Presentation is loading. Please wait.

Presentation is loading. Please wait.

PT2520 Unit 8: Database Security I

Published byAlbert Lenz Modified over 5 years ago

Similar presentations

Presentation on theme: "PT2520 Unit 8: Database Security I"— Presentation transcript:

1 PT2520 Unit 8: Database Security I
Is It Secure? Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

2 Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall
Overview Security is essential for any database that will be put into production. One way to begin thinking about security is to look at two terms: Authentication Authorization Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

3 Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall
Authentication Authentication is the process of determining if the person is, in fact, who he or she claims to be. This can be done in a variety of ways: Login name and password Certificate Biometrics Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

4 Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall
Authorization Authorization is about “authorizing” a user to do things in the database. It involves setting permissions on objects and data. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

5 SQL Server Authentication
SQL Server has two primary ways of authenticating users: Windows authentication SQL Server authentication Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

6 Windows Authentication
In Windows Authentication, a windows or Active Directory account is mapped to a SQL Server Account. The user logs into their Windows machine and accesses the SQL Server through this account. This is the preferred method of authentication. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

7 SQL Server Authentication
In SQL Server or mixed authentication, a user is given a login name and a password for logging into the server. This is useful in environments where not every user has a Windows account. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

8 Example: Creating a SQL Server Login
CREATE LOGIN StudentLogIn WITH DEFAULT_DATABASE=TutorManagement Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

9 Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall
Roles Roles are collections of permissions. Rather than try to assign and maintain individual user permissions, users can be assigned to a role that provides a common set of permissions. Roles provide a much more efficient and maintainable way of controlling user access to the database. New roles can be created as needed and SQL Server provides a set of built in roles. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

10 Table of Built-in Roles
Database Role Description db_accessadmin Can ALTER any User and create Schema db_backupoperator Grants the user to back up and restore the particular database db_datareader Grants the user SELECT on all Tables and Views in the database db_datawriter Grants the user INSERT , UPDATE and DELETE permissions on all Tables and Views db_ddladmin Grants the ability to CREATE or ALTER any database object db_denydatareader Denies SELECT on all Tables and Views db_denydatawriter Denies INSERT, UPDATE, and DELETE on all Tables and Views db_owner Grants ownership and full permissions on all database objects db_securityadmin Grants the ability to ALTER roles and CREATE Schema public Grants access to database but by default has no permissions on any objects. Every user is a member of public as well as any other roles. The public role cannot be removed Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

11 Example: Creating a Role
USE TutorManagement Go CREATE ROLE StudentRole Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

12 Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall
Schema Schema can be used to achieve results similar to roles. However, a role is a collection of permissions; a schema is a collection of objects owned by a schema. A user can be assigned to a schema and then assigned permissions on schema objects. When they log in, they will only see the objects in their schema. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

13 Analyzing Security Needs
One way to analyze the security needs of a database is to look at the security requirements of each type of database user. You can analyze those needs in terms of specific permissions on tables and objects. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

14 Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall
Analysis Example Table name SELECT INSERT UPDATE DELETE Constraints Student Tutor X A public subset of tutor info Course StudentCourse Ethnicity Session X* *Only for own sessions Request RequestNote Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

15 Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall
All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording, or otherwise, without the prior written permission of the publisher. Printed in the United States of America. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

Download ppt "PT2520 Unit 8: Database Security I"

Similar presentations

IT203 Unit 8: Database Security I Is It Secure? Copyright © 2012 Pearson Education, Inc. Publishing as Prentice HallChapter8.1.

IT203 Unit 8: Database Security I Is It Secure? Copyright © 2012 Pearson Education, Inc. Publishing as Prentice HallChapter8.1.
IT203 Unit 9: Database Security II Is It Secure? Copyright © 2012 Pearson Education, Inc. Publishing as Prentice HallChapter8.1.

IT203 Unit 9: Database Security II Is It Secure? Copyright © 2012 Pearson Education, Inc. Publishing as Prentice HallChapter8.1.
Chapter 1 Getting Started with Access Databases. Objectives Identify Good Database Design Create a Table and Define Fields in a New Blank Database Change.

Chapter 1 Getting Started with Access Databases. Objectives Identify Good Database Design Create a Table and Define Fields in a New Blank Database Change.
1 Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall. by Mary Anne Poatsy, Keith Mulbery, Eric Cameron, Jason Davidson, Rebecca Lawson,

1 Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall. by Mary Anne Poatsy, Keith Mulbery, Eric Cameron, Jason Davidson, Rebecca Lawson,
1 Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall. by Mary Anne Poatsy, Keith Mulbery, Eric Cameron, Jason Davidson, Rebecca Lawson,

1 Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall. by Mary Anne Poatsy, Keith Mulbery, Eric Cameron, Jason Davidson, Rebecca Lawson,
Chapter 9 Security. Endpoints  A SQL Server endpoint is the point of entering into SQL Server.  It is implemented as a database object that defines.

Chapter 9 Security. Endpoints  A SQL Server endpoint is the point of entering into SQL Server.  It is implemented as a database object that defines.
Logins, Roles and Credentials Lesson 14. Skills Matrix.

Logins, Roles and Credentials Lesson 14. Skills Matrix.
Getting Started Chapter One DAVID M. KROENKE and DAVID J. AUER DATABASE CONCEPTS, 5 th Edition.

Getting Started Chapter One DAVID M. KROENKE and DAVID J. AUER DATABASE CONCEPTS, 5 th Edition.
Job Analysis and the Talent Management Process

Job Analysis and the Talent Management Process
Getting Started with Microsoft SQL Server 2012 Express Edition Appendix A DAVID M. KROENKE and DAVID J. AUER DATABASE CONCEPTS, 6 th Edition.

Getting Started with Microsoft SQL Server 2012 Express Edition Appendix A DAVID M. KROENKE and DAVID J. AUER DATABASE CONCEPTS, 6 th Edition.
Chapter One Customer Focus and Managing Customer Loyalty

Chapter One Customer Focus and Managing Customer Loyalty
1 Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall. by Mary Anne Poatsy, Keith Mulbery, Eric Cameron, Jason Davidson, Rebecca Lawson,

1 Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall. by Mary Anne Poatsy, Keith Mulbery, Eric Cameron, Jason Davidson, Rebecca Lawson,
Getting Started with Microsoft Access The Access Workbench: Section One DAVID M. KROENKE and DAVID J. AUER DATABASE CONCEPTS, 4 th Edition.

Getting Started with Microsoft Access The Access Workbench: Section One DAVID M. KROENKE and DAVID J. AUER DATABASE CONCEPTS, 4 th Edition.
Copyright ©2014 Pearson Education, Inc. Chapter 8 Is it Secure? Chapter8.1.

Copyright ©2014 Pearson Education, Inc. Chapter 8 Is it Secure? Chapter8.1.
Copyright ©2014 Pearson Education, Inc. Chapter 3 Requirements and Business Rules Chapter3.1.

Copyright ©2014 Pearson Education, Inc. Chapter 3 Requirements and Business Rules Chapter3.1.
Getting Started with Oracle Database 11g Release 2 Express Edition Appendix B DAVID M. KROENKE and DAVID J. AUER DATABASE CONCEPTS, 6 th Edition.

Getting Started with Oracle Database 11g Release 2 Express Edition Appendix B DAVID M. KROENKE and DAVID J. AUER DATABASE CONCEPTS, 6 th Edition.
Getting Started Chapter One DAVID M. KROENKE and DAVID J. AUER DATABASE CONCEPTS, 6 th Edition.

Getting Started Chapter One DAVID M. KROENKE and DAVID J. AUER DATABASE CONCEPTS, 6 th Edition.
1 Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall. by Mary Anne Poatsy, Keith Mulbery, Lynn Hogan, Amy Rutledge, Cyndi Krebs, Eric.

1 Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall. by Mary Anne Poatsy, Keith Mulbery, Lynn Hogan, Amy Rutledge, Cyndi Krebs, Eric.
Today’s Objectives Chapters 10 and 11 Security in SQL Server –Manage server logins and database users. –Manage server-level, database-level, and application.

Today’s Objectives Chapters 10 and 11 Security in SQL Server –Manage server logins and database users. –Manage server-level, database-level, and application.
1 Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall. Access Module 1 Workshop 1 The Four Main Database Objects Series Editor Amy Kinser.

1 Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall. Access Module 1 Workshop 1 The Four Main Database Objects Series Editor Amy Kinser.

Similar presentations

Ads by Google