Presentation is loading. Please wait.

Presentation is loading. Please wait.

CSCI 3140 Module 6 – Database Security Theodore Chiasson Dalhousie University.

Published byAileen Lang Modified over 8 years ago

Similar presentations

Presentation on theme: "CSCI 3140 Module 6 – Database Security Theodore Chiasson Dalhousie University."— Presentation transcript:

1 CSCI 3140 Module 6 – Database Security Theodore Chiasson Dalhousie University

2 Database Security Threats to database security include: –Theft and fraud –Loss of confidentiality –Loss of privacy –Loss of integrity –Loss of availability Computer-based controls to mitigate threats include: –Authorization –Views –Backup and recovery –Integrity –Encryption –RAID technology

3 Database Security Authorization –Access control –Involves authentication of subjects requesting access to objects –SQL commands GRANT and REVOKE select/update/insert/delete Views (Subschemas) –The dynamic result of one or more relational operations operating on base relations to produce another relation –A virtual relation that does not actually exist in the database but is produced upon request –Used to hide parts of the database from certain users

4 Database Security Backup and Recovery –Backup is the process of periodically taking a copy of the database and log file on to offline storage media –Journaling is the process of keeping and maintaining a log file or journal of all changes made to the database to enable recovery in the event of a failure –Journaling allows the database to be recovered after a failure to its last known consistent state using a backup of the database together with the log file –Without a log file, any changes to the database after the most recent backup are lost in the event of a failure Integrity –Applying integrity constraints prevents the database from entering an inconsistent state during normal operation

5 Database Security Encryption –The encoding of data by a special algorithm that renders the data unreadable by any program without the decryption key –Cryptosystem Encryption key Encryption algorithm Decryption key Decryption algorithm –Symmetric encryption Same key and algorithm for encryption and decryption –Asymmetric encryption Different keys for encryption and decryption Public key cryptography RAID (Redundant Array of Independent Disks) –Increased performance through data striping –Parity or error-correcting scheme improves reliability

6 Database Security Security in Oracle DBMS –Privileges A right to execute a particular type of SQL statement or to access another user’s objects Connect to a database Create a table Select rows from another user’s tables –System privileges The right to perform a particular action or to perform an action on any schema object of a particular type –Object privileges The right to perform a particular action on a specific table, view, sequence, procedure, function or package –ALTER, DELETE, INDEX, INSERT, REFERENCES, SELECT, UPDATE –Roles Privileges can be granted to a role, and then the role can be granted to a user

7 Database Security DBMSs and Web Security –Proxy servers Improve performance Filter requests –Firewalls Prevents unauthorized access to or from a private network Packet filter Application gateway Circuit-level gateway Proxy server –Message Digest Algorithms and Digital Signatures –Digital Certificates –SSL –SET –Java Security –ActiveX

Download ppt "CSCI 3140 Module 6 – Database Security Theodore Chiasson Dalhousie University."

Similar presentations

Database Security Issues Reading: CB, Ch 20. Dept. of Computing Science, University of Aberdeen2 In this lecture you will learn The value of maintaining.

Database Security Issues Reading: CB, Ch 20. Dept. of Computing Science, University of Aberdeen2 In this lecture you will learn The value of maintaining.
Chapter 23 Database Security and Authorization Copyright © 2004 Pearson Education, Inc.

Chapter 23 Database Security and Authorization Copyright © 2004 Pearson Education, Inc.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
II.I Selected Database Issues: 1 - SecuritySlide 1/20 II. Selected Database Issues Part 1: Security Lecture 2 Lecturer: Chris Clack 3C13/D6.

II.I Selected Database Issues: 1 - SecuritySlide 1/20 II. Selected Database Issues Part 1: Security Lecture 2 Lecturer: Chris Clack 3C13/D6.
Database Administration and Security Transparencies 1.

Database Administration and Security Transparencies 1.
Security and Integrity

Security and Integrity
Database Management System

Database Management System
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 5 Database Application Security Models.

Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 5 Database Application Security Models.
Security Dale-Marie Wilson, Ph.D.. Why Database Security? Data Valuable resource Must be strictly controlled and managed Corporate resource Have strategic.

Security Dale-Marie Wilson, Ph.D.. Why Database Security? Data Valuable resource Must be strictly controlled and managed Corporate resource Have strategic.
Concurrency Control. R/RR/W W/W User 2 ReadWrite User 1 Read Write R/W: Inconsistent Read problem. W/W: Lost Update problem.

Concurrency Control. R/RR/W W/W User 2 ReadWrite User 1 Read Write R/W: Inconsistent Read problem. W/W: Lost Update problem.
Web Site Security ISYS 512/812. Authentication Authentication is the process that determines the identity of a user. Web.config file – node Options: –Windows:

Web Site Security ISYS 512/812. Authentication Authentication is the process that determines the identity of a user. Web.config file – node Options: –Windows:
1 Minggu 7, Pertemuan 13 Security Matakuliah: T0206-Sistem Basisdata Tahun: 2005 Versi: 1.0/0.0.

1 Minggu 7, Pertemuan 13 Security Matakuliah: T0206-Sistem Basisdata Tahun: 2005 Versi: 1.0/0.0.
Concurrency Control. R/RR/W W/W User 2 ReadWrite User 1 Read Write R/W: Inconsistent Read problem. W/W: Lost Update problem.

Concurrency Control. R/RR/W W/W User 2 ReadWrite User 1 Read Write R/W: Inconsistent Read problem. W/W: Lost Update problem.
Manajemen Basis Data Pertemuan 1 Matakuliah: M0264/Manajemen Basis Data Tahun: 2008.

Manajemen Basis Data Pertemuan 1 Matakuliah: M0264/Manajemen Basis Data Tahun: 2008.
Chapter 8 Security Transparencies © Pearson Education Limited 1995, 2005.

Chapter 8 Security Transparencies © Pearson Education Limited 1995, 2005.
Chapter 16 Security. 2 Chapter 16 - Objectives u The scope of database security. u Why database security is a serious concern for an organization. u The.

Chapter 16 Security. 2 Chapter 16 - Objectives u The scope of database security. u Why database security is a serious concern for an organization. u The.
Chapter 5 Database Application Security Models

Chapter 5 Database Application Security Models
Chapter 19 Security.

Chapter 19 Security.
File System Security Jason Eick and Evan Nelson. What does a file system do? A file system is a method for storing and organizing computer files and the.

File System Security Jason Eick and Evan Nelson. What does a file system do? A file system is a method for storing and organizing computer files and the.
Chapter 19 Security Transparencies © Pearson Education Limited 1995, 2005.

Chapter 19 Security Transparencies © Pearson Education Limited 1995, 2005.

Similar presentations

Ads by Google