As there is rapid increase in organizations, distributed database importance is increasing day by day. Because they are distributed geographically different areas the internet traffic and interaction of users with DDBS to use different resources of organization has been increased immensely. As our interaction increasing, security threats increasing as well. Our distributed environment must be available any time to provide the services to customers. So, proper management of internet resources, database allocation and their utilization is required. Some measures must be taken to secure our environment from unauthorized access. In this paper we are going to focus on security threats from external sources.
Keywords: Distributed database , Operating System, Database, Attacker, Database Administrator, Security .
This Research Paper may contain errors or omissions. This paper is upload to guide computer science students.Mohammad Umar
In modern era, computer hardly worked in isolated environment . They have to work together with each other for communication and other data sharing purposes. People are connected with one another via internet to share thoughts. When we search or pass any query to internet, it finds this particular query results on some databases and display us. In short, we are indirectly connected with databases. And these databases are distributed on various locations.
Database is an organized collection of related data that is stored in efficient and compact manner . Here the word organized means data should be stored in such a way that should retrieved easily and quickly. The word compact means that the data should take less space to store. For example, college data can be managed as college database. A database contains many tables. Table is the combination or intersection of rows and columns. Rows are also known as tuples. Columns are also known as fields.
Entity is anything about which data is collected. Each table has a number of fields that characterize the attributes of the entity. Fields are commonly known as rows of table or tuples. Entities are commonly known as columns of table. Database management system(DBMS) is the system or application software that is used to store, manage and manipulate data in database e.g. Oracle, MySQL etc.
Coulouris et al., have defined a distributed system as “a system where the hardware and software components have been installed in geographically isolated computers that coordinate and collaborate their actions by passing messages between them . By this definition we conclude that database is distributed various computer that are geographically on different location. And work together to perform specific task. Distributed Database(DD) is further divided in two categories homogenous and heterogeneous. In homogeneous DD system must have same operating system and primary hardware. While in heterogeneous DD database application or operating system may differ.
As these systems are geographically on different location the security risks are increased. In this paper we are going to point out the major flaws that can be faced in distributed database system.
2. Related Work
As we concern with security due to repaid increase on users a lot of work is done in DDB. A lot of research papers are published that indicates security threats in DDB. But there is not a single paper that discuss DDB security flaws as well as network security threats. They only focus on the threats like, concurrency, authorization etc. in this paper we are going to discuss all possible threats that can be faced.
3. Categories of Distributed Database
There are many categories of distributed database but we are going to focus on some particular type that are used now a day . These are as follow:
- Cluster Computing
- Distributed databases
- Distributed storage systems
3.1 Distributed Database
A distributed database management system is the set of many database systems that are geographically located on different areas and works collaboratively to perform some specific task. A user connected to the distributed system feels like the database is installed locally.
3.2 Cluster Computing
A cluster computer is a set of computer that work together to perform a signal task. A collection of more than one computer that work together collaboratively to perform a particular task is known cluster computing. When a task is divided into multiple computer, all these clusters work together to perform task. Hence, time taken to perform task is decreased.
Then, the result of the smaller tasks would be combined to form the final result .
3.3 Distributed Storage Systems
The rapid growth in user’s there is need of storage volume, bandwidth and computation power. The primary goal of distributed storage system is protecting data. Its responsibility is to keep data consistent in any case of failure. It also ensures that the data should be available any time to user
Computer science is a rapidly growing field. In the computer science, term security or computer security means all the techniques for guaranteeing that data stored in a computer cannot be accessed or read by any individuals without authorization . It has become very important to discuss what kind of security threats can be faced.
5. Goals of Computer Security
A computer system has three value able assets associate with it i.e.
Our primary goal to protect all of them. In DDBS our major goals are:
5.1 Secrecy means information stored in system available only on authorized persons.
5.2 Privacy means that the information is used only for a given purpose. It should not be used for illegal purpose.
5.3 Authenticity It means system must be as strong as to authenticate what type of data is coming into system and going from system. Unauthorized persons are not allowed to enter or send data in system.
5.4 Integrity means that system must be able to apply certain consistency constraints to ensure reliability of data.
6. Potential Vulnerabilities, Threats, Attacks
We can define a threat as any activity that may exploit flaws to breach security, which may lead harm effects on system . Another term that is used, attack which is unauthorized attempt that may destroy, or steal information from system. Vulnerability can be defined as the weakness and flaws in the system. There is different type of threats as follow: –
6.1 Interception may be defined as some unauthorized access. Unauthorized access may be a person of another computer system or software. Interception failure may lead loss of data; user may copy data without any trace.
6.2 Interruption means some other party breaks system security or cut off all the services. It may lead unexpected behavior of Operating System (OS).
6.3 Modification can be defined as if some unauthorized person gain access to system as well and modify system files e.g. user may change data values stored in database, alter any program. These changes are almost impossible to find or detect.
6.4 Fabrication is similar to modification but there is a slight difference in modification unauthorized user change or modify existed data but in fabrication one can insert new data. Fabrication detection sometimes become impossible if it is done by experienced hacker.
Fig.4 Major Vulnerabilities
Attacks are the most serious threats in distributed database system . It can be further divided into two categories:
- Passive Attack
- Direct. Attack
- Logic bomb
- Integrity attack
- Delay attack
- Replay attack
- Denial attack
6.6 By Pass Login Page
This is the easiest method to bypass the database security. A cyber-terrorist can bypass login form using different queries and methods i.e. or condition, having clause or multiple queries.
6.7 URL Access
Using SELECT or UNION clause an attacker may change in query string that is passed in URL. He can modify data or interrupt data incorrectly.
6.8 Authorized People
As we know there are a lot of people that are interacting with database system directly. Through these people hackers can easily approach database system.
6.9 Harmful Code
By installing a software, a virus can be inserted in system as well and can damage database its components or boot sector of the operating system.
According to a survey some issue may: poor architecture, misconfigurations, and vendor bugs incorrect usage .
6.10 Vendor bugs
Bug is defined as unexpected behavior of software. Patches are installed to remove these bugs. Virus can be entering while installing these patches. 6.11 Configuration issues
If system is not properly configured it may cause serious issues. Configuration of database is set in such a way that it compromises with security. For example, While Oracle configuration there is an authentication parameter. If it is set to true we are allowing unauthorized user to enter in the system.
6.12 DBA Negligence /
DBA negligence while assigning privileges may lead to security issues. If DBA is not properly use data encryption techniques security threats may increase.
6.13 Design level Vulnerabilities/ Issues
There are following design level issues
6.14 Centralized or Decentralized Authorization Issue
Centralized means there is only one system acting as a server and providing services to other clients . Decentralized means there is no central computer. System have multiple servers and work together to provides services to other clients.
6.15 Grant System Access
One of the important issue where to grant system access it may be office site, remote site, home site. It is an important issue to choose grants while designing database system. Since there is more than one grant access which leads to serious security threats.
6.16 Integrity issues
It is very difficult to apply integrity issues on these databases that are located on different geo locations. To preserve integrity in heterogeneous database is more difficult.
6.17 Heterogeneity issue
If the system is heterogeneous it will lead some following threats as it can lead local inconsistency constraints among. It may lead global inconsistency constraints.
6.18 Excessive Privileges to Users
When we grant to more privileges to someone than his/her job requirements. These privileges can gain access to unauthorized persons or can be misused. For example, in a University a department administrator whose job is to read only records of student may also update the records.
6.19 Privilege Misuse
Privileges are the most crucial part of a DDBS which is always ignored . A certain type of privileged user may misuse legitimate data access to unauthorized persons.
6.20 Inadequate Web Application Security
Most of the organization focuses more on the design of web application by ignoring security of web application. Hence they are paving a path for an attacker. Attacker may use SQL Injection or other tools to bypass the application or SQL commands .
6.21 Weak audits
Audits are made to keep organization security correct and consistent. If there are security gaps in organization, they can be detected while auditing . But weak or poor audit management may lead to serious threats.
In this paper, we discussed all types of possible threats, attacks, and vulnerabilities. We have discussed potential threats such as interception, fabrication, interrupts and modification in details. Two major categories of attacks are also discussed i.e. Active attack and Passive attack. We must be aware of security threats because our database is located geographically on different areas. By viewing all these threats and vulnerabilities we concluded that if any of this flaw or attack happen it will cause serious harms to our distributed system.
8. Future Work
In this paper, we described all possible threats for distributed database management system. In future our focus will be the solution of these treats. How can we overcome all these vulnerabilities and makes our system’s environment strong? As long as we do not overcome all these treats, our system’s is in danger.
. “Database and Database management system”
. G. F. Coulouris, J. Dollimore, and T. Kindberg, 2005, Distributed SystemsConcepts and Design, 4th ed. London, England: Addison – Wesley.
. Bell, David and Jane Grisom,1992, “Distributed Database Systems” Workinham.
. Y. Amir, Y. Kim, C., 2004, “Secure group communication using robust contributory key agreement”.
. Paul Lothian and Peter Wenham,
2001, “Database Security in Web Environment”.
. Zakira Suliman Zubi , 2009 IEEE, “ On Distributed Database Security Aspects”
 Andriy Furmanyuk , Mykola
Karpinskyy, Bohdan Borowik, 2007 IEEE
“Modern Approaches to the Database Protection”
. T. S. Andrew and M. V. Steen, 2007,
“Distributed Systems: Principles and Paradigms”.
. Stefano Ceri, Giuseppe Pelagatti,
1984, “ Distributed Databases: Principles and Systems”.
. Depavath Harinath and P. Satyanarayana, 1, February 2017, “A Review on Security Issues and Attacks in Distributed Systems”.