1. Overview of database security
1.1 Database Security Concepts and Security Threats
- The database is the basic software of the network information system, which carries various data and becomes the supporting platform of the application system. Database security means that the confidentiality, integrity, and availability of the database can be guaranteed, and it mainly involves database management security, data security, database application security, and database operation security.
The mainstream foreign database systems include MS SQL, MySQL, Oracle, DB2, etc. The domestic database systems mainly include Dajincang, Dameng, etc.
- Currently facing database security mainly include:
(1) Misuses of Authority. Legitimate users steal, modify or destroy confidential resources beyond their authority, and authorized users improperly grant their own access rights to other users
(2) Logical Inference and Aggregation . Individual data items may not be sensitive or important, but when enough individual data items are collected together, sensitive information can be inferred.
(3) Masquerade . An attacker impersonates a normal user to gain access to the database.
(4) Bypass control (Bypassing Controls). Set up a backdoor in the database to bypass the security access control of the database system
(5) Covert Channels . Use abnormal communication channels to transmit data to evade the control of database security mechanisms, such as memory sharing and temporary files.
(6) SQL injection attack (SQL Injection)
(7) Database password cracking (dictionary, database credential)
(8) Hardware and media attacks (launching physical attacks)
1.2 Database security risks and security requirements
- The security risks faced by the database are:
(1) Hidden dangers of user account and password
(2) Hidden dangers of extended stored procedures in the database system. (The intruder can obtain the operation authority of the database by executing a maliciously constructed extended stored procedure)
(3) Database system software and application program vulnerabilities
(4) Hidden dangers in the allocation of database system permissions (excessive permissions are assigned to users, causing users to delete data by mistake, or leak sensitive data)
(5) Weak security awareness of database system users (database system users use weak passwords or improperly keep passwords)
(6) The content of network communication is transmitted in clear text (vulnerability of unencrypted communication content between the database and the application, and network eavesdroppers steal sensitive data such as application-specific data or database login credentials)
(7) The security mechanism of the database system is not perfect (some databases do not provide administrator account renaming, login time limit, and account locking. For example, MS SQL Server cannot delete the account sa, and sa defaults to an empty password)
- The security goal of the database system is to protect the safe operation of the database system and the security of data resources. Generally speaking, the security requirements of the database are mainly as follows.
(1) Database identification and authentication (for user identification and authentication)
(2) Database access control (access authorization and violation control for resources and operations)
(3) Database security audit (record database operations to form audit files)
(4) Database backup and recovery
(5) Database encryption (the database must have an encryption mechanism that can encrypt sensitive data in the database. And the authorized administrator cannot normally decrypt the data encrypted and stored by other users.
(6) Resource restrictions (prevent authorized users from using resources such as database server processor (CPU), shared cache, and database storage media without restriction, limit the number of parallel sessions of each authorized user/administrator, and avoid database denial of service attack)
(7) Database security hardening (vulnerability inspection and patching)
(8) Database security management (centralized security management mechanism to realize centralized configuration and management of database security policies)
2. Database security mechanism and implementation technology
2.1 Database security mechanism
The database is a basic software with high complexity, and its security mechanisms mainly include:
2.2 Implementation Technology
- Database encryption .
Encrypt the data stored or transmitted in the database, and store or transmit in ciphertext. There are two main methods of database encryption:
(1) The data uploaded to the database network is realized by using the SSL protocol
(2) The data stored in the database is realized through database storage encryption
According to the relationship between the loading component and the database management system, database storage encryption can be divided into two encryption methods: in-store encryption and out-of-store encryption.
- database firewall
The database firewall is as shown in the figure below. Through SQL protocol analysis, it allows legal SQL operations to pass according to predefined prohibition and permission policies, blocks illegal operations, forms a peripheral defense circle for the database, and implements proactive anti-bone and auditing of dangerous SQL operations.
The security functions of the database firewall are as follows
- Shield the channel of direct access to the database (prevent the attack on the database by the hidden channel of the database)
- Enhanced authentication. (Database firewall and database itself two-tier authentication)
- attack detection
- Prevent Exploitation
- Prevent internal high-risk operations
- Prevent sensitive data from leaking. (Through the firewall, you can limit database query and download data, and limit the users, places and time of access to sensitive data)
- Database Security Audit
- data desensitization
Using data desensitization technology to transform the data in the database, while maintaining the target of using the database on demand, it can also avoid leakage of sensitive data. Data desensitization refers to transforming sensitive data according to desensitization rules, removing identification data, and anonymizing data, so as to realize the protection of sensitive data. For example, suppose the disease-free identification data is as follows:
3. Oracle database security analysis and protection
- Oracle is a relational , which can run on a variety of hardware platforms and support a variety of operating systems. Oracle follows industry standards for data storage languages, operating systems, user interfaces, and network communication protocols
- Oracle Database uses
(1) User authentication (Oracle authentication mechanisms are diverse. Support operating system authentication, network authentication, multi-level authentication, SSL authentication)
(2) Access control (internal integrated network access control and data object authorization control)
(3) Vault (establish a database vault Database Vault,DVmechanism, which is used to protect sensitive data, and has the functions of preventing unauthorized changes to data systems, multi-factor trusted authorization, segregation of duties, and least privilege.
(4) Security audit and data firewall (with the ability to audit internal activities, as shown in the figure below. There are three types of activities that can be audited by Oracle data: login attempts, database activities, and object acquisition.)
(5) Advanced security functions (provide transparent data encryption and data shielding mechanisms to protect data security)
- Oracle Security Best Practices
(1) Enhance the security of the operating system of the Oracle database server (minimize system services, keep patches up to date, and close network communication ports that do not require communication)
(2) Minimize the installation of Oracle and delete unnecessary components
(3) Install the latest patch
(4) Delete or modify the default user password
(5) Enable authentication mechanism
(6) Set password and password policy
(7) Set minimum permissions
(8) Limit the ip address connecting to Oracle
(9) Transmission encryption
(10) Enable Oracle auditing
(11) Regularly check Oracle vulnerability release information and patch vulnerabilities in time
(12) Implement the Oracle disaster recovery plan (monitoring the safe operation of the database, regular data backup, specifying security emergency records for possible security incidents
4. MS SQL database security analysis and protection
- Originating from Sybase, Microsoft SQL Server is a large-scale relational database gateway system based on Windows NT structure, one of the leading database management systems in the industry, and a core product component of Microsoft.
- The security mechanism provided by MS SQLServer mainly includes the following aspects
(1) User identity authentication
(2) Access control. (A role-based access control mechanism is adopted. The roles of SQL Server are divided into three types, namely fixed server roles Fixed Server Roles, fixed database roles Fixed Database Rolesand emergency roles Application Roles)
(3) Database encryption (provide Transacat-SQL function, asymmetric key, symmetric key, certificate, transparent data encryption mechanism)
(4) Backup and recovery mechanism
(5) Security audit (this mechanism contains multiple components, which can be used to audit all permission usage
- MS SQL Server Security Best Practices
(1) Set up the database password security policy (reject empty passwords, such as MS SQL Slammer is to use the administrator sa password to be empty to attack)
(2) Strengthen the management of extended stored procedures and delete unnecessary stored procedures (the system stored procedures of SQL Server are easily exploited to elevate privileges and destroy them, so ensure that unnecessary stored procedures are deleted)
(3) Encrypted data transmission on the Internet (the Tabular Data Stream protocol is used to transmit data in clear text, which may easily lead to data leakage, and it is recommended to use SSL)
(4) Modify the default TCP/IP port number of the database (SQL Server defaults to port 1433, it is recommended to modify it to other ports)
(5) IP restrictions on network connections for SQL database access
(6) Enable SQL Server log auditing, record all user access and analyze security event logs
(7) Regularly check MS SQL Server vulnerability release information and patch vulnerabilities in time
(8) Ensure the security of the operating system of MS SQL Server (reduce the security from the operating system)
(9) MS SQL Server security detection, formulate a security disaster recovery backup plan.
Five, MySQL database security analysis and protection
- MySQL is a network-based key database system, which has the advantages of functional walls, easy use, convenient management, and fast operation speed. Users can write programs to access MySQL databases in multiple languages, especially in combination with PHP and Apache, and are widely used in Internet field
- The security mechanisms provided by MySQL mainly include the following:
(1) User identity authentication (username/password login)
(2) Access authorization (MySQL administrators can use grant and revoke commands to create, delete users, authorize and revoke operations)
(3) Security audit (MySQL has a built-in audit mechanism that can record the running status of MySQL
- MySQL Security Best Practices
(1) MySQL installation . Create separate users and groups to start MySQL. Install the latest MySQL software package, select the appropriate static parameters to compile the MySQL database
(2) Establish the MySQL Chrooting operating environment . (Form a "sandbox" protection mechanism to enhance the system's ability to resist penetration)
(3) Close the remote connection of MySQL . (Close Mysql's default listening port 3306, local users can mysql.sockconnect through it, and mysql backup is executed through ssh)
(4) Prohibit MySQL from importing local files . (The "LOAD DATA LOCAL INFILE" command is prohibited)
(5) Modify the root user ID and password of MySQL
SET PASSWORD FOR root@localhost=PASSWORD('new_password');
(6) Delete the default user and db of MySQL (delete the default database test. Remove everything except root)
(7) Change the root user name of MySQL to prevent password brute force cracking
update user set uesr="dsb" where user="root"; #将管理员用户名从root修改为dsb
flush privileges; #刷新MySQL的系统权限相关表
(8) Establish a database and user account for separate use by the application (such an account can only access the database used by the corresponding program)
(9) Security monitoring (monitoring the running status and patching vulnerabilities in time)
(10) Security backup (regular backup)
- The main types of MySQL vulnerabilities are denial of service, code execution, overflow, evasion, privilege acquisition, etc. Therefore, it is necessary to install the vulnerability patch package in time
6. Domestic database security analysis and protection
- The national database refers to the database system developed by the national independent research and development force, which has strong controllability and security. Traditional databases such as Shenzhou Data, Renmin University Jincang, and Dameng, as well as the Anjie real-time database of the Institute of Software, Chinese Academy of Sciences, have been formed.
- The main security risks faced by the domestic database system are analyzed as follows
(1) Domestic database security loopholes
(2) Domestic databases rely on the security of third-party system components (for example, Open SSL protocol security vulnerabilities have an impact on database network transmission security)
(3) Security of domestic database system security configuration (improper configuration constitutes system security)
(4) The security of the domestic database support platform (limited by the security issues caused by the operating system)
- Domestic database security enhancement measures
(1) Mining and scanning of domestic database security vulnerabilities (a database attack and defense laboratory has been established in China, and domestic database security mining research work has been launched)
(2) Domestic database encryption (Dameng database gateway system provides a set of easy-to-use, flexible and reliable information storage encryption functions such as internal algorithm encryption, third-party software and hardware storage encryption, transparent encryption, semi-transparent encryption, and non-transparent encryption)
(3) Domestic security database (KingbaseES security version of the National People’s Congress Jincang database follows the fourth-level technical requirements of the national security database standard GB/T 20273-2019, and is independently developed with reference to the security model in the industry, as shown in the figure)
