• IMPLEMENTATION OF DATABASE SEC...

Treffer: IMPLEMENTATION OF DATABASE SECURITY BASED ON ORACLE AUDIT VAULT AND DATABASE FIREWALL ; РЕАЛІЗАЦІЯ ЗАХИСТУ БАЗИ ДАНИХ НА ОСНОВІ «ORACLE AUDIT VALUT AND DATABASE FIREWALL»

Title:
IMPLEMENTATION OF DATABASE SECURITY BASED ON ORACLE AUDIT VAULT AND DATABASE FIREWALL ; РЕАЛІЗАЦІЯ ЗАХИСТУ БАЗИ ДАНИХ НА ОСНОВІ «ORACLE AUDIT VALUT AND DATABASE FIREWALL»
Authors:
Тишик, Іван
Source:
Electronic Professional Scientific Journal «Cybersecurity: Education, Science, Technique»; Vol. 2 No. 26 (2024): Cybersecurity: Education, Science, Technique; 56-70 ; Електронне фахове наукове видання «Кібербезпека: освіта, наука, техніка»; Том 2 № 26 (2024): Кібербезпека: освіта, наука, техніка; 56-70 ; 2663-4023 ; 10.28925/2663-4023.2024.26
Publisher Information:
Education, Science, Technique
Publication Year:
2024
Collection:
Cybersecurity: Education, Science, Technique (E-Journal) / Кібербезпека: освіта, наука, техніка
Subject Terms:
Database Management System, Authorization Model, Role-Based Access Control, SQL Injection, Program Query Language, Database Activity Monitoring, Database Firewall, Система управління базами даних, модель авторизації, управління доступом на основі ролей, SQL ін’єкція, мова запитів програми, моніторинг активності бази даних, брандмауер баз даних
Document Type:
Fachzeitschrift article in journal/newspaper
File Description:
application/pdf
Language:
Ukrainian
Relation:
https://csecurity.kubg.edu.ua/index.php/journal/article/view/666/546; https://csecurity.kubg.edu.ua/index.php/journal/article/view/666
DOI:
10.28925/2663-4023.2024.26.666
Availability:
https://csecurity.kubg.edu.ua/index.php/journal/article/view/666
https://doi.org/10.28925/2663-4023.2024.26.666
Rights:
Авторське право (c) 2024 Іван Тишик ; https://creativecommons.org/licenses/by-nc-sa/4.0
Accession Number:
edsbas.F1BAAA4F
Database:
BASE

Weitere Informationen

The paper provides recommendations for protecting databases from unauthorized intrusions, organizes the collection of statistics on the relevance and potential number of database attacks currently occurring worldwide, and offers a general overview of database attacks and countermeasures. To monitor database activity for unauthorized actions, the solution used is Oracle Audit Vault and Database Firewall, which combines built-in audit data with network SQL traffic capture. This solution prevents unauthorized database connections. It is evident that some databases may be compromised by cybercriminals through sheer luck or by exploiting employee negligence. Many companies may neglect to change default login credentials for information systems. Weak employee passwords that are easy to guess, or passwords that are not changed regularly, can also be exposed by cybercriminals. Hackers often use automated software to gain unauthorized access to an information system by brute-forcing passwords, cycling through words from a dictionary. Many users choose simple words for passwords that could potentially be included in a dictionary, making the information system vulnerable. Additionally, database access can easily be achieved using malicious software designed to exploit unprotected or outdated systems. This can also apply to unused database features, which may have their own vulnerabilities. Attackers can exploit software vulnerabilities in various ways, such as writing code for a target vulnerability hidden inside malware. Updates can improve software performance, fix existing bugs, remove outdated features that take up disk space, and enhance the overall security of the system. Updates are available for both operating systems and database management systems, and are crucial for ensuring their security and stability. ; Анотація. В роботі надані рекомендації щодо захисту баз даних від несанкціонованих вторгнень, організовано збір статистики щодо актуальності та потенційної кількості атак на бази даних, які на цей ...