Methods to Secure Databases Against Vulnerabilities

Abstract

Many commercial and government organizations utilize some form of proprietary or open source database management system. Recent history shows security incidents involving database management system vulnerabilities resulting in the compromise of personal information for millions of people. This thesis identifies common vulnerabilities affecting database management systems: injection, misconfigured databases, HTTP interfaces, encryption, and authentication and authorization. This thesis also examines three open source database management systems: MySQL, MongoDB, and Cassandra. We test each against the aforementioned vulnerabilities and provide recommendations to mitigate the vulnerabilities.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Dec 01, 2015
Accession Number
AD1009288

Entities

People

  • Jonathan P. Sloan

Organizations

  • Naval Postgraduate School

Tags

Communities of Interest

  • Cyber

DTIC Thesaurus Topics

  • Authentication
  • Code Injection
  • Computer Program Documentation
  • Computer Programming
  • Computer Programs
  • Computer Science
  • Computers
  • Database Management Systems
  • Databases
  • Domain Specific Programming Languages
  • Information Security
  • Operating Systems
  • Relational Database Management Systems
  • Relational Databases
  • Security

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Database Systems and Applications
  • Distributed Systems and Data Platform Development