1. Database Security Outline.. Introduction Security requirement Reliability and Integrity Sensitive data Inference Multilevel databases Multilevel security

2. Security requirment The list of requirement for database security –Physical database integrity Eg. Power failure –Logical database integrity The structure of the database is preserved. That is modification of one field does not affect other field. –Element Integrity The data contained in each element must be accurate. Using field check, access control and change log.

3. Cont.. Auditability –It is possible to track who or what has accessed or modified the elements in the database. Access control –A user is allowed to access only authorized data User authentication –User has to positively identify for authorized data access Availability –User can access all the data for which he has access.

4. Reliability and Integrity Reliability : database guards against loss or damage. Database concerns about reliability and integrity can be viewed from three dimensions: 1.Database integrity: whole database is protected against damage (e.g. disk failure, corruption of data) 2.Element integrity: specific data value is changed by authorized users. 3.Element accuracy: only correct values are written into the elements of database.

5. Reliability and Integrity Two-phase update: –First phase: intent phase Gathers all the resources it needs to perform update. Last event of this phase is committing, commit flag –That is database has passed the point of no return. –Second phase makes the permanent changes –Shadow values: This values are stored during the intent phase and copied actually during commit phase.

6. Redundancy /Internal consistency To detect internal inconsistency DBMS maintains following information: Error detection and correction codes –Shadow fields: duplicate fields-for replacement in case of error or data lost. –Recovery: in case of failure, recover from backup copy –Concurrency and consistency: in multi-user system locking is required. Improper concurrent access may lead to conflict, erroneous data,etc. To resolve this problem, DBMS treats the entire query- update cycle as a single atomic operation

7. Monitors. It is a unit of DBMS responsible for the structural integrity of the database. Can check values being entered to ensure their consistency. –E.g. type mis-match Several forms of monitors: –Range comparison. –State constraints: describe the state of entire database. –Transition constraints: describe conditions necessary before changes can be made to database.

8. Sensitive data Data that should not be made public Factors that make data sensitive: –Inherently sensitive: location of critical data itself –Declared sensitive: by DBA –Part of Database: attribute or record –Sensitive in relation to previously disclosed information Access decision: –“what” data and “who” should have access to it. –DBA decisions based on Access policy.

9. Types of disclosure Exact data: exact value of a sensitive data item itself Bounds Negative result Existence of data itself and not a value.

10. Security vs precision We want to disclose only those data that are not sensitive. “We want to disclose as much data as possible so that users of the database have access to the data they need” This goal is called precision, aims to protect all sensitive data while revealing as much non- sensitive data as possible. Using precision we maintain perfect confidentiality.

11. Inference.