International Journal of Engineering Research & Technology (IJERT)

ISSN: 2278-0181
ETRASCT' 14 Conference Proceedings

ORACLE DATABASE SECURITY

Ankur Sharma Sylvester Johnson
Department of Computer Science and Engineering Department of Computer Science and Engineering
JIET, Jodhpur JIET, Jodhpur
[email protected] [email protected]

ABSTRACT-Database security is a growing concern proprietary data, deletion of or damage to the data or
evidenced by an increase in the number of reported programs, interruption or denial of authorized access to the
incidents of loss of or unauthorized exposure to sensitive
data. As the amount of data collected, retained and shared database, attacks on other systems and the unpredictable
electronically expands, so does the need to understand failure of database services.
database security. Ensuring the security of databases is a
complex issue for companies. The more complex the • Overloads, performance constraints and capacity issues
databases are, more complex the security measures that are resulting in the inability of authorized users to use
to be applied. Network and Internet connections to databases as intended.
databases may complicate things even further. Also, each • Physical damage to database servers caused by computer
and every additional internal user that would be added to room fires or floods, overheating, lightning, accidental
user base can create further serious security problems. The liquid spills, static discharge, electronic equipment failures
purpose of this paper is to highlight and identify the main and obsolescence.
methods and facets of attack on a database, as well as ways • Design flaws and programming bugs in databases and the
to deflect attacks, through focusing on the delicate issue of associated programs and systems, creating various security
data inference. At its core, database security strives to issues.
insure that only authenticated users perform authorized • Data corruption or loss caused by the entry of invalid data
activities at authorized times. While database security or commands, mistakes in database or system
incorporates a wide array of security topics, not administration processes, criminal damage etc.
RT
withstanding, physical security, network security,
encryption and authentication, this paper focuses on the II. CLASSICAL ATTACKS:-
concepts and mechanisms particular to securing data. The focus of attacks on the company’s databases is
IJE

Within that context, database security encompasses three motivated by the following factors:
constructs: confidentiality or protection of data from • Databases are the mass of information which the company
unauthorized disclosure, integrity or prevention from works with;
unauthorized data access, and availability or the • Databases can reveal private data by processing public
identification of and recovery from hardware and software data.
errors or malicious activity resulting in the denial of data
availability. Database security is relative in the next situations:
• Theft and fraud;
KEYWORDS: Database security, Attack, Vulnerability, • Loss of confidentiality/privacy;
Auditing, Threats, Encryption. • Loss of privacy;
• Loss of integrity;
I. INTRODUCTION:- • Loss of availability.
Databases introduce a number of unique security
requirements for their users and administrators. Databases The hazards which make these things happen is largely
are designed to promote open and flexible access to data accounted to deliberate human action. Natural type hazards
but at the same time it is this same open access that makes or random events have an impact only on data integrity and
databases vulnerable to various kinds of malicious availability.
activities. One of the main issues faced by database To ensure a minimum security of the databases the
security professionals is avoiding inference capabilities. following requirements must be satisfied:
Basically, inference occurs when users are able to piece • Physical integrity of databases;
together information at one security level to determine a • Logical integrity of databases;
fact that should be protected at a higher security level. • The integrity of each element which composes the
These are the some security issues commonly faced by database;
database administrators. • Access control;
• Unauthorized or unintended activity or misuse by • User identification;
authorized database users, database administrators or • Availability.
systems managers, or by unauthorized users or hackers. The physical and logical integrity of databases will
• Malwares’ infections causing incidents such as require the focus of efforts for protecting the physical
unauthorized access, leakage or disclosure of personal or integrity of databases, especially the recordings against

www.ijert.org 245
 International Journal of Engineering Research & Technology (IJERT)
ISSN: 2278-0181
ETRASCT' 14 Conference Proceedings

destruction. The easiest way to do that is represented by which they have no privilege. For instance, the following
regular backups. string, ' OR 1=1 -- entered into the username textbox gains
The integrity of each element forming the database will access to the system with knowledge of neither a valid
assume that the value of each field may be written or username nor a password. This hack works because the
changed only by authorized users and only if there are application generates a dynamic query that is formed by
correct values. concatenating fixed strings with the values entered by the
The access control is being done taking into consideration user.
the restrictions of the database administrator. DBMS will
apply the security policy of the database administrator
(DBA).
This must meet the following requirements: For example, the model SQL code might be:
• Server security. Server security involves limiting access
to data stored on the server. It is the most important option SELECT Count(*) FROM UsersTable
that has to be taken in consideration and planned carefully. WHERE UserName = ‘contents of username textbox’
• Connections to the database. Using the ODBC will have AND Password = ‘contents of password textbox’;
to be followed by checking that each connection
corresponds to a single user who has access to data. When a user enters a valid username, such as ‘Mary’ and a
• Access control table. The access control table is the most password of ‘qwerty’, the SQL query becomes:
common form of securing a database. An appropriate use of
the table access control involves a close collaboration SELECT Count(*) FROM UsersTable
between the administrator and the base developer. WHERE UserName=‘Mary’
• Restriction tables. Restriction tables will include lists of AND Password=‘qwerty’;
unsure subjects who could open set-off sessions.
• Secure IP addresses. Some servers may be configured to However, if a user enters the following as a username: ‘OR
receive only queries from hosts that are in a list. Oracle 1=1 -- the SQL query becomes:
servers allow blocking queries that are not related to the
database. SELECT Count(*) FROM UsersTable
•Cancellation of the Server Account. The ability to WHERE UserName=‘‘ OR 1=1 - -’
RT
suspend an account when “guessing the password” is tried AND Password=‘‘;
after a predefined number of attempts.
The expression 1 = 1 is true for every row in the table
III. DATABASE VULNERABILITY:- causing the OR clause to return a value of true. The double
IJE

Security breaches are an increasing phenomenon. As more hyphens comment out the rest of the SQL query string.
and more databases are made accessible via the Internet This query will return a count greater than zero, assuming
and web-based applications, their exposure to security there is at least one row in the users table, resulting in what
threats will rise. The objective is to reduce susceptibility to appears to be a successful login. In fact, it is not. Access to
these threats. Perhaps the most publicized database the system was successful without a user having to know
application vulnerability has been the SQL injection. SQL either a username or password. Another SQL injection is
injections provide excellent examples for discussing made possible when a database system allows for the
security as they embody one of the most important database processing of stacked queries. Stacked queries are the
security issues, risks inherent to non-validated user input. execution of more than one SQL query in a single function
SQL injections can happen when SQL statements are call from an application program. In this case, one string is
dynamically created using user input. The threat occurs passed to the database system with multiple queries, each
when users enter malicious code that ‘tricks’ the database separated by a semicolon. The following example
into executing unintended commands. The vulnerability demonstrates a stacked query. The original intent is to
occurs primarily because of the features of the SQL allow the user to select attributes of products retained in a
language that allow such things as embedding comments Products table. The user injects a stacked query
using double hyphens(- -), concatenating SQL statements incorporating an additional SQL query that also deletes the
separated by semicolons, and the ability to query metadata Customers table.
from database data dictionaries. The solution to stopping an
SQL injection is input validation. A common example SELECT * FROM PRODUCTS; DROP CUSTOMERS;
depicts what might occur when a login process is employed
on a web page that validates a username and password This string when passed as an SQL query will result in the
against data retained in a relational database. The web page execution of two queries. A listing of all information for all
provides input forms for user entry of text data. The user- products will be returned. In addition the Customers table
supplied text is used to dynamically create a SQL statement will be removed from the database. The table structure will
to search the database for matching records. The intention be deleted and all customer data will be lost. In database
is that valid username and password combinations would systems that do not allow stacked queries, or invalidate
be authenticated and the user permitted access to the SQL strings containing a semicolon, this query would not
system. Invalid username and passwords would not be be executed.
authenticated. However, if a disingenuous user enters
malicious text, they could, in essence, gain access to data to

www.ijert.org 246
 International Journal of Engineering Research & Technology (IJERT)
ISSN: 2278-0181
ETRASCT' 14 Conference Proceedings

IV. AUDITING decrypted when users or applications authenticate to the

Database auditing is used to track database access and user database and pass all database enforced access controls.
activity. Auditing can be used to identify who accessed Plain text data is unavailable when access is attempted at
database objects, what actions were performed, and what the operating system layer. TDE provides transparent of
data was changed. Database auditing does not prevent encryption of data at rest, a requirement today for
security breaches, but it does provide a way to identify if a regulations that range from privacy laws to PCI-DSS as
breach has occurred. Common categories of database well as protecting against threats directly targeting storage
auditing include monitoring database access attempts, Data either on production servers or backup media.
Control Language (DCL) activities, Data Definition TDE enables data owners to maintain control over the data
Language (DDL) activities, and Data Manipulation by ensuring that sensitive data does not reside in clear text
Language (DML) activities [Yang, 2009]. Monitoring on the underlying media. Without encryption, operating
access attempts includes retaining information on system attacks leave open the possibility of unimpeded
successful and unsuccessful logon and logoff attempts. access to sensitive data via direct access at the operating
DCL audits record changes to user and role privileges, user system layer to the files, or disk blocks, that comprise the
additions, and user deletions. DDL audits record changes to database, bypassing the authentication and access controls
the database schema such as changes to table structure or of the database. TDE has distinct advantages over other
attribute datatypes. DML audits record changes to data. In encryption solutions, in that, a user has to be authenticated
addition, database errors should be monitored [Yang, to the database and pass authorization checks at both the
2009]. Database auditing is implemented via log files and application and database levels before the data is decrypted.
audit tables. The real challenge of database auditing is Encryption is especially important when data is moved into
deciding what and how much data to retain and how long to cloud environments where the management of storage
keep it. Several options exist. A basic audit trail usually media and transmission of data is transparent to the data
captures user access, system resources used, and changes owners themselves. TDE transparently leverages hardware
made to the structure of a database. More complete auditing cryptographic acceleration available on Intel® XEON®
captures data reads as well as data modifications. An audit 5600 and Oracle SPARC® T4 and T5 processors, enabling
trail provides a more complete trace recording of not only encryption to be performed with negligible performance
user access, but also user actions. This type of facility is overhead in most workload environments. TDE tablespace
included with many database management systems. The encryption is integrated with Oracle Compression
RT
most common items that are audited include login attempts, technologies, enabling storage to be optimized without
data read and data modifications operations, unsuccessful sacrificing security.
attempts to access database tables, and attempts to insert
data that violates specific constraints. VI. PREVENTING DATABASE BYPASS WITH
IJE

ENCRYPTION
V. PROTECTING AGAINST DATABASE BYPASS Data-at-rest encryption is an important control for blocking
THREATS unauthorized access to sensitive data using methods that
Database bypass threats include attacks that target backup circumvent the database. Privileged operating system
media, discarded media, and the operating systems. One of accounts are just one of the vehicles used by attackers as
the most widely used technologies used to protect against well as insiders to gain access to sensitive information
database bypass threats is encryption. A key milestone in directly in physical storage.
the widespread recognition of encrypt technologies came in Oracle Advanced Security Transparent Data Encryption
2003 with the passage of California Senate Bill 1386 (TDE) stops attackers from bypassing the database and
(SB1386). SB1386 introduced the topic of encryption to a reading sensitive information from storage by encrypting
broad audience and since then many other states have data in the database layer. Applications and users
passed their own privacy-related laws. Today the need to authenticated to the database continue to have access to
protect privacy-related information is a global issue as application data transparently, while unauthenticated users
companies expand their operations and businesses. In attempting to circumvent the database are denied access to
addition to privacy laws, the Payment Card Industry Data clear text data. To understand this better, consider the fact
Security Standard (PCI-DSS), first introduced in 2006, has that privileged operating system users can access database
raised awareness across the board for security and the need tablespace files and extract sensitive data using simple shell
to render cardholder data unreadable where it is stored and commands. In addition, consider the possibility of attacks
transmitted. While encryption of backup media and proper that read sensitive data from lost, stolen, or improperly
disposal of media are probably the two most well decommissioned disks or backups.
understood security controls, increasing sophisticated
attacks have focused on attacking the servers themselves • Oracle Advanced Security Transparent Data
and gaining access to the raw data files that hold sensitive Encryption
information. Transparent Data Encryption resides at an optimal layer
within the database to prevent database bypass while still
• Advanced Security TDE being transparent to applications and easy to deploy. TDE
Oracle Advanced Security Transparent Data Encryption can encrypt individual application table columns or entire
(TDE) encrypts and decrypts data through the Oracle application tablespaces. It is transparent to applications
database kernel. Data stored on disk is automatically because the encryption and decryption processes do not
encrypted when loaded into the database and automatically require any application changes, and the application users

www.ijert.org 247
 International Journal of Engineering Research & Technology (IJERT)
ISSN: 2278-0181
ETRASCT' 14 Conference Proceedings

do not have to directly deal with encrypted data. Most Data security and in particular protection of data from
importantly, TDE’s built-in two-tier encryption key unauthorized accesses remain important goals of any data
management provides full key lifecycle management, management system. Information security is very important
tracking the keys across their lifetime with helpful meta- in the present scenario. All well-structured establishments
data attributes, and assisted encryption key rotation, (institutions) entail their own databases having a variety of
switching to a new master key with no downtime. TDE is information pertaining to different contexts. We proposed a
unique when compared to other alternatives that encrypt simple method to enhance the database security. Even
entire storage volumes or require new toolkits and though this is a simple approach it yields strong security
programming APIs. Alternative approaches do not protect preferences when it comes to protecting the data. Database
against many bypass attacks, may require significant security is becoming an increasingly important topic and
application changes, have complex key management, and students need to develop core understandings in this area.
are not integrated with complementary technologies such as The primary objectives of database security are to prevent
Oracle Advanced Compression, Oracle Recovery Manager, unauthorized access to data, prevent unauthorized
and Oracle Multitenant. tampering or modification of data, and to ensure that data
remains available when needed. We hope our research
• Protecting Sensitive Data Using TDE Column work will have a good impact in the database security field.
Encryption
Oracle Advanced Security TDE column encryption can be REFERENCES:-
used to encrypt specific data in application tables such as
credit card numbers and U.S. Social Security numbers. [1] Defense Information Systems Agency. (2004).
Customers identify columns within their application Database security technical implementation
schema containing sensitive or regulated data, and then guide, 7(1).
encrypt only those columns. This approach is useful when Department of Defense. Retrieved January 31,
the database tables are large, only a small number of 2010, from
columns must be encrypted, and the columns are known. http://www.databasesecurity.com/dbsec/database-
TDE column encryption also is useful for warehouse stig-v7r1.pdf
applications where each query is likely to return a very
different set of data. Oracle Enterprise Manager Sensitive [2] Guimaraes, M. (2006). New challenges in
RT
Data Discovery searches for and identifies sensitive teaching database security. Proceedings of the
columns quickly. Data encrypted using TDE column 3rd Annual Conference
encryption remains encrypted on backup media and on Information Security Curriculum
discarded disk drives, helping prevent unauthorized access Development, Kennesaw, GA, USA, 64-67.
IJE

and potential data breaches that bypass the database. [3] Knox, D. C. (2004). Effective Oracle database
10g security by design. New York: McGraw-
• Protecting Entire Applications Using TDE Tablespace Hill/Osborne.
Encryption [4] Yang, L. 2009. Teaching database security and
Oracle Advanced Security TDE tablespace encryption auditing. Proceedings of the 40th ACM Technical
protects entire application tables by encrypting the Symposium on Computer Science Education,
underlying tablespaces. It encrypts application tablespaces Chattanooga, TN, USA.
regardless of the data’s sensitivity and irrespective of its [5] L. Bouganim and Y. Guo, “Database encryption,”
data type. Tablespace encryption simplifies the encryption in Encyclopedia of Cryptography and
process because there is no need to identify specific Security.Springer, 2010, 2nd Edition.
database columns. It is useful when the database contains a [6] Chen G, Chen K, Dong J (2006) A Database
large amount of sensitive data to be encrypted and the Encryption Scheme for Enhanced Security and
columns reside in many different locations. TDE tablespace Easy Sharing. CSCWD'06, IEEE Proceedings,
encryption and TDE column encryption can be used IEEE Computer Society, Los Alamitos.
independently of one another or together within the same [7] Burtescu, E. Database security, in, Knowledge
database. As with TDE column encryption, data encrypted Management. Projects, Systems and
with TDE tablespace encryption remains protected on Technologies, International Conference,
backup media that could pose opportunities for bypass Knowledge Management. Projects, Systems and
attacks. Technologies, Bucharest, November 9-10, 2006,
INFOREC Printing House, Bucharest, 2006

CONCLUSION:-
.
The analysis shows that the Database security presents
features that must be taken into account seriously.
Transparent Data Encryption encrypts data at rest to stop
database bypass attacks from accessing sensitive
information in storage. Databases are a favourite target for
attackers because of the data these contain and also because
of their volume. Data warehousing is the ultimate goal.

www.ijert.org 248