SQL-tietokantojen suojaaminen tietoturvauhilta

SQL-tietokantojen suojaaminen tietoturvauhilta

Viimeisen kolmenkymmenen vuoden aikana tietotekniikkaympäristö on käynyt läpi monia muutoksia, ja tietokantatutkimusyhteisöt ovat yrittäneet pysyä askeleen edellä tietokannan turvallisuusuhkia. Turvallisuuden merkitystä on lisännyt yritysten kriittisten toimintojen digitalisoituminen. Tietokannat us...

Full description

Bibliographic Details
Main Author: Järvinen, Sami
Other Authors: Informaatioteknologian tiedekunta, Faculty of Information Technology, Informaatioteknologia, Information Technology, Jyväskylän yliopisto, University of Jyväskylä
Format: Bachelor's thesis
Language:fin
Published: 2021
Subjects:
SQL-injektio
palvelunestohyökkäys
liialliset oikeudet
Tietotekniikka
Mathematical Information Technology
602
tietokannat
SQL
tietoturva
Online Access: https://jyx.jyu.fi/handle/123456789/75746
_version_ 1826225808309485568
author Järvinen, Sami
author2 Informaatioteknologian tiedekunta Faculty of Information Technology Informaatioteknologia Information Technology Jyväskylän yliopisto University of Jyväskylä
author_facet Järvinen, Sami Informaatioteknologian tiedekunta Faculty of Information Technology Informaatioteknologia Information Technology Jyväskylän yliopisto University of Jyväskylä Järvinen, Sami Informaatioteknologian tiedekunta Faculty of Information Technology Informaatioteknologia Information Technology Jyväskylän yliopisto University of Jyväskylä
author_sort Järvinen, Sami
datasource_str_mv jyx
description Viimeisen kolmenkymmenen vuoden aikana tietotekniikkaympäristö on käynyt läpi monia muutoksia, ja tietokantatutkimusyhteisöt ovat yrittäneet pysyä askeleen edellä tietokannan turvallisuusuhkia. Turvallisuuden merkitystä on lisännyt yritysten kriittisten toimintojen digitalisoituminen. Tietokannat usein pitävät sisällään arkaluontoisia tietoja ja ne ovat olennainen osa kaikkia tietojärjestelmiä. Yleisimmät tietokantaohjelmistot perustuvat relaatiomalliin, johon voi tehdä hakuja SQL-kielellä. Tietokantojen tietoturvallisuus on tärkeää, jos tapahtuu tietovuoto, siitä on haittaa tietokannan omistajalle ja kohteelle, josta tietoa kerättiin. Tässä tutkielmassa käsitellään SQL-injektiota, palvelunestohyökkäystä, liiallisia oikeuksia ja väärin määritettyä tietokantaa ja kuinka näiltä voidaan suojautua. Over the past thirty years, the IT environment has undergone many changes, and database research communities have tried to stay one step ahead of database security threats. The importance of security has been increased by the digitalization of companies' critical functions. Databases often contain sensitive information and are an essential part of all information systems. The most common database software is based on a relational model that can be searched in SQL. The information security of databases is important if a data leak occurs it is detrimental to the owner of the database and the object from which the information was collected. This paper discusses SQL injection, denial of service attack, excessive privileges, and a misconfigured databases and how to protect against these threats.
first_indexed 2024-09-11T08:50:34Z
format Kandityö
free_online_boolean 1
fullrecord [{"key": "dc.contributor.advisor", "value": "Rossi, Tuomo", "language": "", "element": "contributor", "qualifier": "advisor", "schema": "dc"}, {"key": "dc.contributor.author", "value": "J\u00e4rvinen, Sami", "language": "", "element": "contributor", "qualifier": "author", "schema": "dc"}, {"key": "dc.date.accessioned", "value": "2021-05-19T06:21:45Z", "language": null, "element": "date", "qualifier": "accessioned", "schema": "dc"}, {"key": "dc.date.available", "value": "2021-05-19T06:21:45Z", "language": null, "element": "date", "qualifier": "available", "schema": "dc"}, {"key": "dc.date.issued", "value": "2021", "language": "", "element": "date", "qualifier": "issued", "schema": "dc"}, {"key": "dc.identifier.uri", "value": "https://jyx.jyu.fi/handle/123456789/75746", "language": null, "element": "identifier", "qualifier": "uri", "schema": "dc"}, {"key": "dc.description.abstract", "value": "Viimeisen kolmenkymmenen vuoden aikana tietotekniikkaymp\u00e4rist\u00f6 on k\u00e4ynyt l\u00e4pi monia muutoksia, ja tietokantatutkimusyhteis\u00f6t ovat yritt\u00e4neet pysy\u00e4 askeleen edell\u00e4 tietokannan turvallisuusuhkia. Turvallisuuden merkityst\u00e4 on lis\u00e4nnyt yritysten kriittisten toimintojen digitalisoituminen. Tietokannat usein pit\u00e4v\u00e4t sis\u00e4ll\u00e4\u00e4n arkaluontoisia tietoja ja ne ovat olennainen osa kaikkia tietoj\u00e4rjestelmi\u00e4. Yleisimm\u00e4t tietokantaohjelmistot perustuvat relaatiomalliin, johon voi tehd\u00e4 hakuja SQL-kielell\u00e4. Tietokantojen tietoturvallisuus on t\u00e4rke\u00e4\u00e4, jos tapahtuu tietovuoto, siit\u00e4 on haittaa tietokannan omistajalle ja kohteelle, josta tietoa ker\u00e4ttiin. T\u00e4ss\u00e4 tutkielmassa k\u00e4sitell\u00e4\u00e4n SQL-injektiota, palvelunestohy\u00f6kk\u00e4yst\u00e4, liiallisia oikeuksia ja v\u00e4\u00e4rin m\u00e4\u00e4ritetty\u00e4 tietokantaa ja kuinka n\u00e4ilt\u00e4 voidaan suojautua.", "language": "fi", "element": "description", "qualifier": "abstract", "schema": "dc"}, {"key": "dc.description.abstract", "value": "Over the past thirty years, the IT environment has undergone many changes, and database research communities have tried to stay one step ahead of database security threats. The importance of security has been increased by the digitalization of companies' critical functions. Databases often contain sensitive information and are an essential part of all information systems. The most common database software is based on a relational model that can be searched in SQL. The information security of databases is important if a data leak occurs it is detrimental to the owner of the database and the object from which the information was collected. This paper discusses SQL injection, denial of service attack, excessive privileges, and a misconfigured databases and how to protect against these threats.", "language": "en", "element": "description", "qualifier": "abstract", "schema": "dc"}, {"key": "dc.description.provenance", "value": "Submitted by Paivi Vuorio (paelvuor@jyu.fi) on 2021-05-19T06:21:45Z\nNo. of bitstreams: 0", "language": "en", "element": "description", "qualifier": "provenance", "schema": "dc"}, {"key": "dc.description.provenance", "value": "Made available in DSpace on 2021-05-19T06:21:45Z (GMT). No. of bitstreams: 0\n Previous issue date: 2021", "language": "en", "element": "description", "qualifier": "provenance", "schema": "dc"}, {"key": "dc.format.extent", "value": "22", "language": "", "element": "format", "qualifier": "extent", "schema": "dc"}, {"key": "dc.language.iso", "value": "fin", "language": null, "element": "language", "qualifier": "iso", "schema": "dc"}, {"key": "dc.rights", "value": "In Copyright", "language": "en", "element": "rights", "qualifier": null, "schema": "dc"}, {"key": "dc.subject.other", "value": "SQL-injektio", "language": "", "element": "subject", "qualifier": "other", "schema": "dc"}, {"key": "dc.subject.other", "value": "palvelunestohy\u00f6kk\u00e4ys", "language": "", "element": "subject", "qualifier": "other", "schema": "dc"}, {"key": "dc.subject.other", "value": "liialliset oikeudet", "language": "", "element": "subject", "qualifier": "other", "schema": "dc"}, {"key": "dc.title", "value": "SQL-tietokantojen suojaaminen tietoturvauhilta", "language": "", "element": "title", "qualifier": null, "schema": "dc"}, {"key": "dc.type", "value": "bachelor thesis", "language": null, "element": "type", "qualifier": null, "schema": "dc"}, {"key": "dc.identifier.urn", "value": "URN:NBN:fi:jyu-202105193011", "language": "", "element": "identifier", "qualifier": "urn", "schema": "dc"}, {"key": "dc.type.ontasot", "value": "Bachelor's thesis", "language": "en", "element": "type", "qualifier": "ontasot", "schema": "dc"}, {"key": "dc.type.ontasot", "value": "Kandidaatinty\u00f6", "language": "fi", "element": "type", "qualifier": "ontasot", "schema": "dc"}, {"key": "dc.contributor.faculty", "value": "Informaatioteknologian tiedekunta", "language": "fi", "element": "contributor", "qualifier": "faculty", "schema": "dc"}, {"key": "dc.contributor.faculty", "value": "Faculty of Information Technology", "language": "en", "element": "contributor", "qualifier": "faculty", "schema": "dc"}, {"key": "dc.contributor.department", "value": "Informaatioteknologia", "language": "fi", "element": "contributor", "qualifier": "department", "schema": "dc"}, {"key": "dc.contributor.department", "value": "Information Technology", "language": "en", "element": "contributor", "qualifier": "department", "schema": "dc"}, {"key": "dc.contributor.organization", "value": "Jyv\u00e4skyl\u00e4n yliopisto", "language": "fi", "element": "contributor", "qualifier": "organization", "schema": "dc"}, {"key": "dc.contributor.organization", "value": "University of Jyv\u00e4skyl\u00e4", "language": "en", "element": "contributor", "qualifier": "organization", "schema": "dc"}, {"key": "dc.subject.discipline", "value": "Tietotekniikka", "language": "fi", "element": "subject", "qualifier": "discipline", "schema": "dc"}, {"key": "dc.subject.discipline", "value": "Mathematical Information Technology", "language": "en", "element": "subject", "qualifier": "discipline", "schema": "dc"}, {"key": "yvv.contractresearch.funding", "value": "0", "language": "", "element": "contractresearch", "qualifier": "funding", "schema": "yvv"}, {"key": "dc.type.coar", "value": "http://purl.org/coar/resource_type/c_7a1f", "language": null, "element": "type", "qualifier": "coar", "schema": "dc"}, {"key": "dc.rights.accesslevel", "value": "openAccess", "language": null, "element": "rights", "qualifier": "accesslevel", "schema": "dc"}, {"key": "dc.type.publication", "value": "bachelorThesis", "language": null, "element": "type", "qualifier": "publication", "schema": "dc"}, {"key": "dc.subject.oppiainekoodi", "value": "602", "language": "", "element": "subject", "qualifier": "oppiainekoodi", "schema": "dc"}, {"key": "dc.subject.yso", "value": "tietokannat", "language": null, "element": "subject", "qualifier": "yso", "schema": "dc"}, {"key": "dc.subject.yso", "value": "SQL", "language": null, "element": "subject", "qualifier": "yso", "schema": "dc"}, {"key": "dc.subject.yso", "value": "tietoturva", "language": null, "element": "subject", "qualifier": "yso", "schema": "dc"}, {"key": "dc.rights.url", "value": "https://rightsstatements.org/page/InC/1.0/", "language": null, "element": "rights", "qualifier": "url", "schema": "dc"}]
id jyx.123456789_75746
language fin
last_indexed 2025-02-18T10:56:30Z
main_date 2021-01-01T00:00:00Z
main_date_str 2021
online_boolean 1
online_urls_str_mv {"url":"https:\/\/jyx.jyu.fi\/bitstreams\/a4d06065-4347-4b99-807f-c20ce8e17657\/download","text":"URN:NBN:fi:jyu-202105193011.pdf","source":"jyx","mediaType":"application\/pdf"}
publishDate 2021
record_format qdc
source_str_mv jyx
spellingShingle Järvinen, Sami SQL-tietokantojen suojaaminen tietoturvauhilta SQL-injektio palvelunestohyökkäys liialliset oikeudet Tietotekniikka Mathematical Information Technology 602 tietokannat SQL tietoturva
title SQL-tietokantojen suojaaminen tietoturvauhilta
title_full SQL-tietokantojen suojaaminen tietoturvauhilta
title_fullStr SQL-tietokantojen suojaaminen tietoturvauhilta SQL-tietokantojen suojaaminen tietoturvauhilta
title_full_unstemmed SQL-tietokantojen suojaaminen tietoturvauhilta SQL-tietokantojen suojaaminen tietoturvauhilta
title_short SQL-tietokantojen suojaaminen tietoturvauhilta
title_sort sql tietokantojen suojaaminen tietoturvauhilta
title_txtP SQL-tietokantojen suojaaminen tietoturvauhilta
topic SQL-injektio palvelunestohyökkäys liialliset oikeudet Tietotekniikka Mathematical Information Technology 602 tietokannat SQL tietoturva
topic_facet 602 Mathematical Information Technology SQL SQL-injektio Tietotekniikka liialliset oikeudet palvelunestohyökkäys tietokannat tietoturva
url https://jyx.jyu.fi/handle/123456789/75746 http://www.urn.fi/URN:NBN:fi:jyu-202105193011
work_keys_str_mv AT järvinensami sqltietokantojensuojaaminentietoturvauhilta

Similar Items