Presentation is loading. Please wait.

Presentation is loading. Please wait.

IMS 4212: Database Security 1 Dr. Lawrence West, Management Dept., University of Central Florida Data & Database Administration Security.

Published byGeorgia Briggs Modified over 8 years ago

Similar presentations

Presentation on theme: "IMS 4212: Database Security 1 Dr. Lawrence West, Management Dept., University of Central Florida Data & Database Administration Security."— Presentation transcript:

1 IMS 4212: Database Security 1 Dr. Lawrence West, Management Dept., University of Central Florida lwest@bus.ucf.edu Data & Database Administration Security Overview Physical Protection Network Protection Permissions Management Views as a Security Tool

2 IMS 4212: Database Security 2 Dr. Lawrence West, Management Dept., University of Central Florida lwest@bus.ucf.edu Database Security Database security is the management of risks and tradeoffs –The risk of a loss Destruction of data Theft of data Privacy issues (including legal liability) Database corruption Loss of availability –The cost of data security efforts

3 IMS 4212: Database Security 3 Dr. Lawrence West, Management Dept., University of Central Florida lwest@bus.ucf.edu Database Security (cont.) Name some database security measures and their costs What sorts of risks to they protect against?

4 IMS 4212: Database Security 4 Dr. Lawrence West, Management Dept., University of Central Florida lwest@bus.ucf.edu Security Action Categories Physical Protection Access Protection Protection in Transit Loss Prevention –Backup and Recovery plans covered next week

5 IMS 4212: Database Security 5 Dr. Lawrence West, Management Dept., University of Central Florida lwest@bus.ucf.edu Physical Protection Don’t forget the step of physically protecting access to your equipment and data Lock the door! Be aware of portable copies of data, who has them, where they are –Recent news stories

6 IMS 4212: Database Security 6 Dr. Lawrence West, Management Dept., University of Central Florida lwest@bus.ucf.edu Network Protection Use appropriate network access protections to guard against hacking into the network Be aware of security threats –Weaknesses in the operating system –Database vulnerabilities –Application vulnerabilities Expert consultation is desirable

7 IMS 4212: Database Security 7 Dr. Lawrence West, Management Dept., University of Central Florida lwest@bus.ucf.edu Authorization Rules or Permissions Authorization rules are permissions to perform certain actions on the database –Allow a user to view, edit, or add records to a table –Permissions are granted to Individuals Groups –Permissions are granted on Entire database Distinct objects (tables, views, indexes, etc.) Specific columns or rows

8 IMS 4212: Database Security 8 Dr. Lawrence West, Management Dept., University of Central Florida lwest@bus.ucf.edu Permissions DBA is usually granted authority to do anything in the database DBA may GRANT or REVOKE permissions to other users –May include permission to grant or revoke permission to others Users may be assigned to a group and permissions granted to a group Applications usually have security privileges established by the userid used in the connection string Application must have appropriate permissions

9 IMS 4212: Database Security 9 Dr. Lawrence West, Management Dept., University of Central Florida lwest@bus.ucf.edu Views as a Security Tool Views are query definitions stored in the DB A security measure may be to grant the user permission on the view but not to the underlying tables WHERE clauses in the view definition query can restrict rows Field list in the SELECT clause can restrict columns Views may be used like any other table in the DB See discussion of other security measures –Encryption, authentication

Download ppt "IMS 4212: Database Security 1 Dr. Lawrence West, Management Dept., University of Central Florida Data & Database Administration Security."

Similar presentations

Chapter 23 Database Security and Authorization Copyright © 2004 Pearson Education, Inc.

Chapter 23 Database Security and Authorization Copyright © 2004 Pearson Education, Inc.
Jan. 2014Dr. Yangjun Chen ACS-49021 Database security and authorization (Ch. 22, 3 rd ed. – Ch. 23, 4 th ed. – Ch. 24, 6 th )

Jan. 2014Dr. Yangjun Chen ACS Database security and authorization (Ch. 22, 3 rd ed. – Ch. 23, 4 th ed. – Ch. 24, 6 th )
Database Administration and Security Transparencies 1.

Database Administration and Security Transparencies 1.
Database Management System

Database Management System
Monday, 08 June 2015Dr. Mohamed Osman1 What is Database Administration A high level function (technical Function) that is responsible for ► physical DB.

Monday, 08 June 2015Dr. Mohamed Osman1 What is Database Administration A high level function (technical Function) that is responsible for ► physical DB.
10/25/2001Database Management -- R. Larson Data Administration and Database Administration University of California, Berkeley School of Information Management.

10/25/2001Database Management -- R. Larson Data Administration and Database Administration University of California, Berkeley School of Information Management.
1 7 Concepts of Database Management, 4 th Edition, Pratt & Adamski Chapter 7 DBMS Functions.

1 7 Concepts of Database Management, 4 th Edition, Pratt & Adamski Chapter 7 DBMS Functions.
Database Integrity, Security and Recovery Database integrity Database integrity Database security Database security Database recovery Database recovery.

Database Integrity, Security and Recovery Database integrity Database integrity Database security Database security Database recovery Database recovery.
1 8 Concepts of Database Management, 4 th Edition, Pratt & Adamski Chapter 8 Database Administration.

1 8 Concepts of Database Management, 4 th Edition, Pratt & Adamski Chapter 8 Database Administration.
DBMS Functions Data, Storage, Retrieval, and Update

DBMS Functions Data, Storage, Retrieval, and Update
Chapter 8 Security Transparencies © Pearson Education Limited 1995, 2005.

Chapter 8 Security Transparencies © Pearson Education Limited 1995, 2005.
IS 4420 Database Fundamentals Chapter 12: Data and Database Administration Leon Chen.

IS 4420 Database Fundamentals Chapter 12: Data and Database Administration Leon Chen.
Concepts of Database Management Seventh Edition

Concepts of Database Management Seventh Edition
Security Architecture Dr. Gabriel. Security Database security: –degree to which data is fully protected from tampering or unauthorized acts –Full understanding.

Security Architecture Dr. Gabriel. Security Database security: –degree to which data is fully protected from tampering or unauthorized acts –Full understanding.
DATABASE SECURITY By Oscar Suciadi CS 157B Prof. Sin-Min Lee.

DATABASE SECURITY By Oscar Suciadi CS 157B Prof. Sin-Min Lee.
Software Development Unit 2 Databases What is a database? A collection of data organised in a manner that allows access, retrieval and use of that data.

Software Development Unit 2 Databases What is a database? A collection of data organised in a manner that allows access, retrieval and use of that data.
10/5/1999Database Management -- R. Larson Data Administration and Database Administration University of California, Berkeley School of Information Management.

10/5/1999Database Management -- R. Larson Data Administration and Database Administration University of California, Berkeley School of Information Management.
© Pearson Education Limited, 20041 Chapter 5 Database Administration and Security Transparencies.

© Pearson Education Limited, Chapter 5 Database Administration and Security Transparencies.
© 2013 Pearson Education, Inc. Publishing as Prentice Hall 1 CHAPTER 11: DATA AND DATABASE ADMINISTRATION Modern Database Management 11 th Edition Jeffrey.

© 2013 Pearson Education, Inc. Publishing as Prentice Hall 1 CHAPTER 11: DATA AND DATABASE ADMINISTRATION Modern Database Management 11 th Edition Jeffrey.
ISOM MIS3150 Data and Info Mgmt Database Security Arijit Sengupta.

ISOM MIS3150 Data and Info Mgmt Database Security Arijit Sengupta.

Similar presentations

Ads by Google