Database Security

Question :

Why would a database administrator set up a honeypot?

What role does a firewall play in a honey pot design?

What is the difference between hashing a password and encrypting it?

Answer :

Answer1.

A honeypot is a tool that is used by the database administrator to detect unauthorized access to the information system. It is capable of making attackers slow down who can get access to the information system and damage confidential data. Honeypot creates several decoys that distract the attackers. It also helps the organization to train the security team to secure a database (Wouters et al., 2016). The database administrator sets up a honeypot to protect the database from the attackers. 

Asnwer2.

A firewall plays an important role in a honeypot design. A firewall works oppositely in a honeypot that of a normal firewall. A normal firewall restricts whatever comes into a system from the internet. On the other hand, a firewall in honeypot does not restrict what comes into a system from internet but allows traffics to come into the system from internet and then put restrictions on what is going out of the system or what system sends back out (Kobayashi et al., 2019). It helps the administrator to identify the vulnerabilities of the system. Thus, the administrator can redesign the system to protect from hackers.

Answer3.

Encrypting a password or encryption is a process of scrambling data in a way that can be unscrambled only by that person who has the corresponding key to unscramble and read it. It is a two-way function in which an individual encrypt something with an intention to decrypt it later (Baum et al., 2017). On the other hand hashing, a password is a process of mapping data of any size to a particular length with the help of an algorithm. It is a one-way function. 

References 

Baum, A., Zarmi, I., & Reiter, G. (2017). U.S. Patent No. 9,853,956. Washington, DC: U.S. Patent and Trademark Office.

Kobayashi, H., Zhang, Z., Ochiai, H., & Esaki, H. (2019, August). Probing Firewalls of Malware-Infected Networks with Honeypot. In Proceedings of the 14th International Conference on Future Internet Technologies (pp. 1-4).

Wouters, N., Downs, J., Harrop, M., Cox, T., Oliveira, E., Webber, S., ... & Vande Moere, A. (2016, June). Uncovering the honeypot effect: How audiences engage with public interactive systems. In Proceedings of the 2016 ACM Conference on Designing Interactive Systems (pp. 5-16).