Today, large amounts of data are being continuously produced, collected, and exchanged between systems. As the number of devices, systems and data produced grows up, the risk of security breaches increases. This is all the more relevant in times of COVID-19, which has affected not only the health and lives of human beings' but also the lifestyle of society, i.e., the digital environment has replaced the physical. This has led to an increase in cyber security threats of various nature. While security breaches and different security protection mechanisms have been widely covered in the literature, the concept of a primitive artifact such as data management system seems to have been more neglected by researchers and practitioners. But are data management systems always protected by default? Previous research and regular updates on data leakages suggest that the number and nature of these vulnerabilities are high. It also refers to little or no DBMS protection, especially in case of NoSQL, which are thus vulnerable to attacks. The aim of this paper is to examine whether traditional vulnerability registries provide a sufficiently comprehensive view of DBMS security, or they should be intensively and dynamically inspected by DBMS owners by referring to Internet of Things Search Engines moving towards a sustainable and resilient digitized environment. The paper brings attention to this problem and makes the reader think about data security before looking for and introducing more advanced security and protection mechanisms, which, in the absence of the above, may bring no value.
翻译:摘要:如今,大量的数据在系统之间持续产生,收集和交换。随着设备,系统和数据的数量不断增长,安全事故的风险也在增加。尤其是在COVID-19影响到社会生活方式,即数字环境取代物理环境的时候,这一点则更为明显。这导致了各种类型的网络安全威胁更加频繁。虽然安全事件和不同的安全保护机制已经被广泛地研究过,但是一个最原始的工具,如数据管理系统,似乎一直被研究人员和从业人员所忽视。但是,数据管理系统总是默认受到保护的吗?以前的研究和对数据泄露的定期更新表明,这些漏洞的数量和性质都很高。此外,在NoSQL中,由于缺乏或者缺乏DBMS保护,因此非常容易受到攻击。本文旨在探讨传统的漏洞注册表是否提供了足够全面的数据库管理系统(DBMS)安全性视角,或者它们应被DBMS所有者积极而且动态地进行检查,从而达到可持续和抗打击的数字化环境。本文引起了对这个问题的关注,并让读者在寻找并引入更先进的安全和保护机制之前先思考数据安全性,因为在没有上述支持的情况下,这些机制可能没有任何价值。