MySQL security is a concept that originates from database security and mainly comprises attacks that exploit database systems vulnerabilities. SQL injection, inference attack, passive attack, active attack, and other database side attacks are general security issues in many modern database systems. Those methods are used by hackers to retrieve, manipulate, misuse, make or delete information in organizations’ relational databases through application layer or backend layer. Different techniques to prevent MySQL against these attacks investigated and discussed in this article. Besides, different ways to secure or database were introduced. In this article, different ways to protect the data in relational databases including database backups, database and table locking, database encryption, user control, MySQL Enterprise Firewall, and use of views are discussed. Furthermore, each protection method explained with their usages and advantages. Database designers have to be aware of these methods to increase data protection on their designed information management systems. The goals of this research are to cover all security problems that occur in MySQL backend, declaring the security vulnerabilities and providing suggestions to improve MySQL security and preventing an attacker from attacking these systems.
Read full abstract