Presentation is loading. Please wait.

Presentation is loading. Please wait.

DATABASE SECURITY By Oscar Suciadi CS 157B Prof. Sin-Min Lee.

Published byMarjory Hunter Modified over 8 years ago

Similar presentations

Presentation on theme: "DATABASE SECURITY By Oscar Suciadi CS 157B Prof. Sin-Min Lee."— Presentation transcript:

1 DATABASE SECURITY By Oscar Suciadi CS 157B Prof. Sin-Min Lee

2 Definition Database Security is the mechanism that protect the database against intentional or accidental threats. We consider database security in relation to the following situations: - Theft and Fraud - Loss of confidentiality

3 Introduction – Loss of privacy – Loss of integrity – Loss of availability Threat is any intentional or accidental event that may adversely affect the system. any intentional or accidental event that may adversely affect the system.

4 Introduction (Cont) Examples of threats: - Using another person’s log-in name to access data access data - Unauthorized copying data - Program/Data alteration - Illegal entry by hacker - Viruses - Etc.

5 Countermeasures Computer-Based Controls: - Authorization - Views - Backup and Recovery - Integrity - Encryption - RAID Technology

6 Authorization The granting of a privilege that enable a user to have a legitimate access to a system. They are sometimes referred as access controls. The process of authorization involves authenticating the user requesting access to objects.

7 Authenticating Means a mechanism that determines whether a user is who he/she claim to be. A system administrator is responsible for allowing users to have access to the system by creating individual user accounts.

8 Closed Vs Open Systems Closed Systems Some DBMS required authorization for authorized DBMS users to access specific objects. Some DBMS required authorization for authorized DBMS users to access specific objects. Open Systems Allow users to have complete access to all objects within the database. Allow users to have complete access to all objects within the database.

9 A DBMS may permit both individual user identifiers and group identifiers to be created. Certain privileges may be associated with specific identifiers, which indicate what kind of privilege is allowed with certain with certain database objects.

10 Each privileges has a binary value associated with it. The binary values are summed and the total value indicates what privileges are allowed for a specific user or group with a particular object.

11 User & Group Identifier User Identifier TypeGroup Member Identifier SG37UserSalesSG37 SG14UserSalesSG14 SG5User SalesGroup

12 Access Control Matrix User Identifier Property#TypePriceOwner#Staff#Branch# Query Row Limit Sales00010001000100000000000015 SG37010101010111010101110000100 SG5111111111111111111111111none SELECTUPDATEINSERTDELETEALL00010010010010001111

13 Views Is the dynamic result of one or more relational operations operating on the base relations to produce another relation. A view is a virtual relation that does not actually exist in the database, but is produced upon request by a particular user, at the time of request.

14 Views (Cont) The view mechanism provides a powerful and flexible security mechanism by hiding parts of the database from certain users. The user is not aware of the existence of any attributes or rows that are missing from the view.

15 Backup & Recovery Is the process of periodically taking a copy of the database and log file on to offline storage media. DBMS should provide backup facilities to assist with the recovery of a database failure.

16 Integrity Maintaining a secure database system by preventing data from becoming invalid.

17 Encryption The encoding of data by a special algorithm that renders the data unreadable by any program without the decryption key. There will be degradation in performance because of the time taken to decode it. It also protects the data transmitted over communication lines.

18 RAID Redundant Array of Independent Disks The hardware that the DBMS is running on must be fault-tolerant, meaning that the DBMS should continue to operate even if one of the hardware components fails. One solution is the use of RAID technology.

19 RAID (Cont) RAID works on having a large disk array comprising an arrangement of several independent disks that are organized to improve reliability and at the same time increase performance.

Download ppt "DATABASE SECURITY By Oscar Suciadi CS 157B Prof. Sin-Min Lee."

Similar presentations

Chapter 23 Database Security and Authorization Copyright © 2004 Pearson Education, Inc.

Chapter 23 Database Security and Authorization Copyright © 2004 Pearson Education, Inc.
II.I Selected Database Issues: 1 - SecuritySlide 1/20 II. Selected Database Issues Part 1: Security Lecture 2 Lecturer: Chris Clack 3C13/D6.

II.I Selected Database Issues: 1 - SecuritySlide 1/20 II. Selected Database Issues Part 1: Security Lecture 2 Lecturer: Chris Clack 3C13/D6.
Database Management System MIS 520 – Database Theory Fall 2001 (Day) Lecture 13.

Database Management System MIS 520 – Database Theory Fall 2001 (Day) Lecture 13.
Database Administration and Security Transparencies 1.

Database Administration and Security Transparencies 1.
Security and Integrity

Security and Integrity
Database Management System

Database Management System
Monday, 08 June 2015Dr. Mohamed Osman1 What is Database Administration A high level function (technical Function) that is responsible for ► physical DB.

Monday, 08 June 2015Dr. Mohamed Osman1 What is Database Administration A high level function (technical Function) that is responsible for ► physical DB.
Systems Analysis and Design in a Changing World, 6th Edition

Systems Analysis and Design in a Changing World, 6th Edition
Security Dale-Marie Wilson, Ph.D.. Why Database Security? Data Valuable resource Must be strictly controlled and managed Corporate resource Have strategic.

Security Dale-Marie Wilson, Ph.D.. Why Database Security? Data Valuable resource Must be strictly controlled and managed Corporate resource Have strategic.
Evidor: The Evidence Collector Software using for: Software for lawyers, law firms, corporate law and IT security departments, licensed investigators,

Evidor: The Evidence Collector Software using for: Software for lawyers, law firms, corporate law and IT security departments, licensed investigators,
Concurrency Control. R/RR/W W/W User 2 ReadWrite User 1 Read Write R/W: Inconsistent Read problem. W/W: Lost Update problem.

Concurrency Control. R/RR/W W/W User 2 ReadWrite User 1 Read Write R/W: Inconsistent Read problem. W/W: Lost Update problem.
Web Site Security ISYS 512/812. Authentication Authentication is the process that determines the identity of a user. Web.config file – node Options: –Windows:

Web Site Security ISYS 512/812. Authentication Authentication is the process that determines the identity of a user. Web.config file – node Options: –Windows:
1 Minggu 7, Pertemuan 13 Security Matakuliah: T0206-Sistem Basisdata Tahun: 2005 Versi: 1.0/0.0.

1 Minggu 7, Pertemuan 13 Security Matakuliah: T0206-Sistem Basisdata Tahun: 2005 Versi: 1.0/0.0.
Chapter 8 Security Transparencies © Pearson Education Limited 1995, 2005.

Chapter 8 Security Transparencies © Pearson Education Limited 1995, 2005.
Chapter 16 Security. 2 Chapter 16 - Objectives u The scope of database security. u Why database security is a serious concern for an organization. u The.

Chapter 16 Security. 2 Chapter 16 - Objectives u The scope of database security. u Why database security is a serious concern for an organization. u The.
Chapter 19 Security.

Chapter 19 Security.
Chapter 19 Security Transparencies © Pearson Education Limited 1995, 2005.

Chapter 19 Security Transparencies © Pearson Education Limited 1995, 2005.
Business Intelligence: Data and Text Management Instructor: Bajuna Salehe Web:

Business Intelligence: Data and Text Management Instructor: Bajuna Salehe Web:
DATABASE ADMINISTRATION AND SECURITY

DATABASE ADMINISTRATION AND SECURITY
Chapter 19 Security Transparencies. 2 Chapter 19 - Objectives Scope of database security. Why database security is a serious concern for an organization.

Chapter 19 Security Transparencies. 2 Chapter 19 - Objectives Scope of database security. Why database security is a serious concern for an organization.

Similar presentations

Ads by Google