Database security Diego Abella. Database security Global connection increase database security problems. Database security is the system, processes, and.

Slides:



Advertisements
Similar presentations
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Advertisements

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
Chapter 9: Privacy, Crime, and Security
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
Systems Analysis and Design in a Changing World, 6th Edition
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
Security A system is secure if its resources are used and accessed as intended under all circumstances. It is not generally possible to achieve total security.
Database Integrity, Security and Recovery Database integrity Database integrity Database security Database security Database recovery Database recovery.
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart1 of 222 C HAPTER 7 Information Systems Controls for Systems.
NETWORKS Lauren Hickman Patrick McCamy Morgan Pace Noah Ryder.
Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Silberschatz, Galvin and Gagne  Operating System Concepts Module 19: Security The Security Problem Authentication Program Threats System Threats.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.
INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.
Digital Signature Technologies & Applications Ed Jensen Fall 2013.
D ATABASE S ECURITY Proposed by Abdulrahman Aldekhelallah University of Scranton – CS521 Spring2015.
Chapter 5: Networks, Internet & Ecommerce IT Auditing & Assurance, 2e, Hall & Singleton.
SEC835 Database and Web application security Information Security Architecture.
Networks and Security. Types of Attacks/Security Issues  Malware  Viruses  Worms  Trojan Horse  Rootkit  Phishing  Spyware  Denial of Service.
Introduction to Information and Computer Science Security Lecture b This material (Comp4_Unit8b) was developed by Oregon Health and Science University,
Silberschatz and Galvin  Operating System Concepts Module 20: Security The Security Problem Authentication Program Threats System Threats Threat.
Component 4: Introduction to Information and Computer Science Unit 8: Security Lecture 2 This material was developed by Oregon Health & Science University,
Security Security is a measure of the system’s ability to protect data and information from unauthorized access while still providing access to people.
E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.
General Key Management Guidance. Key Management Policy  Governs the lifecycle for the keying material  Hope to minimize additional required documentation.
Chapter 37 Network Security. Aspects of Security data integrity – data received should be same as data sent data availability – data should be accessible.
Security Mark A. Magumba. Definitions Security implies the minimization of threats and vulnerabilities A security threat is a harmful event or object.
Cryptography Encryption/Decryption Franci Tajnik CISA Franci Tajnik.
Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.
Cryptography, Authentication and Digital Signatures
CHAPTER 7: PRIVACY, CRIME, AND SECURITY. Privacy in Cyberspace  Privacy: an individual’s ability to restrict or eliminate the collection, use and sale.
© Oxford University Press 2011 DISTRIBUTED COMPUTING Sunita Mahajan Sunita Mahajan, Principal, Institute of Computer Science, MET League of Colleges, Mumbai.
CSCD 218 : DATA COMMUNICATIONS AND NETWORKING 1
Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.
NDSU Lunchbytes "Are They Really Who They Say They Are?" Digital or Electronic Signature Information Rick Johnson, Theresa Semmens, Lorna Olsen April 24,
Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.
Module 4 Quiz. 1. Which of the following statements about Network Address Translation (NAT) are true? Each correct answer represents a complete solution.
1 Class 15 System Security. Outline Security Threats (External: malware, spoofing/phishing, sniffing, & data theft: Internal: unauthorized data access,
Information Security What is Information Security?
Security Many secure IT systems are like a house with a locked front door but with a side window open -somebody.
1 Normal executable Infected executable Sequence of program instructions Entry Original program Entry Jump Replication and payload Viruses.
1 Network and E-commerce Security Nungky Awang Chandra Fasilkom Mercu Buana University.
1 CMPT 471 Networking II Authentication and Encryption © Janice Regan,
Electronic Commerce School of Library and Information Science PGP and cryptography I. What is encryption? Cryptographic systems II. What is PGP? How does.
Database Security Cmpe 226 Fall 2015 By Akanksha Jain Jerry Mengyuan Zheng.
Deck 10 Accounting Information Systems Romney and Steinbart Linda Batch March 2012.
IAD 2263: System Analysis and Design Chapter 7: Designing System Databases, Interfaces and Security.
Jump to first page Internet Security in Perspective Yong Cao December 2000.
E-Commerce E-Commerce Security?? Instructor: Safaa S.Y. Dalloul E-Business Level Try to be the Best.
Vijay V Vijayakumar.  Implementations  Server Side Security  Transmission Security  Client Side Security  ATM’s.
M2 Encryption techniques Gladys Nzita-Mak. What is encryption? Encryption is the method of having information such as text being converted into a format.
Integrating the Healthcare Enterprise The Integration Profiles: Basic Security Profile.
Security Issues in Information Technology
Security Outline Encryption Algorithms Authentication Protocols
A Wireless LAN Security Protocol
SECURITY in IT ~Shikhar Agarwal.
Chapter 17 Risks, Security and Disaster Recovery
IS4550 Security Policies and Implementation
12: Security The Security Problem Authentication Program Threats
Message Digest Cryptographic checksum One-way function Relevance
Computer Security.
Computer Security.
Security.
Module 2 OBJECTIVE 14: Compare various security mechanisms.
Operating System Concepts
Operating System Concepts
Instructor Materials Chapter 5: Ensuring Integrity
Presentation transcript:

Database security Diego Abella

Database security Global connection increase database security problems. Database security is the system, processes, and procedures that protect a database from unintended activity. Unintended activities: Authenticated misuse Malicious attacks Inadvertent mistakes made by authorized individuals or processes

Database security Databases were connected to the internet, but the problems started. Firewalls and routers Your company Database Internet Firewall

DB security types – Access control Is the ability to permit or deny the use of a particular resource by a particular entity. Logical resources (a bank account, with a limited number of people authorized to make a withdrawal) Digital resources (a private text document on a computer, which only certain users should be able to read).

DB security types – Access control Risks: Tailgating and piggybacking : practice of an unauthorized person following an authorized person through an opened door. An intruder could open a door by accessing exit button wiring. The intruder could also open a door by shorting the door contact wires and cutting the wires going to the electric lock.

DB security types – Auditing Is the evaluation process to the Database. Audits are performed to ascertain the validity and reliability of information, and also provide an assessment of a system's internal control. The goal of an DB audit is to express an opinion on the database under evaluation based on work done on a test basis. There are two types of DB auditors: Internal auditors External auditors

DB security types – Authentication Authentication is the process to verify if a person or a process are authorized to execute a database activity. Examples: Logging in to a computer. ATM Some web pages Single sign on

DB security types – Encryption Encryption is the process of transforming information (referred to as plaintext) using an algorithm to make it unreadable to anyone except for those who are authorized. Decryption (inverse process). Critical type of security when information is out of LAN It can protect the confidentiality of messages, but other techniques are still needed to protect the integrity and authenticity of a message; for example, verification of a message authentication code or a digital signature.

DB security types – Data integrity Is the process of ensuring that a database has a close correspondence between the facts stored in the database and the real world it models. Three types of integrity constraints are an inherent to databases: Entity integrity: concept of primary key Referential integrity: concept of foreign key Domain integrity: set of values of the same type

Can begin with the process of creation of security protocols. DBA perform vulnerability scans Database security

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.