By Oscar Suciadi CS 157B Prof. Sin-Min Lee

Slides:



Advertisements
Similar presentations
Chapter 23 Database Security and Authorization Copyright © 2004 Pearson Education, Inc.
Advertisements

II.I Selected Database Issues: 1 - SecuritySlide 1/20 II. Selected Database Issues Part 1: Security Lecture 2 Lecturer: Chris Clack 3C13/D6.
Database Management System MIS 520 – Database Theory Fall 2001 (Day) Lecture 13.
Database Administration and Security Transparencies 1.
Security and Integrity
Database Management System
Monday, 08 June 2015Dr. Mohamed Osman1 What is Database Administration A high level function (technical Function) that is responsible for ► physical DB.
Security Dale-Marie Wilson, Ph.D.. Why Database Security? Data Valuable resource Must be strictly controlled and managed Corporate resource Have strategic.
Evidor: The Evidence Collector Software using for: Software for lawyers, law firms, corporate law and IT security departments, licensed investigators,
Concurrency Control. R/RR/W W/W User 2 ReadWrite User 1 Read Write R/W: Inconsistent Read problem. W/W: Lost Update problem.
Web Site Security ISYS 512/812. Authentication Authentication is the process that determines the identity of a user. Web.config file – node Options: –Windows:
1 Minggu 7, Pertemuan 13 Security Matakuliah: T0206-Sistem Basisdata Tahun: 2005 Versi: 1.0/0.0.
Chapter 8 Security Transparencies © Pearson Education Limited 1995, 2005.
Chapter 16 Security. 2 Chapter 16 - Objectives u The scope of database security. u Why database security is a serious concern for an organization. u The.
Chapter 19 Security.
Chapter 19 Security Transparencies © Pearson Education Limited 1995, 2005.
DATABASE SECURITY By Oscar Suciadi CS 157B Prof. Sin-Min Lee.
DATABASE ADMINISTRATION AND SECURITY
Introduction to Databases and Database Languages
Chapter 19 Security Transparencies. 2 Chapter 19 - Objectives Scope of database security. Why database security is a serious concern for an organization.
II.I Selected Database Issues: 1 - SecuritySlide 1/24 II. Selected Database Issues Part 1: Security Lecture 1 Lecturer: Chris Clack 3C13/D6.
© Pearson Education Limited, Chapter 5 Database Administration and Security Transparencies.
D ATABASE A DMINISTRATION L ECTURE N O 4 Muhammad Abrar.
Security of Data. Key Ideas from syllabus Security of data Understand the importance of and the mechanisms for maintaining data security Understand the.
ISOM MIS3150 Data and Info Mgmt Database Security Arijit Sengupta.
DBSQL 7-1 Copyright © Genetic Computer School 2009 Chapter 7 Transaction Management, Database Security and Recovery.
Systems Analysis and Design in a Changing World, 6th Edition 1 Chapter 12 - Databases, Controls, and Security.
Security and Transaction Nhi Tran CS 157B - Dr. Lee Fall, 2003.
The protection of the DB against intentional or unintentional threats using computer-based or non- computer-based controls. Database Security – Part 2.
CS 3630 Database Design and Implementation Dr. Qi Yang 213 Ullrich My Home Page: The Class Page:
D ATABASE A DMINISTRATION L ECTURE N O 3 Muhammad Abrar.
Section 3 Database Security. 3-2 CA306 Introduction Section Content 3.1 Security Overview 3.2 Security Controls 3.3 Views 3.4 Security in Oracle 3.5 Web.
Chapter 1 Introduction to Databases. 1-2 Chapter Outline   Common uses of database systems   Meaning of basic terms   Database Applications  
CSCI 3140 Module 6 – Database Security Theodore Chiasson Dalhousie University.
11/4/2012ISC239 Isabelle Bichindaritz1 Database Security.
Database Security Tampere University of Technology, Introduction to Databases. Oleg Esin.
Data security refers to protective digital privacy measures that are applied to prevent unauthorized access to computers, databases and websites. Data.
CSC271 Database Systems Lecture # 31. Summary: Previous Lecture  Remaining steps/activities in  Physical database design methodology  Monitoring and.
Chapter 11 Database Security: An Introduction Copyright © 2004 Pearson Education, Inc.
1 Chapter 7 Data Protection Data Recovery As with almost all complex forms of computer hardware and software, there is always the possibility.
DATA SECURITY. Security considerations apply not only to the data held in the database Breaches of security may affect other parts of the system which.
Web Database Security Session 12 & 13 Matakuliah: Web Database Tahun: 2008.
Database Security. Introduction to Database Security Issues (1) Threats to databases Loss of integrity Loss of availability Loss of confidentiality To.
Database Security Threats. Database An essential corporate resource Data is a valuable resource Must be strictly controlled, managed and secured May have.
SYSTEMS IMPLEMENTATION TECHNIQUES TRANSACTION PROCESSING DATABASE RECOVERY DATABASE SECURITY CONCURRENCY CONTROL.
Manajemen Jaringan, Sukiswo ST, MT 1 Network Control Sukiswo
TM 13-1 Copyright © 1999 Addison Wesley Longman, Inc. Data and Database Administration.
What is Database Administration ?
Chapter Name September 98 Security by Adrienne Watt.
Database System Implementation CSE 507
Securing Network Servers
Managing Multi-User Databases
Data and database administration
Database Security and Authorization
CS 3630 Database Design and Implementation
Security and Administration Transparencies
Functions of a Database Management System
GROUP MEMBERS:  USMAN AFZAL F  NAEEM SHAHZAD F  BASIT MUNIR F  H.M.TAYYAB MUSHTAQ F  AROOJA HAMID QURESHI F
Managing Multi-user Databases
By Oscar Suciadi CS 157B Prof. Sin-Min Lee
LM 8 Data Administration & Database Administration
Database solutions Database environment Marzena Nowakowska Faculty of Management and Computer Modelling Kielce University of Technology rooms: 3.21 C,
Database Security &Threats
Database Security Transactions
DATABASE SECURITY For CSCL (BIM).
By Oscar Suciadi CS 157B Prof. Sin-Min Lee
Implementation of security elements in database
DBMS Module III DBMS
Views Base Relation View
Presentation transcript:

By Oscar Suciadi CS 157B Prof. Sin-Min Lee DATABASE SECURITY By Oscar Suciadi CS 157B Prof. Sin-Min Lee

Definition Database Security is the mechanism that protect the database against intentional or accidental threats. We consider database security in relation to the following situations: - Theft and Fraud - Loss of confidentiality

Introduction Loss of integrity Loss of availability Threat is Loss of privacy Loss of integrity Loss of availability Threat is any intentional or accidental event that may adversely affect the system.

Introduction (Cont) Examples of threats: - Using another person’s log-in name to access data - Unauthorized copying data - Program/Data alteration - Illegal entry by hacker - Viruses - Etc.

Countermeasures Computer-Based Controls: - Authorization - Views - Backup and Recovery - Integrity - Encryption - RAID Technology

Authorization The granting of a privilege that enable a user to have a legitimate access to a system. They are sometimes referred as access controls. The process of authorization involves authenticating the user requesting access to objects.

Authenticating Means a mechanism that determines whether a user is who he/she claim to be. A system administrator is responsible for allowing users to have access to the system by creating individual user accounts.

Closed Vs Open Systems Closed Systems Some DBMS required authorization for authorized DBMS users to access specific objects. Open Systems Allow users to have complete access to all objects within the database.

A DBMS may permit both individual user identifiers and group identifiers to be created. Certain privileges may be associated with specific identifiers, which indicate what kind of privilege is allowed with certain with certain database objects.

Each privileges has a binary value associated with it Each privileges has a binary value associated with it. The binary values are summed and the total value indicates what privileges are allowed for a specific user or group with a particular object.

User & Group Identifier User Identifier Type Group Member Identifier SG37 User Sales SG14 SG5

Access Control Matrix User Identifier Property# Type Price Owner# Staff# Branch# Query Row Limit Sales 0001 0000 15 SG37 0101 0111 100 SG5 1111 none SELECT UPDATE INSERT DELETE ALL 0001 0010 0100 1000 1111

Views Is the dynamic result of one or more relational operations operating on the base relations to produce another relation. A view is a virtual relation that does not actually exist in the database, but is produced upon request by a particular user, at the time of request.

Views (Cont) The view mechanism provides a powerful and flexible security mechanism by hiding parts of the database from certain users. The user is not aware of the existence of any attributes or rows that are missing from the view.

Backup & Recovery Is the process of periodically taking a copy of the database and log file on to offline storage media. DBMS should provide backup facilities to assist with the recovery of a database failure.

Integrity Maintaining a secure database system by preventing data from becoming invalid.

Encryption The encoding of data by a special algorithm that renders the data unreadable by any program without the decryption key. There will be degradation in performance because of the time taken to decode it. It also protects the data transmitted over communication lines.

RAID Redundant Array of Independent Disks The hardware that the DBMS is running on must be fault-tolerant, meaning that the DBMS should continue to operate even if one of the hardware components fails. One solution is the use of RAID technology.

RAID (Cont) RAID works on having a large disk array comprising an arrangement of several independent disks that are organized to improve reliability and at the same time increase performance.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.