Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security in Databases. 2 Srini & Nandita (CSE2500)DB Security Outline review of databases reliability & integrity protection of sensitive data protection.

Published by Modified over 8 years ago

Similar presentations

Presentation on theme: "Security in Databases. 2 Srini & Nandita (CSE2500)DB Security Outline review of databases reliability & integrity protection of sensitive data protection."— Presentation transcript:

1 Security in Databases

2 2 Srini & Nandita (CSE2500)DB Security Outline review of databases reliability & integrity protection of sensitive data protection against inference multi-level security CSE2500 System Security & Privacy

3 3 Srini & Nandita (CSE2500)DB Security Database DBMS DB Administrator users

4 4 Srini & Nandita (CSE2500)DB Security Database concepts database –data + rules components of data –records: composed of fields / elements logical structure  schema attribute  name of a column relation  a set of columns

5 5 Srini & Nandita (CSE2500)DB Security A sample database

6 6 Srini & Nandita (CSE2500)DB Security DB should deliver (advantages) shared access minimal redundancy data consistency data integrity controlled access

7 7 Srini & Nandita (CSE2500)DB Security Security requirements physical DB integrity logical DB integrity element (field) integrity auditability access control user authentication availability –(integrity, confidentiality & availability)

8 8 Srini & Nandita (CSE2500)DB Security Reliability & integrity three dimensions: –database integrity –element integrity –element accuracy various techniques –2-phase update –introducing redundancy –recovery –concurrency/consistency control –using monitors

9 9 Srini & Nandita (CSE2500)DB Security 2-phase update phase-1: Intent –gathering info & resources –no harm in the case of failure –writing of a commit flag to data base phase-2: Commit –set commit flag in the database –causing permanent changes –may be repairable in the case of failure

10 10 Srini & Nandita (CSE2500)DB Security 2-Phase Update (Example) Suppose DB query asks to add 1 to fields X and Y. Phase 1 (Intent): –Compute updated values in temporary “Shadow” variables Xnew and Ynew: >Xnew := X + 1, Ynew := Y + 1 Phase 2 (Commit): –Set “Commit” flag (i.e. DB changes started, do not repeat Intent phase!) –Copy shadow values into DB: >X := Xnew, Y := Ynew –Write “Update Complete”, Clear Commit flag.

11 11 Srini & Nandita (CSE2500)DB Security Redundancy/internal consistency using error detection / correction codes –entire database –records –fields / elements shadow fields –duplication of attributes / records

12 12 Srini & Nandita (CSE2500)DB Security Recovery one way to achieve this is to have a log file for all recent changes (since last backup)

13 13 Srini & Nandita (CSE2500)DB Security Concurrency/Consistency In a multi-user/process/client environment, concurrency and consistency control is vitally important. Basic techniques –using “atomic operation” >Read-then-(if OK)Write: A Write query to a field is conditioned on its current contents being as specified (in case it was modified recently by someone else) –using “locking” mechanisms >Read queries to a record are blocked while a write is performed to the record by someone else

14 14 Srini & Nandita (CSE2500)DB Security Monitors checking the structural consistency of data entered or modified –range comparison -- field specific –state constraints >describe of the condition of entire DB >(Properties which should be satisfied by DB contents at all times) –transition constraints >describe the conditions necessary before a change can be made (Properties which should be satisfied by DB contents so that a change to DB is valid) Collectively called Integrity Constraints

15 15 Srini & Nandita (CSE2500)DB Security On sensitive data factors that make data sensitive –inherently sensitive –from a sensitive source –declared sensitive –of a sensitive attribute or a sensitive record –sensitive in relation to previously disclosed information sensitivity of data in a DB may vary !

16 16 Srini & Nandita (CSE2500)DB Security A sample database

17 17 Srini & Nandita (CSE2500)DB Security Access decisions on sensitive data factors to be considered when permitting “user x to access data y” –availability of data >Record is blocked from read while it is modified –acceptability of access >No disclosure (even ‘partial’) of sensitive values to unauthorized users –assurance of authenticity of user >Limit access based on other considerations (time of access, previous accesses,…)

18 18 Srini & Nandita (CSE2500)DB Security Types of disclosure of sensitive data exact data (field = x) Bounds – x < field < y negative result –field is not equal to x Existence –an Attribute of a field exists in DB probable value –reducing the number of possible values for a field, Improving knowledge of their relative likelihoods.

19 19 Srini & Nandita (CSE2500)DB Security Inference Problem definition: –infer or derive sensitive data from non- sensitive or (seemingly) un-related data “inference” is a subtle vulnerability in database security

20 20 Srini & Nandita (CSE2500)DB Security A sample database

21 21 Srini & Nandita (CSE2500)DB Security Direct attack list NAME where SEX = M & DRUGS = 1 list NAME where (SEX = M & DRUGS = 1) | (SEX != M & SEX != F) | (DORM != East)

22 22 Srini & Nandita (CSE2500)DB Security Indirect attack (statistical inference) Sum sum of financial aid by dorm & sex Holmes Grey West Total M 5000 1000 0 6000 F 2000 0 4000 6000 Total 7000 1000 4000 12000

23 23 Srini & Nandita (CSE2500)DB Security Indirect attack (cont.) Count –count of students by dorm & sex Holmes Grey West Total M 1 2 0 3 F 1 0 2 3 Total 2 2 2 6 –can be used in combination with “sum”

24 24 Srini & Nandita (CSE2500)DB Security Indirect attack (cont.) Median highest value for attribute 1 lowest value for attribute 1 lowest value for attribute 2 highest value for attribute 2 median for attribute 1 & median for attribute 2

25 25 Srini & Nandita (CSE2500)DB Security revealing Earhart’s drug Earhart is the only person who has the median of AID and DRUGS, so if data on AID is known, the following query reveals Earhart’s DRUGS: p = median (DRUGS where AID=2000)

26 26 Srini & Nandita (CSE2500)DB Security Indirect attack (cont.) Linear system attack –by solving a set of equations e.g. q1 = c1 + c2 + c3 q2 = c2 + c3 q3 = c1 + c3

27 27 Srini & Nandita (CSE2500)DB Security Controls for statistical inference 2 types of control –applied to queries --- very hard ! –applied to data items --- relatively easy >suppression --- sensitive data are not provided >concealing --- precise data are not provided

28 28 Srini & Nandita (CSE2500)DB Security Summary of inference no perfect solution to inference problem 3 common approaches –suppress obviously sensitive data  fairly easy –track what the user knows  costly –disguise data  may result in incorrect or wrong responses to legitimate queries

29 29 Srini & Nandita (CSE2500)DB Security Multi-level security The 2 level security model, sensitive or non- sensitive, is inadequate in many practical applications: –The security of a data element may be different from that of other elements in the same row or column. –In practice many grades of security may be needed. –The security of an aggregate may be different from that of the individual elements

30 30 Srini & Nandita (CSE2500)DB Security Realising Multi-level Security Partitioning –each sub-database corresponds to a security level Encryption –each record (or field) can be encrypted using a different key Integrity lock Trusted Front End Commutative Filter Window/View

Download ppt "Security in Databases. 2 Srini & Nandita (CSE2500)DB Security Outline review of databases reliability & integrity protection of sensitive data protection."

Similar presentations

©Silberschatz, Korth and Sudarshan4.1Database System Concepts Lecture-1 Database system,CSE-313, P.B. Dr. M. A. Kashem Associate. Professor. CSE, DUET,

©Silberschatz, Korth and Sudarshan4.1Database System Concepts Lecture-1 Database system,CSE-313, P.B. Dr. M. A. Kashem Associate. Professor. CSE, DUET,
Auditing Computer-Based Information Systems

Auditing Computer-Based Information Systems
Dr Gordon Russell, Napier University Unit 5.3 - Data Dictionary 1 Data Dictionary Unit 5.3.

Dr Gordon Russell, Napier University Unit Data Dictionary 1 Data Dictionary Unit 5.3.
Information Security Principles & Applications

Information Security Principles & Applications
Monday, 08 June 2015Dr. Mohamed Osman1 What is Database Administration A high level function (technical Function) that is responsible for ► physical DB.

Monday, 08 June 2015Dr. Mohamed Osman1 What is Database Administration A high level function (technical Function) that is responsible for ► physical DB.
Database Integrity, Security and Recovery Database integrity Database integrity Database security Database security Database recovery Database recovery.

Database Integrity, Security and Recovery Database integrity Database integrity Database security Database security Database recovery Database recovery.
Database Management: Getting Data Together Chapter 14.

Database Management: Getting Data Together Chapter 14.
Transaction Processing IS698 Min Song. 2 What is a Transaction?  When an event in the real world changes the state of the enterprise, a transaction is.

Transaction Processing IS698 Min Song. 2 What is a Transaction?  When an event in the real world changes the state of the enterprise, a transaction is.
Security in Databases. 2 Outline review of databases reliability & integrity protection of sensitive data protection against inference multi-level security.

Security in Databases. 2 Outline review of databases reliability & integrity protection of sensitive data protection against inference multi-level security.
Database Features Lecture 2. Desirable features in an information system Integrity Referential integrity Data independence Controlled redundancy Security.

Database Features Lecture 2. Desirable features in an information system Integrity Referential integrity Data independence Controlled redundancy Security.
Functions of a Database Management System. Functions of a DBMS C.J. Date n Indexing n Views n Security n Integrity n Concurrency n Backup/Recovery n Design.

Functions of a Database Management System. Functions of a DBMS C.J. Date n Indexing n Views n Security n Integrity n Concurrency n Backup/Recovery n Design.
Last time Finish OTR Database Security Introduction to Databases

Last time Finish OTR Database Security Introduction to Databases
Dr. Kalpakis CMSC 461, Database Management Systems Introduction.

Dr. Kalpakis CMSC 461, Database Management Systems Introduction.
Security Architecture Dr. Gabriel. Security Database security: –degree to which data is fully protected from tampering or unauthorized acts –Full understanding.

Security Architecture Dr. Gabriel. Security Database security: –degree to which data is fully protected from tampering or unauthorized acts –Full understanding.
SE571 Security in Computing

SE571 Security in Computing
D ATABASE S ECURITY Proposed by Abdulrahman Aldekhelallah University of Scranton – CS521 Spring2015.

D ATABASE S ECURITY Proposed by Abdulrahman Aldekhelallah University of Scranton – CS521 Spring2015.
Database Systems: Design, Implementation, and Management Ninth Edition

Database Systems: Design, Implementation, and Management Ninth Edition
IT 221: Introduction to Information Security Principles Lecture 11: Database Security For Educational Purposes Only Revised: November 13, 2002.

IT 221: Introduction to Information Security Principles Lecture 11: Database Security For Educational Purposes Only Revised: November 13, 2002.
Chapter 6 – Database Security  Integrity for databases: record integrity, data correctness, update integrity  Security for databases: access control,

Chapter 6 – Database Security  Integrity for databases: record integrity, data correctness, update integrity  Security for databases: access control,
DBSQL 7-1 Copyright © Genetic Computer School 2009 Chapter 7 Transaction Management, Database Security and Recovery.

DBSQL 7-1 Copyright © Genetic Computer School 2009 Chapter 7 Transaction Management, Database Security and Recovery.

Similar presentations

Ads by Google