Within the past decade, there has been a tremendous growing need for web servers and databases; also their related service and the two concepts have hit the headlines as the most researched knowledge domains in the technology sphere. Subsequently, this has revolutionized the way many people interact with one another through effective information sharing. This rapid spread and the management effectiveness of advanced technologies are establishing great opportunities for development of distributed system at a large scale. Although, this remarkable growth has also come with some security concerns which need to be carefully handled because some of data available in these platforms is really ...view middle of the document...
These areas of application may include but not limited to; Government to records information such as statistics, election information and tax records among others; Police for criminal records management; Banks to store, track and analyze all customers and their related transactions; Motor vehicle department to keep driver’s and vehicle’s records and history.
In respect to the discussed, these two concepts are phenomenal in the current technological error we are living in. They are diverse in technology adoption and need sophisticated platforms to implement them. For instance, with database implementation, exist a set of software tools commonly referred to as Databases management systems (DBMS) which assist in accessing, organizing, storing, managing, retrieving and maintaining data in a database. The same functions apply to the web server software tools as they perform their intended function of serving contents using HTTP protocol. The only difference which presents is the model used in data representation or structure adopted in dissemination of data; hierarchical, network, or entity-relationship model, distributed, flat file etc.
This data representation is the most critical aspect in determining and ensuring the security of the web server and databases platforms. Some models or types are vulnerable to web attacks than others depending on the data structure in place. To understand how these attacks relate to web servers and databases, this paper critically analyses the attacks and threats to the concepts security and what model/type(hierarchical, networked, relational, object oriented, distributed) is vulnerable to what attack.
Web and database security threats can be grouped in two distinct sets; logical and physical threats. Physical threats comprise but not limited to password forced disclosure, theft, power failures, and destruction of storage devices. On the other hand logical attacks involve unauthorized access to information usually through use of 3rd party software.
One of the largest threats to a web server or database is a malicious authorized user whereby such user can justifiably have access confidential information. This information can be leaked to the user either electronically or by other traditional means like use of the word of mouth and little can be done to prevent this from within the DBMS or web server software. Use of mandatory access controls or access control list whereby one issues users with certain limitation in the access privileges for users can work out to secure the said systems.
Another way to compromise a web server and database is to successfully log in as a legitimate user. This can be done by physically stealing the information or monitoring network traffic for login information. Another way could involve accessing password lists stored in an operating system. The database must set up authentication and encryption measures to ensure that this type of attack is less likely to occur. The web server could be...