Databases

Question 1

SQLi types of attacks

Answer 1

inband -> same comm channel for injecting SQL code and getting results
tautology, always resolve to tru
end-of-line comment, add comment at end
piggy-backed queries, add extra queries

inferential -> reconstruct by sending info and observing result
illegal/logically incorrect queries
blind sql injection

out-of-band -> different channel (email) to send/get results

Countermeasures
SQL DOM -> api guided queries
signature or anomaly based -> matching patterns
code analysis

Question 2

Access Control

Answer 2

Cascading authorizations
grant option enables access right to cascade through a number of users.

In this way revoking, revokes all cascading privileges assigned that initiated from the grant being assigned

RBAC
application owner
end user other than app owner
admin

SQL Server (server, database, user-defined) . server and db are fixed server roles.
user-defined roles can be assigned access rights to portions of the database

Question 3

DB Encryption

Answer 3

Encrypting numerical values (retrieval)
for text based is easy query using encrypted value, but for numbers there is no ordered correlation of encrypted value

Define partitions of the fields, when getting a range get all blocks that have to do with the partition and then remove rows that don’t form part of the query