Uploaded bymuhammadFaheem656405
PPTX, PDF43 views

Database Security and analyzing information

Database security

Embed presentation

Download to read offline
Database Security
Security • Data security defines the prevention of data corruption through the use of controlled access mechanisms. • Data security deals with the protection of data • Data security is making sure only the people who should have access to the data are the only ones who can access the data. • Data security refers to making sure that data is accessed by its intended users, thus ensuring the privacy and protection of data. • Authentication/authorization, encryptions, and masking are some of the popular means of data security.
 Security 3  Violation  Levels  Authorization  Views  Encryption
Violation 4  Malicious  Unauthorized reading of data  Unauthorized modification  Unauthorized destruction  Accidental  Crashes  Concurrent access anomalies  Violation of database consistency constraints.
5 Security  Database system level  Authentication and authorization mechanisms to allow specific users access only to required data  We concentrate on authorization in the first part of this session  Operating system level  Operating system super-users can do anything they want to the database!
5 Security  Network level: must use encryption to prevent  Eavesdropping (unauthorized reading of messages)  An eavesdropping attack occurs when a hacker deletes and modifies data that is transmitted between to devecies.  Masquerading (pretending to be an authorized user or  That attack uses a fake identity to gain unauthried access to personal access identification. sending messages supposedly from authorized users)
Security (Cont...) 7  Physical level  Physical access to computers allows destruction of data by intruders;  Traditional lock-and-key security is needed  Computers must also be protected from floods, fire, etc. 
Security (Cont...) 8 Human level  Users must be screened to ensure that authorized users do not give access to intruders  Users should be trained on password selection and secrecy. 
Authorization 9 Forms of authorization on parts of the database:  Read authorization - allows reading, but not modification of data.  Insert authorization - allows insertion of new data, but not modification of existing data.  Update authorization - allows modification, but not deletion of data.  Delete authorization - allows deletion of data
Views 10  Users can be given permission on views, without being given any permission on the base table used in the view definition.  Ability of views to hide data serves both to simplify usage of the system and to enhance security by allowing users access only to data they need for their job.  A combination of relational-level security and view- level security can be used to limit a user’s access to precisely the data that user needs.
View Example 11  Suppose a bank clerk needs to know the names of the customers of each branch, but is not authorized to see specific loan information.  Approach: Deny direct access to the loan base table , but grant access to the view cust-loan, which consists only of the names of customers and the branches at which they have a loan.
View Example (Cont.) 12 The cust-loan view is defined in SQL as follows: create view cust-loan as select branchname, customer-name borrower, loan where borrower.loan-number = loan.loan- number  The clerk is authorized to see the result of the query: select * from cust-loan
Role Security Specification in SQL 13  A database role is a collection of any number of privilieges/ permissions that can be assigned to one or more user.  Database role also is also given name for that collection of privileges.  The majority of today’s RDBMS’s come with predefined roles that can be assigned to any user.
Role Security Specification in SQL 14
Delegation of granting privilege 15  with grant option: allows a user who is granted a privilege to pass the privilege on to other users.  Example: grant select on branch to U1 with grant option gives U1 the select privileges on branch and allows U1 to grant ‘select’ privilege to others U1 can give command Grant select on branch to U2
Revoking Authorization 16  The revoke statement is used to revoke authorization. Revoke select on tblstudent from hamid;  Revocation of a privilege from a user may cause other users also to lose that privilege;  We can prevent cascading by specifying rest rict:  revoke select on branch from U1, U2, U3 restrict
Encryption 17  Data may be encrypted when database authorization provisions do not offer sufficient protection.  Properties of good encryption technique:  Relatively simple for authorized users to encrypt and decrypt data.  Extremely difficult for an intruder to determine the encryption key.
To ensure integrity of database 18 Define  Entity constraints (Primary key constraint)  Domain constraints  Referential integrity  Triggers
Entity Constraints 19  Entity integrity enforcement guarantees that each row in a table is uniquely identified by non-null values contained in its primary key columns.  Integrity constraints guard against accidental damage to the database, by ensuring that authorised changes to the database do not result in the loss of data consistency.
Domain constraints 20  Domain constraints are most elementary form of integrity constraints.  They test values inserted in the database  Examples  On insertion of item into order_item table the quantity must be greater that 0.  On update the new salary must be greater than old salary.  On insertion a new employee into EMP
Referential Integrity in SQL 21 (Cont…) Example  Create table account (AccountNo char(10) not null, BranchName char(15), balance integer, primary key(AccountNo) foreign key(BranchName) references branch)
Trigger 22  A Trigger is statement that is executed automatically by the system as a side effect of a modification to the database.  To design a trigger mechanism, we must specify the condition under which trigger is to be executed and action to be taken.

More Related Content

PPTX
Database security
bySoftware Engineering
 
PPTX
Database Management System Security.pptx
byRoshni814224
 
PPTX
Database Security Methods, DAC, MAC,View
byDr-Dipali Meher
 
PDF
Chapter 6 Database Security and Authorization (4).pdf
byabrehamcheru14
 
PPT
Security and Authorization introductory notes.ppt
bySubburamSivakumar1
 
PDF
databasesecurit-phpapp01.pdf
byAnSHiKa187943
 
PDF
uu (2).pdf
byuzairAsif268
 
PPTX
Database security and security in networks
byPrachi Gulihar
 
Database security
bySoftware Engineering
 
Database Management System Security.pptx
byRoshni814224
 
Database Security Methods, DAC, MAC,View
byDr-Dipali Meher
 
Chapter 6 Database Security and Authorization (4).pdf
byabrehamcheru14
 
Security and Authorization introductory notes.ppt
bySubburamSivakumar1
 
databasesecurit-phpapp01.pdf
byAnSHiKa187943
 
uu (2).pdf
byuzairAsif268
 
Database security and security in networks
byPrachi Gulihar
 

Similar to Database Security and analyzing information

PPTX
Security and Authorization
byMegha yadav
 
PPTX
Data base security & integrity
byPooja Dixit
 
PPTX
Database security and privacy
byMd. Ahasan Hasib
 
PPT
Database Security
byRabiaIftikhar10
 
PPT
UNIT-1-Security.ppt
byDharaDarji5
 
PPTX
7 (1) the motor was very good Lock and complete.pptx
bynabeehmohammedtaher
 
PPTX
Presentation on Database Security in DBMS
byGaurav977214
 
PPTX
3130703_DBMS_GTU_Study_Material_Presentations_Unit-8_16102020044754AM.pptx
byRameshPrasadBhatta2
 
PPT
Lecture 7 Database security managent such as backup, replication.ppt
byAnnKingori
 
PPT
8034.ppt
byssuser77162c
 
PPTX
security and privacy in dbms and in sql database
bygourav kottawar
 
PDF
Security and Integrity
bylubna19
 
PPTX
Database Security and Management Systems
byIsmaelKakaRealsoft
 
PPTX
Database concepts
byshanthishyam
 
PPTX
chapter30 Database Management Lecture Slides.pptx
byBicycle Thief
 
PPTX
Security of the database
byPratik Tamgadge
 
PPT
Data base security
bySara Nazir
 
PPTX
01 database security ent-db
byuncleRhyme
 
PPTX
databasemanagementsystemsecuritycyb.pptx
byMuhammadMamman2
 
PDF
Database security
bypusp220
 
Security and Authorization
byMegha yadav
 
Data base security & integrity
byPooja Dixit
 
Database security and privacy
byMd. Ahasan Hasib
 
Database Security
byRabiaIftikhar10
 
UNIT-1-Security.ppt
byDharaDarji5
 
7 (1) the motor was very good Lock and complete.pptx
bynabeehmohammedtaher
 
Presentation on Database Security in DBMS
byGaurav977214
 
3130703_DBMS_GTU_Study_Material_Presentations_Unit-8_16102020044754AM.pptx
byRameshPrasadBhatta2
 
Lecture 7 Database security managent such as backup, replication.ppt
byAnnKingori
 
8034.ppt
byssuser77162c
 
security and privacy in dbms and in sql database
bygourav kottawar
 
Security and Integrity
bylubna19
 
Database Security and Management Systems
byIsmaelKakaRealsoft
 
Database concepts
byshanthishyam
 
chapter30 Database Management Lecture Slides.pptx
byBicycle Thief
 
Security of the database
byPratik Tamgadge
 
Data base security
bySara Nazir
 
01 database security ent-db
byuncleRhyme
 
databasemanagementsystemsecuritycyb.pptx
byMuhammadMamman2
 
Database security
bypusp220
 

More from muhammadFaheem656405

PPTX
1. Ch # 02 1st year computer science notes
bymuhammadFaheem656405
 
PPTX
Characteristics of computer for b com students
bymuhammadFaheem656405
 
PPTX
Ch # 11 2nd year computer science notes1
bymuhammadFaheem656405
 
PPTX
VLAN chapters for networking CCNA_RSE_Chp6.pptx
bymuhammadFaheem656405
 
PPTX
E-R Diagram and their models using datbase
bymuhammadFaheem656405
 
PPTX
2nd year computer science chapter 12 notes
bymuhammadFaheem656405
 
PDF
5. Input Output Devices for B com students
bymuhammadFaheem656405
 
PPT
The building block of theory development
bymuhammadFaheem656405
 
1. Ch # 02 1st year computer science notes
bymuhammadFaheem656405
 
Characteristics of computer for b com students
bymuhammadFaheem656405
 
Ch # 11 2nd year computer science notes1
bymuhammadFaheem656405
 
VLAN chapters for networking CCNA_RSE_Chp6.pptx
bymuhammadFaheem656405
 
E-R Diagram and their models using datbase
bymuhammadFaheem656405
 
2nd year computer science chapter 12 notes
bymuhammadFaheem656405
 
5. Input Output Devices for B com students
bymuhammadFaheem656405
 
The building block of theory development
bymuhammadFaheem656405
 

Recently uploaded

PPTX
An Detailed Overview of Menus in Odoo 18
byCeline George
 
PPTX
SP C PROGRAMMING BASIC CONCEPTS WITH SAMPLE CODE.pptx
byspunithasrit
 
PDF
1. Doing Academic Research: Problems and Issues, 2. Academic Research Writing...
byProf. Vinod Kumar Kanvaria
 
PDF
Photoperiod Classification of Vegetable Plants.pdf
bybisensharad
 
PDF
Sample Research Instruments for Initial Survey.pdf
byThelma Villaflores
 
PDF
Introductions Introductions Introductions
byaidanattema
 
PPTX
Unit 8- Immunochemistry.pptx............
byAkanksha Kotangale
 
PDF
media brief 2 stuart hall image and anchoring text
by20hullse
 
PDF
Education Research in Ireland: Listening to all voices_Selina McCoy.pdf
byEconomic and Social Research Institute
 
PDF
SHS_Core_CAE_Q3_LE1 FOR THIRD [FINAL].pdf
bydulaymd1904
 
PDF
Herniation Syndromes - Neuro Imaging Master Series
bySean M. Fox
 
PDF
TNTEU- BD1TL Unit - 3 THEORY OF CONSTRUCTIVISM AND LEARNER CENTERED
byDr Raja Mohammed T
 
PDF
Odisha Temple Architecture Bhuwaneshwar and puri temple
byPrachiSontakke5
 
PPTX
Structure and Functions of Cell (Unit I)
byPranaliChandurkar2
 
PPTX
Enhanced_Delivery_of_Guidance_Services_in_School.pptx
bylucillepaitone12
 
PPTX
UNIT 4 – CLINICAL ENZYMOLOGY.pptx.......
byAkanksha Kotangale
 
PPTX
DEVELOPMENTL BIOLOGY hormonal control of metamorphosis.
byKajal Kashyap
 
PPTX
COPD (Chronic obstructive pulmonary disease) by ebadi.pptx
byEbadullah Khan
 
PPTX
Q3 WEEK 1 _ LAYERS OF THE EARTH SCIENCE 8
byRoyoMel
 
PPTX
2. Classification of Drugs.pptx (Pharmacognosy department)
byBushraDeshpande
 
An Detailed Overview of Menus in Odoo 18
byCeline George
 
SP C PROGRAMMING BASIC CONCEPTS WITH SAMPLE CODE.pptx
byspunithasrit
 
1. Doing Academic Research: Problems and Issues, 2. Academic Research Writing...
byProf. Vinod Kumar Kanvaria
 
Photoperiod Classification of Vegetable Plants.pdf
bybisensharad
 
Sample Research Instruments for Initial Survey.pdf
byThelma Villaflores
 
Introductions Introductions Introductions
byaidanattema
 
Unit 8- Immunochemistry.pptx............
byAkanksha Kotangale
 
media brief 2 stuart hall image and anchoring text
by20hullse
 
Education Research in Ireland: Listening to all voices_Selina McCoy.pdf
byEconomic and Social Research Institute
 
SHS_Core_CAE_Q3_LE1 FOR THIRD [FINAL].pdf
bydulaymd1904
 
Herniation Syndromes - Neuro Imaging Master Series
bySean M. Fox
 
TNTEU- BD1TL Unit - 3 THEORY OF CONSTRUCTIVISM AND LEARNER CENTERED
byDr Raja Mohammed T
 
Odisha Temple Architecture Bhuwaneshwar and puri temple
byPrachiSontakke5
 
Structure and Functions of Cell (Unit I)
byPranaliChandurkar2
 
Enhanced_Delivery_of_Guidance_Services_in_School.pptx
bylucillepaitone12
 
UNIT 4 – CLINICAL ENZYMOLOGY.pptx.......
byAkanksha Kotangale
 
DEVELOPMENTL BIOLOGY hormonal control of metamorphosis.
byKajal Kashyap
 
COPD (Chronic obstructive pulmonary disease) by ebadi.pptx
byEbadullah Khan
 
Q3 WEEK 1 _ LAYERS OF THE EARTH SCIENCE 8
byRoyoMel
 
2. Classification of Drugs.pptx (Pharmacognosy department)
byBushraDeshpande
 

Database Security and analyzing information

  • 1.
  • 2.
    Security • Data securitydefines the prevention of data corruption through the use of controlled access mechanisms. • Data security deals with the protection of data • Data security is making sure only the people who should have access to the data are the only ones who can access the data. • Data security refers to making sure that data is accessed by its intended users, thus ensuring the privacy and protection of data. • Authentication/authorization, encryptions, and masking are some of the popular means of data security.
  • 3.
  • 4.
    Violation 4  Malicious  Unauthorizedreading of data  Unauthorized modification  Unauthorized destruction  Accidental  Crashes  Concurrent access anomalies  Violation of database consistency constraints.
  • 5.
    5 Security  Database systemlevel  Authentication and authorization mechanisms to allow specific users access only to required data  We concentrate on authorization in the first part of this session  Operating system level  Operating system super-users can do anything they want to the database!
  • 6.
    5 Security  Network level:must use encryption to prevent  Eavesdropping (unauthorized reading of messages)  An eavesdropping attack occurs when a hacker deletes and modifies data that is transmitted between to devecies.  Masquerading (pretending to be an authorized user or  That attack uses a fake identity to gain unauthried access to personal access identification. sending messages supposedly from authorized users)
  • 7.
    Security (Cont...) 7  Physicallevel  Physical access to computers allows destruction of data by intruders;  Traditional lock-and-key security is needed  Computers must also be protected from floods, fire, etc. 
  • 8.
    Security (Cont...) 8 Human level  Usersmust be screened to ensure that authorized users do not give access to intruders  Users should be trained on password selection and secrecy. 
  • 9.
    Authorization 9 Forms of authorizationon parts of the database:  Read authorization - allows reading, but not modification of data.  Insert authorization - allows insertion of new data, but not modification of existing data.  Update authorization - allows modification, but not deletion of data.  Delete authorization - allows deletion of data
  • 10.
    Views 10  Users canbe given permission on views, without being given any permission on the base table used in the view definition.  Ability of views to hide data serves both to simplify usage of the system and to enhance security by allowing users access only to data they need for their job.  A combination of relational-level security and view- level security can be used to limit a user’s access to precisely the data that user needs.
  • 11.
    View Example 11  Suppose abank clerk needs to know the names of the customers of each branch, but is not authorized to see specific loan information.  Approach: Deny direct access to the loan base table , but grant access to the view cust-loan, which consists only of the names of customers and the branches at which they have a loan.
  • 12.
    View Example (Cont.) 12 Thecust-loan view is defined in SQL as follows: create view cust-loan as select branchname, customer-name borrower, loan where borrower.loan-number = loan.loan- number  The clerk is authorized to see the result of the query: select * from cust-loan
  • 13.
    Role Security Specificationin SQL 13  A database role is a collection of any number of privilieges/ permissions that can be assigned to one or more user.  Database role also is also given name for that collection of privileges.  The majority of today’s RDBMS’s come with predefined roles that can be assigned to any user.
  • 14.
  • 15.
    Delegation of granting privilege 15 with grant option: allows a user who is granted a privilege to pass the privilege on to other users.  Example: grant select on branch to U1 with grant option gives U1 the select privileges on branch and allows U1 to grant ‘select’ privilege to others U1 can give command Grant select on branch to U2
  • 16.
    Revoking Authorization 16  The revokestatement is used to revoke authorization. Revoke select on tblstudent from hamid;  Revocation of a privilege from a user may cause other users also to lose that privilege;  We can prevent cascading by specifying rest rict:  revoke select on branch from U1, U2, U3 restrict
  • 17.
    Encryption 17  Data maybe encrypted when database authorization provisions do not offer sufficient protection.  Properties of good encryption technique:  Relatively simple for authorized users to encrypt and decrypt data.  Extremely difficult for an intruder to determine the encryption key.
  • 18.
    To ensure integrityof database 18 Define  Entity constraints (Primary key constraint)  Domain constraints  Referential integrity  Triggers
  • 19.
    Entity Constraints 19  Entityintegrity enforcement guarantees that each row in a table is uniquely identified by non-null values contained in its primary key columns.  Integrity constraints guard against accidental damage to the database, by ensuring that authorised changes to the database do not result in the loss of data consistency.
  • 20.
    Domain constraints 20  Domainconstraints are most elementary form of integrity constraints.  They test values inserted in the database  Examples  On insertion of item into order_item table the quantity must be greater that 0.  On update the new salary must be greater than old salary.  On insertion a new employee into EMP
  • 21.
    Referential Integrity in SQL 21 (Cont…) Example Create table account (AccountNo char(10) not null, BranchName char(15), balance integer, primary key(AccountNo) foreign key(BranchName) references branch)
  • 22.
    Trigger 22  A Triggeris statement that is executed automatically by the system as a side effect of a modification to the database.  To design a trigger mechanism, we must specify the condition under which trigger is to be executed and action to be taken.