Presentation is loading. Please wait.

Presentation is loading. Please wait.

ITN270.001 Wake Tech1 ITN270 Advanced Internet Databases Lecture 16. Security, Database Backups, Maintenance & Repair Topics: – Internal Security – External.

Published byCleopatra Miles Modified over 8 years ago

Similar presentations

Presentation on theme: "ITN270.001 Wake Tech1 ITN270 Advanced Internet Databases Lecture 16. Security, Database Backups, Maintenance & Repair Topics: – Internal Security – External."— Presentation transcript:

1 ITN270.001 Wake Tech1 ITN270 Advanced Internet Databases Lecture 16. Security, Database Backups, Maintenance & Repair Topics: – Internal Security – External Security –Backups –Maintenance & Repair

2 ITN270.001 Wake Tech2 Internal Security Issues related to file access authorizations –Server Binary Files Only Administrator can access –Client programs Accessible to users so they can run the programs –Files created after the initial installation (option files, SSL-related files, database directory) Administrator

3 ITN270.001 Wake Tech3 Internal Security Access to files in data directory How to steal data –Six steps (Refer to your textbook) Securing Your MySQL Installation –Change owner for the following directory except the data directory #chown -R root.mysqlgrp /usr/local/mysql #chown -R mysqladm.mysqlgrp /usr/local/mysql/data

4 ITN270.001 Wake Tech4 Internal Security Change the mode of base directory & its subdirectory: –chmod 755 /usr/local/mysql mysqladm has full access and everyone else has only read and execute permission –chmod 755 /usr/local/mysql/bin –chmod 700 /usr/local/mysql/libexec clients do not have permission to access –change mode of data directory chmod -R go-rwx /usr/local/mysql/data –only account for running the server can directly access the data directory

5 ITN270.001 Wake Tech5 Internal Security Securing the Socket File –for connection by the client to the local host –change the mode so that users can only remove the files they created Securing Option files –should not be exposed

6 ITN270.001 Wake Tech6 External Security GRANT & REVOKE statements to set up & modify user access to MySQL Structure & Contents of Grant Tables:

7 ITN270.001 Wake Tech7 External Security Structure & Contents of Grant Tables: –user accounts for users may connect to the server password, global privileges - apply to all databases –db which accounts have privileges for which databases Privileges apply to all tables in a database –tables_priv table level privileges apply to all columns in a table –columns_priv column-level privilege

8 ITN270.001 Wake Tech8 Setting up MySQL accounts Without GRANT Statements Modify the grant tables directly Examples: –GRANT ALL ON *.* TO ‘userid’@’localhost’ IDENTIFIED BY ‘password’ WITH GRANT OPTION –INSERT INTO user VALUES(‘localhost’, ‘userid’, PASSWORD(‘password’), ‘Y’, ‘Y’, ‘Y’, ‘Y’, ‘Y’, ‘Y’, ‘Y’, ‘Y’, ‘Y’, ‘Y’, ‘Y’, ‘Y’, ‘Y’, ‘Y’);

9 ITN270.001 Wake Tech9 Setting Up Secure Connections Localhost –No need to have SSL in the connection Remote access: –GRANT ALL ON finance.* TO ‘userid’@’et219-1’ IDENTIFIED BY ‘password’ REQUIR SSL,

10 ITN270.001 Wake Tech10 Locking a database/table for read Lock a Table –LOCK TABLE tb_name READ RELEASE TABLE LOCK –UNLOCK TABLE; Locking All Database for READ access –FLUSH TABLES WITH READ LOCK RELEASE the LOCK –UNLOCK TABLES;

11 ITN270.001 Wake Tech11 Database Backups %mysqlsump *.* > filename direct copy –cp /usr/local/mysql/data/? Filename

12 ITN270.001 Wake Tech12 Table Repair and Data Recovery Checking & Reparing Database Tables –Checking - myisamchk myisamchk tbl_name myisamchk --check tbl_name –Reparing - myisamchk myisamchk --recover --quick tbl_name myisamchk --recover tbl_name myisamchk --safe-recover tble_name

13 ITN270.001 Wake Tech13 Table Repair and Data Recovery Checking & Reparing Tables Using the Server –CHECK mysqlcheck db_name; mysqlcheck db_name tb_name1, tb_name2 mysqlcheck --database db_name1 db_name2 mysqlcheck --all-databases –REPAIR mysqlcheck --repair ?? mysqlcheck --repair --quick ?? Mysqlcheck --repair --extended ??

14 ITN270.001 Wake Tech14 Table Repair and Data Recovery Recovering an entire database –Logfiles

Download ppt "ITN270.001 Wake Tech1 ITN270 Advanced Internet Databases Lecture 16. Security, Database Backups, Maintenance & Repair Topics: – Internal Security – External."

Similar presentations

MySQL Access Privilege System

MySQL Access Privilege System
13 Copyright © Oracle Corporation, 2001. All rights reserved. Controlling User Access.

13 Copyright © Oracle Corporation, All rights reserved. Controlling User Access.
Security Pertemuan 7 Matakuliah: T0413 Tahun: 2009.

Security Pertemuan 7 Matakuliah: T0413 Tahun: 2009.
Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.

Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.
1 Configuring Web services (Week 15, Monday 4/17/2006) © Abdou Illia, Spring 2006.

1 Configuring Web services (Week 15, Monday 4/17/2006) © Abdou Illia, Spring 2006.
Linux+ Guide to Linux Certification, Second Edition

Linux+ Guide to Linux Certification, Second Edition
User Accounts and Permissions Chapter IV / Part II.

User Accounts and Permissions Chapter IV / Part II.
Chapter 10 Overview  Implement Microsoft Windows Authentication Mode and Mixed Mode  Assign login accounts to database user accounts and roles  Assign.

Chapter 10 Overview  Implement Microsoft Windows Authentication Mode and Mixed Mode  Assign login accounts to database user accounts and roles  Assign.
Linux File Security. What is Permission ? Specifies what right are granting to users to access the resources available in the computer. So that important.

Linux File Security. What is Permission ? Specifies what right are granting to users to access the resources available in the computer. So that important.
Group Accounts; Securing Resources with Permissions

Group Accounts; Securing Resources with Permissions
Authentication and authorization Access control consists of two steps, authentication and authorization. Subject Do operation Reference monitor Object.

Authentication and authorization Access control consists of two steps, authentication and authorization. Subject Do operation Reference monitor Object.
Default: Zoom 65% then screenshot. DB XStudio tests Launcher DB XStudio XAgent tests Backup DB tests Launcher.

Default: Zoom 65% then screenshot. DB XStudio tests Launcher DB XStudio XAgent tests Backup DB tests Launcher.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 3 Administration of Users.

Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 3 Administration of Users.
ITN270.001 Wake Tech1 ITN270 Advanced Internet Databases Lecture 14. Introduction to MySQL Administration and the MySQL Data Directory Topics: –Overview.

ITN Wake Tech1 ITN270 Advanced Internet Databases Lecture 14. Introduction to MySQL Administration and the MySQL Data Directory Topics: –Overview.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 3 Administration of Users.

Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 3 Administration of Users.
Help session: Unix basics Keith 9/9/2011. Login in Unix lab  User name: ug0xx Password: ece321 (initial)  The password will not be displayed on the.

Help session: Unix basics Keith 9/9/2011. Login in Unix lab  User name: ug0xx Password: ece321 (initial)  The password will not be displayed on the.
SQL HW1 Turn in as a hardcopy at the start of next class period. You may work this assignment in groups.

SQL HW1 Turn in as a hardcopy at the start of next class period. You may work this assignment in groups.
Mass user creation On our servers is used the convention, that each of user has only one database, which has the same name, as the user itself. This method.

Mass user creation On our servers is used the convention, that each of user has only one database, which has the same name, as the user itself. This method.
Today’s Objectives Chapters 10 and 11 Security in SQL Server –Manage server logins and database users. –Manage server-level, database-level, and application.

Today’s Objectives Chapters 10 and 11 Security in SQL Server –Manage server logins and database users. –Manage server-level, database-level, and application.
CHAPTER 6 Users and Basic Security. Progression of Steps for Creating a Database Environment 1. Install Oracle database binaries (Chapter 1) 2. Create.

CHAPTER 6 Users and Basic Security. Progression of Steps for Creating a Database Environment 1. Install Oracle database binaries (Chapter 1) 2. Create.

Similar presentations

Ads by Google