Presentation is loading. Please wait.

Presentation is loading. Please wait.

Academic Year 2014 Spring Academic Year 2014 Spring.

Published byCorey Wiggins Modified over 8 years ago

Similar presentations

Presentation on theme: "Academic Year 2014 Spring Academic Year 2014 Spring."— Presentation transcript:

1 Academic Year 2014 Spring Academic Year 2014 Spring

2 MODULE CC3005NI: Advanced Database Systems “DATABASE SECURITY” Academic Year 2014 Spring Academic Year 2014 Spring

3  Widespread use of multi user database systems has increased productivity and efficiency for many organisations. However, it also exposes these organisations to greater vulnerability of the databases being misused.  The overall objective of database security is to protect data in the databases against unauthorised use, disclosure, alteration or destruction. Objective of Database Security:

4  Different Concepts  Database Security o How to protect data from unauthorised use Only authorised users are permitted to use the database They do so under the access control imposed by the system  Database Integrity o How to ensure accuracy or validity of data Entity integrity, domain integrity, referential integrity rules Other user defined, application specific integrity rules Database Security vs. Integrity:

5  Common Features  The database systems must be aware of constraints that users must not violate  These constraints must be specified by DBA in some suitable language  These constraints must be maintained in the system catalogue  The DBMS must monitor user operations in order to ensure that the constraints are properly enforced. Database Security vs. Integrity:

6 General Concerns  Legal, Social Ethical Issues  Whether a person has a legal right to access the information  Data Protection Act to ensure proper control of access to personal/confidential information  Policy Issues  What is the company scheme to protect its database Issued to be Considered:

7  Hardware Issues  Physical security of the computer system and the reliability of the hardware  Software Issues  Reliability of Operating systems used Issued to be Considered:

8 Database specific Concerns  Unauthorised used of the database, either deliberately or accidentally  Unauthorised users attempting access to the database  Authorised users attempting unauthorised operations on certain data objects  Data encryption provides additional protection for sensitive data during transmission Issued to be Considered:

9  In the context of database security, an access request / access right contains three aspects  User – who is requesting access  Operation – what operation is requested (select, insert, delete, update)  Data object – what data object is requested  Typically, users will have different access rights on various data objects in a database Access Request:

10  Depending on the security schemes used, the scope of data objects ranges from:  Entire database  A set of relations  A set of tuples / columns  A particular attribute value within a tuple Granularity of Data Objects:

11  Authorisation subsystem  Provided by database security mechanism to check and verify user’s identity for ensuring the security of the database against unauthorised access  Before accessing database a user must  Identify themselves  Authenticate their identification  Additional identification & authentication may further be required during session e. g. Cash point, oracle log in, finger prints retina scans etc. Identification and Authentication:

12  Two main approaches to database security, depending on the type of objects (user or data) through which the access control is exercised  Discretionary Access Control o Control is exercised by assigning users different access rights (privileges / authorities) on different data objects  Mandatory Access Control o Control is exercised by assigning data objects different classification levels and assigning user different clearance levels Two Main Approaches:

13  Discretionary Access Control (DAC) provide flexibility in allowing access to database  DACs protect unstructured work in progress  DAC objects contain information protected by Mandatory Access Control (MAC)  DAC also includes privileges associated with email  DAC labels are derived from MAC labels  Access decisions in DAC do not take into account user’s role or program’s functionality Discretionary Access Control:

14  There are various methods used in Discretionary Access Control like;  Access Matrix use table(s) to specify access privilege for different users on different data objects  Security Rules use a suitable language to specify user’s access rights Discretionary Access Control:

15 Discretionary Access Control - Access Matrix:

16  An Access Matrix may contain many empty cells, so its information could be stored as user profiles or object profiles User Profiles (from the example) User Atable1:select; table1, attr2:update; table2:select User Btable1,attr1:select; table2:select; table2, attr1:update Object Profiles (from the example) Table 1userA:select Table 2userA:select; userB:select; userD:insert Discretionary Access Control - Access Matrix:

17  Supported by SQL standard and facilitated by two statements GRANT and REVOKE  GRANT – Definition of Security Rules GRANT operation ON data object TO user(s) Violation response Discretionary Access Control - Security Rules:

18 Some examples  Value independent rules  GRANTONTO  GRANT SELECT ON TABLE Employee TO Ram, Shyam, Hari;  Value dependent rules  GRANTTO  GRANT SELECT ON TABLE Supplier where Supplier-city = ‘London’ TO Ganesh;  Context dependent rules  GRANT TO  GRANT UPDATE ON TABLE Product WHEN Day() in (‘Mon’, ‘Tue’, ‘Wed’, ‘Thu’, ‘Fri’) AND Now() >= Time ‘09:00:00’ AND NOW() >= Time ‘17:00:00’ TO Order-Dept; Discretionary Access Control - Security Rules:

19  Violation Response GRANTONTO e.g. GRANT SELECT ON TABLE Employee TO Ram ON attempted violation Reject;  REVOKE – Deletion of Security Rules  REVOKE SELECT ON TABLE Employee TO Ram;  REVOKE UPDATE ON TABLE Employee TO Ram;  REVOKE DELETE ON TABLE Employee TO Ram;  REVOKE INSERT ON TABLE Employee TO Ram; or,  REVOKE SELECT, INSERT ON TABLE Employee TO Ram;  REVOKE ALL ON TABLE Employee TO Ram; Discretionary Access Control - Security Rules:

20  Why Mandatory Access Control (MAC) is needed?  Enhances security of database  Gives consistent view of operations  General rule is all allowed accesses are provided by MAC  Access that is not part of MAC is Discretionary Access Control (DAC)  MAC adds to complexity Mandatory Access Control:

21  MAC is used for type enforcement (TE) as is done in programming languages  MAC protects organizational data  MAC deals with database queries, reports and statistical studies  Data protection for a class is determined by its label  Relabel privileges follow a set of rules since label makes a difference in access Mandatory Access Control:

22  Relabels are used for declassification of existing objects or for approvability  Relabels do not allow changing or observing the content  Information flow is specified between MAC labels  Information flow restrictions are essential for maintaining confidentiality Mandatory Access Control:

23  Examples:  Official reports (DAC permission allows DAC copy)  Statistical analysis of medical records (providers and researchers have different view of same data)  Accounting records (updated by structured programs and accessed by unstructured programs) Mandatory Access Control:

24  Key Points of the scheme  Each data objects is assigned a classification level  Each user is assigned a clearance level o Users with a clearance level I can only access data objects whose classification level j is lower than or equal to i. o The classification and clearance levels have the same number of possibilities o These levels form a strict ordering hierarchy Mandatory Control:

25 Example Mandatory Control – Security Classification Method:

26 Questions:  According to the information given in the tables:  What is a manager’s access right? o Select tables 1 and 2; o Update table 2 and attributes 1 and 2 of table 1 o Delete table 2 and attribute 2 of table 1  Is a manager allowed to delete a data item from the attribute 1 of Table 1? o No  Who can select attribute 1 of Table 2? o Everyone Mandatory Control – Security Classification Method:

27  Discretionary Access Control  More widely used due to its flexibility  Supported by current SQL standard  Mandatory Access Control  With more rigid structure  Suitable for organisations with strict requirement for security and hierarchy (e.g. Government, defence systems, for sensitive / classified information) Comparison:

28 Thank you!!! Questions are WELCOME Academic Year 2014 Spring Academic Year 2014 Spring

Download ppt "Academic Year 2014 Spring Academic Year 2014 Spring."

Similar presentations

Operating System Security

Operating System Security
MSc IT UFCE8K-15-M Data Management Prakash Chatterjee Room 2Q18

MSc IT UFCE8K-15-M Data Management Prakash Chatterjee Room 2Q18
Chapter 23 Database Security and Authorization Copyright © 2004 Pearson Education, Inc.

Chapter 23 Database Security and Authorization Copyright © 2004 Pearson Education, Inc.
Database Administration, Integrity and Performance.

Database Administration, Integrity and Performance.
Jan. 2014Dr. Yangjun Chen ACS-49021 Database security and authorization (Ch. 22, 3 rd ed. – Ch. 23, 4 th ed. – Ch. 24, 6 th )

Jan. 2014Dr. Yangjun Chen ACS Database security and authorization (Ch. 22, 3 rd ed. – Ch. 23, 4 th ed. – Ch. 24, 6 th )
Database Security by Muhammad Waheed Aslam SIS Project Leader ITC/KFUPM.

Database Security by Muhammad Waheed Aslam SIS Project Leader ITC/KFUPM.
Chapter 11 Database Security: An Introduction Copyright © 2004 Pearson Education, Inc.

Chapter 11 Database Security: An Introduction Copyright © 2004 Pearson Education, Inc.
Security and Integrity

Security and Integrity
Database Management System

Database Management System
Data security 1. 2 Overview  generalities  discretionary access control  mandatory access control  data encryption.

Data security 1. 2 Overview  generalities  discretionary access control  mandatory access control  data encryption.
Database Security - Farkas 1 Database Security and Privacy.

Database Security - Farkas 1 Database Security and Privacy.
Monday, 08 June 2015Dr. Mohamed Osman1 What is Database Administration A high level function (technical Function) that is responsible for ► physical DB.

Monday, 08 June 2015Dr. Mohamed Osman1 What is Database Administration A high level function (technical Function) that is responsible for ► physical DB.
Security Fall 2006McFadyen ACS-49021 How do we protect the database from unauthorized access? Who can see employee salaries, student grades, … ? Who can.

Security Fall 2006McFadyen ACS How do we protect the database from unauthorized access? Who can see employee salaries, student grades, … ? Who can.
Chapter 2 Access Control Fundamentals. Chapter Overview Protection Systems Mandatory Protection Systems Reference Monitors Definition of a Secure Operating.

Chapter 2 Access Control Fundamentals. Chapter Overview Protection Systems Mandatory Protection Systems Reference Monitors Definition of a Secure Operating.
CSCI 5707: Database Security Pusheng Zhang University of Minnesota March 2, 2004.

CSCI 5707: Database Security Pusheng Zhang University of Minnesota March 2, 2004.
Concepts of Database Management Sixth Edition

Concepts of Database Management Sixth Edition
Chapter 8 Security Transparencies © Pearson Education Limited 1995, 2005.

Chapter 8 Security Transparencies © Pearson Education Limited 1995, 2005.
IS 4420 Database Fundamentals Chapter 12: Data and Database Administration Leon Chen.

IS 4420 Database Fundamentals Chapter 12: Data and Database Administration Leon Chen.
Database Features Lecture 2. Desirable features in an information system Integrity Referential integrity Data independence Controlled redundancy Security.

Database Features Lecture 2. Desirable features in an information system Integrity Referential integrity Data independence Controlled redundancy Security.
View n A single table derived from other tables which can be a base table or previously defined views n Virtual table: doesn’t exist physically n Limitation.

View n A single table derived from other tables which can be a base table or previously defined views n Virtual table: doesn’t exist physically n Limitation.

Similar presentations

Ads by Google