administrator can decide to use both given that there is enough budget to
implement the both options, it passes the performance requirements being implemented, and it can
handle all the data. ³Hot backup´ configurations, by using clustering and other solutions, can also be
implemented, especially if reliability and uptime are very crucial (Bragg, Ousley and Strassberg, 2004).

c c
 Ê   x  


A database is basically a large organized collection of data for one or more uses (Business
Technology & Securities Group, 2010). It is for rapid search and retrieval of data in a computer by the
users. Database auditing is the ability to continuously monitor, record, analyze, and report on all users
involved with the database activity. It is used as a security measure to ensure that unauthorized
personnel or those without permission do not access the information or data within the database
(Business Technology & Securities Group, 2010).

In this modern age wherein technology is heavily used, firms use databases to store the
company¶s confidential information or data. Ensuring the security of the database is very critical to the
company¶s reputation and profitability. Unauthorized or unpermitted access to these data would affect the
operations of the firm in a disastrous way (ruining of the company¶s reputation which will result in decline
in profitability and decline in customer trust).

To ensure the safety of the database, here are some practical measures to ensure database
security. These are server security, database connections, table access control, and database access
restriction. Server security is the process of restricting the right of entry to the database server. This is
one of the most basic and most important components of database security. It is necessary that a
corporation does not let their database server be visible or vulnerable to others. If an organization¶s
database server is supplying information to a web server, then it should be configured to allow
connections only from that web server. Also, every server should be configured to allow only trusted IP
addresses.

With database connections, system managers should not allow immediate unauthenticated
updates to a database. If users are allowed to make updates to a database via a web page, the system
administrator should validate all updates to makes sure that they are warranted and safe. This gives
employees complete access to all of the data stored on the database regardless of whether or not they
are authenticated to have such access.

Table access control is related to an access control list, which is a table that tells a computer
operating system which access rights each user has to a particular system object. Table access control
has been referred to as one of the most overlooked forms of database security. This is primarily because
it is so difficult to apply. In order to properly use table access control, the system administrator and the
database developer will need to collaborate.

Internet based databases have been the most recent targets of attacks, because of their open
access or open ports. It is very easy for criminals to conduct a ³ports scan´ to look for ports that are open
that popular database systems are using by default. The ports that are used by default can be changed,
thus throwing off a criminal looking for open ports set by default.

There are additional security measures that can be implemented to prevent open access from the
Internet, such as trusted IP addresses, server account disabling, and special tools such as Real Secured
by ISS. It is important to remember that database security should occur in combination with other security
technologies, but data protection should be the core element of a complete company security
infrastructure.

The primary security concerns of the auditor when conducting a database audit includes
authentication and authorization issues. The general principles for developing an audit strategy include
the evaluation of the purpose of auditing (to prevent unnecessary auditing) and knowledge about auditing
(to avoid unnecessary audit information from cluttering. The general principles for auditing suspicious
database activities include the narrowing down audits from general to specific audits and the protection of
the audit trail. The general principles for auditing normal database activity include the auditing only
pertinent actions, archiving audit records, and purging the audit trails.

c c
 There are several modes of auditing. One is by using an automated database audit solution. In
order to ensure that unauthorized users are not accessing the database, the auditor will need to audit
user activity. Auditing user activity provides the auditor with assurance that the policies, procedures, and
safeguards that management has enacted are working as intended. This also helps the auditor to identify
any violations that may have occurred.

Auditing user activity can be accomplished via continuous data auditing. Continuous data auditing
is the process of monitoring, recording, analyzing, and reporting database activity on a periodic basis.
This is a critical concept because unauthorized access to the database and the information contained
within can occur at any time. If the auditor is using a testing schedule, violators can easily sidestep that
schedule. This is not the case, however, with continuous data auditing. The auditor and management
must be able to identify which behavior is suspicious versus which behavior is routine. Any behavior that
is not identified as routine and valid access to the database must be examined and analyzed further.

The ideal approach to effectively capture and analyze database activity is through non-trigger
audit agents associated with each database server. Non-trigger audit agents capture all relevant activity,
regardless of the application used. In comparison, database triggers-an automatic procedure that occurs
when data has been altered in a table-are not recommended, as database administrators can easily
disable them. The non-trigger database audit agents gather information through three means: database
transaction log, database¶s built-in native logging, and third-party tools that monitor network and/or
system activities.

Each database maintains a database transaction log through the normal course of its operation,
which gathers data modifications and other activity. This approach is not practical however as these logs
are used for forward recovery and their formats are largely undocumented. Additionally, SQL SELECT
access to database objects is not logged.

Database's built-in native logging obtains additional information, such as permission changes and
data viewing activities. Each database management system has some type of audit trace capability such
as Oracle's Fine Grain Auditing (FGA) capability.

Some solutions use agents which enable both local access as well as network access to be
monitored; while others are restricted to just monitoring network traffic. These solutions are typically
called Database Activity Monitoring (DAM) solutions.

Auditors may also use audit software to achieve their audit objectives. There are a number of
approaches including using a log management solution to collect, store and analyse the native audit
records produced by the database management systems. Vendors such as SenSage provide log
management solutions and database collectors that do not require agents.

Specialized database auditing solutions include: IBM Guardium 7, DB Audit created by SoftTree
Technologies, Audit DB by Lumigent Technologies Inc.,DbProtect by Application Security,
ImpervaSecureSphere and Hedgehog Enterprise from Sentrigo. Some of these solutions rely on a
network appliance to inspect and audit SQL traffic sent over the network. Appliance only approaches are
unable to detect activity carried out solely on the server, such as the actions of DBAs. Other approaches
utilize light-weight agents that can monitor all local database activities. Agents can be implemented to
also capture all network activity, making network appliances for monitoring unnecessary. However it
should be pointed out that many of these solutions provide network appliances to capture and store agent
reports, even if they are not required for network monitoring. This off loads the storage/reporting task from
the servers and provides the separation of duties (SOD) required by auditors.

   )
The term auditing refers to the process of recording events, such as file access,
creations, deletions, the addition of print jobs, and so on, and using that information to detect usage
violations or to confirm that network procedures are operating correctly. A network administrator, by using
the audit logs, can track what files were accessed, when they were accessed (which includes both the

c c
date and time of the database access), by whom, and even what activities and transactions were
performed. Some logs even show you if the transaction was or was not successful with some type of
message.

An audit log is a central log file that contains information (Oracle Corporation, 2010) about entries
for day-to-day events and activities performed on the system (Microsoft Corporation, 2010). The main
importance of reviewing audit logs or audit trails is to monitor the security of the system. Managers use
software¶s such as Identity Synchronization for Windows Console to maintain and control the entrants and
other details. These details about the entries would be recorded and available in the log (Information
Technician, 2010).

By examining the audit logs it is possible to trace, for example, what kinds of administrator
actions have been performed and by whom. This data may prove to be important when trying to figure out
possible configuration errors or problems with regulatory compliance.

The audited events include actions concerning element configuration (such as creating, editing,
deleting, importing, or exporting), actions performed on the firewall and IPS engines (policy upload,
control commands, and so on), use of command line tools (for example, when backing up and restoring),
actions related to certificates, and actions related to administrator login authentication (Stonesoft
Corporation, 2010).

Audit logs are important for four reasons: accountability, reconstruction, intrusion detection, and
problem detection (Spafford, 2006). Log data can identify what accounts are associated with certain
events. This information then can be used to highlight where training and/or disciplinary actions are
needed.

Log data can be reviewed chronologically to determine what was happening both before and
during an event. For this to happen, the accuracy and coordination of system clocks are critical. To
accurately trace activity, clocks need to be regularly synchronized to a central source to ensure that the
date/time stamps are in synch (Spafford, 2006).

Unusual or unauthorized events can be detected through the review of log data, assuming that
the correct data is being logged and reviewed. The definition of what constitutes unusual activity varies,
but can include failed login attempts, login attempts outside of designated schedules, locked accounts,
port sweeps, network activity levels, memory utilization, key file/data access, and many more (Spafford,
2006).

In the same way that log data can be used to identify security events, it can be used to identify
problems that need to be addressed. For example, investigating causal factors of failed jobs, resource
utilization, trending and so on (Spafford, 2006).

Essentially, for each system monitored and likely event condition there must be enough data
logged for determinations to be made. At a minimum, you need to be able to answer the standard who,
what and when questions.

The data logged must be retained long enough to answer questions, but not indefinitely. Storage
space costs money and at a certain point, depending on the data, the cost of storage is greater than the
probable value of the log data (Spafford, 2006).

The same can be said for costs associated with performance degradation that the log analysis
tools suffer if the data sets are simply allowed to grow indefinitely.

For the log data to be useful, it must be secured from unauthorized access and integrity problems.
This means there should be proper segregation of duties between those who administer system/network
accounts and those who can access the log data.

The idea is to not have someone who can do both or else the risk, real or perceived, is that an

c
c
account can be created for malicious purposes, activity performed, the account deleted and then the logs
altered to not show what happened. Bottom-line, access to the logs must be restricted to ensure their
integrity. This necessitates access controls as well as the use of hardened systems.

Consideration must be given to the location of the logs as well ± moving logs to a central spot or
at least off the sample platform can give added security in the event that a given platform fails or is
compromised. In other words, if system X has catastrophic failure and the log data is on X, then the most
recent log data may be lost. However, if X¶s data is stored on Y, then if X fails, the log data isn¶t lost and
can be immediately available for analysis. This can apply to hosts within a data center as well as across
data centers when geographic redundancy is viewed as important.

Audit logs are beneficial to have for a number of reasons. To be effective, IT must understand log
requirements for each system, then document what will be logged for each system and get
management¶s approval. This will reduce ambiguity over the details of logging and facilitate proper
management.

Êx  

Database server is a data storage and retrieval system (Apple, 2010). Database servers typically
run on an independently functioning computer dedicated and are accessed by client applications over a
local-area network that holds and manages the database (Answers, 2010).

Database monitoring is a vital activity for the maintenance of the performance and health of your
database management system. To facilitate monitoring, DB2(R) collects information from the database
manager, its databases, and any connected applications (IBM, 2010). With this information the firm can
do the forecasting hardware requirements based on database usage patterns, analyzing the performance
of individual applications or SQL queries, tracking the usage of indexes and tables, pinpointing the cause
of poor system performance, and assessing the impact of optimization activities (for instance, altering
database manager configuration parameters, adding indexes, or modifying SQL queries).

There are two primary tools with which you can access system monitor information, each serving
a different purpose: the snapshot monitor and event monitors. The snapshot monitor enables you to
capture a picture of the state of database activity at a particular point in time (the moment the snapshot is
taken). Event monitors log data as specified database events occur.

The system monitor provides multiple means of presenting monitor data to you. For both
snapshot and event monitors you have the option of storing monitor information in files or SQL tables,
viewing it on screen (directing it to standard-out), or processing it with a client application.

There are threats to the database servers. An attacker or hacker can target and compromise a
database server in a number or ways by exploiting a variety of configuration and application level
vulnerabilities. These include SQL injection, network eavesdropping, unauthorized server access, and
password cracking.

With a SQL injection attack, the attacker exploits vulnerabilities in your application's input
validation and data access code to run arbitrary commands in the database using the security context of
the Web application.

To counter SQL injection attacks, the application should constrain and sanitize input data before
using it in SQL queries. Through using type safe SQL parameters for data access, these can be used
with stored procedures or dynamically constructed SQL command strings. Using SQL parameters
ensures that input data is subject to type and length checks and also that injected code is treated as
literal data, not as executable statements in the database. Use a SQL Server login that has restricted
permissions in the database. Ideally, you should grant execute permissions only to selected stored
procedures in the database and provide no direct table access.

The deployment architecture of most applications includes a physical separation of the data

c c
access code from the database server. As a result, sensitive data, such as application-specific data or
database login credentials, must be protected from network eavesdroppers.

Vulnerabilities that increase the likelihood of network eavesdropping include insecure

communication channels and assessing credentials in clear text to the database.

To counter network eavesdropping, the firm should use Windows authentication to connect to the
database server to avoid sending credentials over the network, install a server certificate on the database
server. This results in the automatic encryption of SQL credentials over the network, the SSL connection
between the Web server and database server to protect sensitive application data. This requires a
database server certificate, and use an IPSec encrypted channel between Web and database server.

Direct access to your database server should be restricted to specific client computers to prevent
unauthorized server access. Vulnerabilities that make your database server susceptible to unauthorized
server access include failure to block the SQL Server port at the perimeter firewall and lack of IPSec or
TCP/IP filtering policies.

Direct connection attacks exist for both authenticated users and those without a user name and
password. To counter these attacks, the firm should make sure that SQL Server ports are not visible from
outside of the perimeter network. Within the perimeter, restrict direct access by unauthorized hosts, for
example, by using IPSec or TCP/IP filters.

A common first line of attack is to try to crack the passwords of well-known account names.
Common vulnerabilities that lead to password cracking are weak or blank passwords and passwords that
contain everyday words. Common password cracking attacks include dictionary attacks and manual
password guessing. To counter these attacks, create passwords for SQL Server login accounts that
meet complexity requirements and void passwords that contain common words found in the dictionary.


'"   Ê


DIn my opinion, database security is riddled with holes and it's the biggest problem we
face in IT todayD -- -    (Brener, 2006).

Database Security might have all its purpose and importance to an organization¶s operations and
processes, but it has its own drawbacks. Database Security is an essential IT process in business, and its
role could also affect the organizations¶ overall strategy. But despite its good benefits to that total
performance of the company, Database Security also has its problems and issues for the organization. At
a certain point, it could incur additional cost to the company when it comes to updating and improving IT-
based programs, servers, software and also equipments. Hacking instances in the Database system
would also mean losses to the company. Issues of privacy and maintenance effort are just few of the
possible problems that an organization would experience out of obtaining a Database Security system.

This section of the paper aims to discuss problems and issues regarding Database Security. This
portion of the study would help us know some of the cons of acquiring such systems for the company. As
in any business, problems arising within the operations are losses to the company. As much as possible,
many companies would want to avoid disruptions in the operation or production²caused probably by lack
of supply, problems within work cells or the assembly line, equipment performance, and also from data
miscommunication. In a different perspective, Database Security¶s role enters to the company by way of
protecting the vital information essential to the different departments of the company, may it be in the Top
Management, Finance, Marketing or Operations departments. The challenge, however, is how the
organization would address these disadvantages or problems of Database Security amidst the increasing
trend of technology change, backed-up with some moral issues of security and privacy, and internal
management conflict. This paper attempts to give solutions to Database Security problems as well.

c c
X X  ÊÊ" 
Litchfield said that database attacks offer the biggest potential for fraudulent activity and damage
to companies' reputations and customer confidence.D It could be undeniable that this problem is growing
fast in organizations that heavily rely upon databases to support mission critical business activity.
Perpetuating cases of data breaches of the past year would be the basis of this (Teppit, 2006).

An example of a database security issue would be vendor vulnerabilities and database

deployment errors. According to Litchfield, vulnerabilities in vendor solutions can be mitigated to some
extent by timely patching. On the other hand, deployment errors are tougher and much difficult to solve
for an organization since they are made or caused by the poorly configured databases, inappropriate
access permissions or badly engineered applications accessing the database. To solve the issue, one of
the ways would be to implement a policy of least privilege²identifying who is asking the database to do
what. Litchfield also emphasized that organizations have to be ahead of the game with a system in terms
of maintaining the database. Also, organization must prevent utilizing their database to perform beyond its
means or capabilities (Teppit, 2006).

Litchfield also suggested more ways of solving issues in Database security such as new
technology. A study by Oxford-based Secerno uses machine learning algorithms which would allow users
to a) build up a rich understanding of application-to-database behavior, and b) to insist on database
interactions conforming only to allowable behaviors.

It represents the world's first database application assurance platform. Secerno provides a
number of proactive capabilities that help prevent database attacks by determining true least privilege
access to the database. It could also create an efficient logging environment demonstrating audit
compliance and determines where engineering quality can be improved it has also the capability to
automatically identifies dormant software features (Brener, 2006).

According to SANS Top 20, two most prevalent technical areas of weakness in database are
Buffer overflows and SQL injections. It is important to know these two issues because they have been
evident in the present for quite some time.

*) + 
DAn attack technique used to exploit web sites by altering backend SQL statements
through manipulating application input.D - r 2 p 
 

 


According to Mospaw (2005), SQL Injection is subset of an unverified/unsanitized user input

vulnerability and the idea is to convince the application to run SQL code that was not intended. Surprises
happen and unfortunately, compromising results arise, if the application is creating SQL strings naively on
the fly and then running them.

Today, SQL injections are certainly a seriously growing problem. Cases of such problem are
troublesome to the company wherein attackers use invasive procedures which cannot be easily patched
or solved ± making it easy for some to perform such crime. With SQL injection, an attacker takes
advantage of incorrectly filtered SQL queries and other input information to pull any information he wants
from a database. Unknowingly, an attacker can simply write a line of code and let it piggyback on another,
allowing opportunity to the hacker to make requests of returning vast amounts of data (Teppit, 2010).

The result of such hacking problem could be damaging to any organization or company¶s
important data and confidentiality. Information that could be affected in this problem ranges from Social
Security numbers, to credit card information, to information about customer buying patterns or company
products. But despite the reality in the case of SQL injections, there are few who report or admit such
phenomena happening in the company. For some reason, most companies whose computer networks fall
to such hacking flaws would not want to admit that their code is flawed and vulnerable to such
attacks. Much more, since companies or organization would fail to admit their mistakes, Gartner analyst,

c c
John Pescatore (Teppit, 2010) emphasizes that lack of information drive to disseminate information about
the possibility of SQL injection vulnerability. Sad to say, despite recognizing problems like this in the
company¶s Database system, most seem not to believe because these are issues not familiar to most
people in the business world and the newspapers. They unfortunately continue to be tabooed.

What is at stake is not actually only the company database, but the entire corporation. Reputation
is being endangered. Such cases of SQL injections could not only compromise most business like case of
the CardSystems security breach, where hackers stole 263,000 customer credit card numbers and
exposed 40 million more, but could also apply to other organizations and institution like the government.
For instance, Russian hackers broke into a Rhode Island government Web site and stole 53,000 credit
card information from individuals who had done business online with state agencies (Teppit, 2010).

The good thing with the new Secerno's technology is that it is largely protocol-based and is not
also constrained by the pattern matching of traditional techniques. This would mean that the program is
scanning alerts on all statements, even ones that have never been seen before and may be outside of the
approved/appropriate behavior of the application. In this way, SQL Injections attempt could be identified
right away by the Database Security system, avoiding more cases of information theft from the
organization or company (Teppit, 2010).

##!#

On the other hand, we also have buffer overflow undermining Database Security. SANS
advocates patching, but this solution to buffer overflow would mean shutting down a mission-critical
database, disrupting 24/7 businesses and incurring real costs in both operational down-time and
database management labor. Using patching would leave a yawning gap in the window of vulnerability
(Teppit, 2006).

According to McAfee System Protection Solutions, buffer overflow exploits are the tool of choice
of today¶s attacker since these exploits are the most common, have the most power, and are
characterized by ease of use. Buffer overflows is said to be the largest single threat to enterprises today
(2005).

It is common because 60% of Computer Emergency Readiness Team or CERT deal with this
problem. There are hundreds of known unchecked buffers that can be overflowed by hackers, and with
more being discovered all the time. For hackers it is easy to use since anyone can download buffer
overflow attack code and follow a simple ³recipe´ to execute it. There is actually no advanced technical
knowledge that is necessary to run pre-written buffer overflow exploit code. The danger about buffer
overflow is that it is powerful in such a way that its malicious code (out from buffer overflow operation) will
run with administrator-level privileges, and therefore can do anything it wants to the server (McAfee
System Protection Solutions, April 2005).

Using Secerno on the Database system, as Litchfield emphasized in his report, the threat may
already be terminated. Thus, this frees the company to apply the patches at a time that suits its
operations rather than to a schedule that is under the attackers' control. The important factor with new
technologies, like Secerno, is that this approach puts the company back on the front foot against
problems of SQL injections and buffer overflow. This would mean that the Database Security measures
and precautions are proactive security steps rather than just-too-late reactivity (Teppit, 2006).

# '"
According to Jajodia and Meadows, the inference problem is the problem of detecting and
removing inference channel²a channel in a database by which one can infer data classified at a high
level from data classified at a low level. Furthermore, they said that inference problems are of vital interest
to the designers and users of secure databases (n.d.).

The roles of database management systems are intended to provide the means for efficient storage
and retrieval of information for an organization or company¶s sensitive data. The core purpose of this

c c
database security is to prevent illegal inferences. However, if poorly designed, this will cause much
trouble to the organization or company. Inference problems are an important but still relatively unexplored
aspect of database security in the present. A complete and general solution to the inference problem is
impossible. The challenge of solving Inference problems relies on constructing a database that is both
usable and reasonably secure against these types of problems (Jajodia and Meadows, n.d.).

!%  Ê

For an organization, a Database Security manager is the most important asset to maintaining and
securing sensitive data²company information on operations and confidential data that is relevant to the
organization¶s existence. Thus maintenance of Database Security is a very important process in securing
the system. It is very important that information and data are well protected, that is why a clear
understanding of Database system problems and how to solve them is essential for any manager of a
company or organization. Spam Laws also has listed issues that are compromising to Database Security
but could be easily avoided by having a responsible Database Security Manager (2009). These are:

Ê x   , Daily maintenance may require rigorous and constant checks and
updates, but it pays for a corporation or an organization to do daily maintenance. This is
the purpose ofdatabase audit logs. With daily audit logs, daily review is performed to
make certain that there has been no data misuse. The key is to have data consistency
that is another way of updating Database Security. Audit logs require a) overseeing
database privileges; b) consistently updating user access accounts and; c) assesses new
programs that are performing with the database.

X  x% #  , Security measures are important to the
database system. However, too much variation or types on the methods of security
among applications that are being utilized in the whole database system can cause
difficulty with creating policies for accessing the applications. Proper access controls
must be possessed by the database in order to regulate the varying methods of security,
keeping sensitive data from risk.

' , Consistency is somehow the key in securing Database systems.

Upgrades, specifically post-upgrade evaluations, are necessary for the administrator to
perform in order to ensure that security is consistent across all programs, thus avoiding
attacks by thorough monitoring.c

%' , Clear job description must be defined among employees in the company
or organization to avoid conflicts and provide focus-driven responsibility to employees. It
applies as well to the Database Security department when the management fails to split
the duties between the IT administrator and the database security manager. In some
instances, like due to cost cutting, a company may decide to have the IT administrator do
everything. However, this decision can significantly compromise the security of the data
due to the responsibilities involved with both positions²Spam Laws (2009) suggest that
the IT administrator should manage the database while the security manager performs all
of the daily security processes.

x ', This might be a simple issue, but there would still be times when
the IT database security managers will forget to remove IDs and access privileges of
former users which lead to password vulnerabilities in the database. In such case,
password rules and maintenance needs to be strictly enforced by the company to avoid
opening up the database to unauthorized users.

These problems are some of the common issues experienced by a company or an organization
with a Database Security system. Yet the solution to these problems is easy. The best solution to avoid
most of these problems is to employ qualified personnel in the Database Security department, and also to
separate the security responsibilities from the daily database maintenance responsibilities (Spam Laws,
2009).

c c
´ Ê 
Updating the Database Security is an important action to avoid possible hacking problems. Any
database should undergo constant scrutiny and improvement. When updating the database system, each
new version will often include both major and minor changes to enhance and repair security flaws,
configuration mishaps, and other issues that will affect the overall security and stability of your system. All
of these are ways to avoid problems that could be cause by internal and external factors in the
organization or company. PHP Documentation Group emphasizes that, like other system-level scripting
languages and programs, the best approach to protecting the Database Security is to update often, and
maintain awareness of the latest versions and their changes on the system (According PHP
Documentation Group, 2005).

c c
   


Databases are important assets of large and complex companies. Databases enable organization
to store important and confidential business data that facilitates other functions in the company and make
them more efficient. The information possessed by a company is also one of its competitive advantages
over other companies. Databases are difficult to build, imitate, and especially problematic to replace or
repair when it is damaged or destroyed. Therefore, databases should be properly maintained and
protected from both internal and external threats. In general, external threats may be avoided by building
protective systems such as firewalls, antivirus, antispyware, antimalware programs, and the like. Internal
threats may be neutralized by conducting database auditing. A database may also be protected in
different ways depending of the security layer (i.e. server level, network level, and operating system level).
Protecting databases also include backup and recovery. While this does not directly protect a database,
backup provides the means for restoring a database whenever it is damaged or destroyed.

An important concept to understand in the protection of a database is database-level security.

This is the protection area that defines the subjects who are allowed to access information in a database,
in what way, and to what extent. There are several types of administration policies for databases, namely
centralized administration, ownership-based administration or decentralized administration. At the same
time, there are also different kinds of ways in which to assess how subjects are granted access to a
database. These access controls can be role-based, discretionary, or mandatory. In many instances,
there are hundreds or thousands of users requesting for access to a common database. This then
becomes a tedious task if database-level security is utilized because an authority-granting subject will
have to assess and judge the request of each person who wants database access. To solve this problem,
a database may utilize application-level security.

In the end, it is safe to say that, while databases bring many advantages to a company, these
technologies also incur costs and create a lot of worries. In order to reduce corporate risks related to the
information stored in the database, the management of the company should take adequate actions to
keep the database secure, up to date, and free from errors. However, in doing so, a company needs to
divest a lot of money. In managing databases, a company will always have to weigh the costs and the
benefits.




c c
 %
c
Acunetix. (2010) r 2 p

 p 
    2   p

 p 
 . Retrieved from
http://www.acunetix.com/websitesecurity/webserver-security.htm

Answers. (n.d.).  2   p

!    

 
 
Retrieved October 6, 2010, from
Answers.com: http://www.answers.com/topic/database-server

Apple. (n.d.). r 2
2  


 "-  #! 
 Retrieved October 6, 2010, from Apple: Mac OS
X Reference Library:
http://developer.apple.com/legacy/mac/library/#documentation/WebObjects/WebObjects_Overvie
w/Glossary/Glossary.html

Bidgoli, H. (2006). Database Security. In  2$  

 p 
  (Vol. 3, pp. 380-393).
California: John Wiley and Sons.

Bragg, R., Ousley, M., & Strassberg, K. (2004). Chapter 26: Database Security. In % 
$p 
 !& 

 „ 
 (pp. 657-680). India: McGraw-Hill.

Brenner, B. (2006). Litchfield: Database security is IT's biggest problem. Retrieved last October 4, 2010,
from: http://searchsqlserver.techtarget.com/news/1211395/Litchfield-Database-security-is-ITs-
biggest-problem.

Business Technology & Securities Group. (n.d.). 

. Retrieved October 6, 2010, from Information
Management: http://www.information-management.com/glossary/d.html

Castano, S., & et. al. (1995). Chapter 1: Information Security. In  2   p 

  (pp. 1-38).
Wokingham, England: Addison-Wesley Publishing.

     2   p 
  (2010, January). Retrieved October 2, 2010, from Bright Hub:
http://www.brighthub.com/computing/smb-security/articles/61402.aspx

De Capitani di Vimercati, S., Foresti, S., & Samarati, P. (2008). Chapter 1: Recent Advance in Access
Control. In  2$   2   p 
 !    &
 (pp. 1-26). New York:
Springer Science+Business Media, LLC.

IBM. (n.d.). '( 

   2  . Retrieved October 6, 2010, from IBM:
http://publib.boulder.ibm.com/infocenter/db2luw/v8/index.jsp?topic=/com.ibm.db2.udb.doc/admin/
c0001138.htm

Information Technician. (n.d.). „     - Retrieved October 6, 2010, from TPUB:
http://www.tpub.com/content/istts/14224/css/14224_16.htm

Jajodia, S. and C. Meadows. (n.d). Inference Problems in Multilevel Secure Database Management
Systems.

Kumar, A. (2010, April).  )*)   2   p 

     Retrieved October 2, 2010, from Bright
Hub: http://www.brighthub.com/computing/smb-security/articles/40615.aspx

McAfee System Protection Solutions. (2005). Buffer Overflow, Exploits: The Why and How. White Paper.

Microsoft Corporation. (n.d.). ) ) 

. Retrieved October 6, 2010, from Microsoft:
http://msdn.microsoft.com/en-us/library/cc402667(PROT.10).aspx

c
c
Mospaw, C. (2005). SQL injection Attacks by Example. Retrieved last September 30, 2010, from

 c   !""#$%& !'($http://unixwiz.net/techtips/sql-
injection.html.

Murray, M. C. (2010).  2  p 
 !r p   %  + Retrieved October 2, 2010, from
http://informingscience.org/jite/documents/Vol9/JITEv9IIPp061-077Murray804.pdf

Oracle Corporation. (n.d.). 

 "p ,   p
     p
  
 r - *
 
  ÿ   #  p 

. Retrieved October 6, 2010, from Oracle:
http://docs.sun.com/app/docs/doc/820-0386/aaqev?a=view

PHP Documentation Group (see full contributors). (2005). PHP Manual, Chapter 33. Keeping Current.
Retrieved last October 4, 2010, from http://www.nasatech.com/PHP-DOCS/security.current.html.

Spafford, G. (2006, January 20). & 


  -
 
. Retrieved October 6,
2010, from Datamation: http://itmanagement.earthweb.com/columns/article.php/3578916/The-
Importance-of-Audit-Logs.htm

Spam Laws. (2009). Database Security Issues: Database Security Problems and How to Avoid Them.
Retrieved last September 30, 2010, from http://www.spamlaws.com/database-security-
issues.html.

Stallings, W., & Brown, L. (2008). Chapter 5: Database Security. In 


 p 
 ! ÿ
  
ÿ
  (pp. 142-171). USA: Pearson Prentice Hall.

Stonesoft Corporation. (n.d.).  !- 

 
p  p   . Retrieved
October 6, 2010, from Stonesoft.com: http://www.stonesoft.com/en/products/smc/audit/

Stonesoft Corporation, 2010. HYPERLINK

Dhttp://ieeexplore.ieee.org/xpl/freeabs_all.jsp?arnumber=774791DSupporting next generation
Internet applications today. Retrieved October 6, 2010 from
 c
"' "')!'(www.stonesoft.com.

Sybase Incorporation, 2005. Using Web Application Security. Sybase Incorporation Documents. Date
Retrieved: October 6, 2010

Teppit. (2010). Database Security is ITs Biggest Problem. Retrieved October 4, 2010, from
http://www.itsecurity.com/news/ngs-database-security-070806/.

XWSS Organization, 2007. Web Services Security Forum. XML Application Firewalls. Retrieved October
6, 2010 from www.xwss.org.

c
c