1 / 24

Security

Security. Dale-Marie Wilson, Ph.D. Why Database Security?. Data Valuable resource Must be strictly controlled and managed Corporate resource Have strategic importance Must be secure and confidential. Database Security.

remington
Télécharger la présentation

Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Security Dale-Marie Wilson, Ph.D.

  2. Why Database Security? • Data • Valuable resource • Must be strictly controlled and managed • Corporate resource • Have strategic importance • Must be secure and confidential

  3. Database Security • Mechanisms that protect database against intentional or accidental threats • Does not only apply to data held in database • Security breaches may affect other parts of system • Eventually affect database

  4. Database Security • Involves measures to avoid: • Theft and fraud • Loss of confidentiality (secrecy) • Loss of privacy • Loss of integrity • Loss of availability • Threat • Any situation or event, intentional or unintentional, that adversely affects system => organization

  5. Summary of Threats to Computer Systems

  6. Typical Multi-user Computer Environment

  7. Countermeasures – Computer-Based Controls • Concerned with physical controls to administrative procedures and includes: • Authorization • Access controls • Views • Backup and recovery • Integrity • Encryption • RAID technology

  8. Countermeasures – Computer-Based Controls • Authorization • The granting of a right or privilege, which enables a subject to legitimately have access to a system or a system’s object • Mechanism that determines whether user is, who he/he claims

  9. Countermeasures – Computer-Based Controls • Access control • Granting/revoking of privileges • Privilege • Allows user to create or access (read, write, modify) database object (relation, view, index) or run DBMS utilities • Granted to user to accomplish tasks required for jobs

  10. Countermeasures – Computer-Based Controls • Discretionary Access Control (DAC) • Provided by most DBMS • Effective • Weakness • Unauthorized user can trick authorized user into disclosing sensitive data • SQL standard supports DAC • GRANT and REVOKE commands • GRANT command • Gives privileges to users • REVOKE command • Takes privileges from users

  11. Countermeasures – Computer-Based Controls • Mandatory Access Control (MAC) • Based on system-wide policies • Cannot be changed by individual users • Not supported by SQL standard • Each database object assigned a security class • Each user assigned a clearance for a security class • Rules are imposed on reading and writing of database objects by users

  12. Countermeasures – Computer-Based Controls • MAC • Determines whether user can read/write object • Based on rules of security level of object and clearance of user • Rules ensure sensitive data never ‘passed on’ to another user without necessary clearance

  13. Bell-LaPudula Model • Each database object assigned security class • Each subject assigned clearance • Four classes: • Top secret (TS), Secret (S), Confidential (C), Unclassified (U) • TS > S > C > U • Two restrictions: • Simple Security property • Subject S is allowed to read Object O only if class(S) >= class(O) • *_Property • Subject S is allowed to write object O only if class(S) <= class (O)

  14. Popular Model for MAC called Bell-LaPudula

  15. Countermeasures – Computer-Based Controls • View • dynamic result of one or more relational operations operating on base relations to produce another relation • Virtual relation • Produced upon request by particular user, at time of request • Backup • Process of periodically taking copy of database, log file, programs to offline storage media • Journaling • Process of maintaining log file/journal of all changes made to database to enable effective recovery in event of failure

  16. Countermeasures – Computer-Based Controls • Integrity • Prevents invalid data • Misleading or incorrect results • Encryption • Encoding of data by special algorithm • Renders data unreadable by any program without decryption key

  17. RAID (Redundant Array of Independent Disks)Technology • DBMS hardware must be fault-tolerant • Continues to operate even if one hardware components fails • Main hardware components include: • Disk drives, disk controllers, CPU, power supplies, cooling fans • Disk drives most vulnerable component • Has shortest times between failures of other hardware components • Suggests having redundant components • Seamlessly integrated into working system whenever component failure occurs

  18. RAID (Redundant Array of Independent Disks)Technology • Large disk array comprising an arrangement of several independent disks • Organized to improve reliability and increase performance • Performance • Increased through data striping • Data segmented into equal-size partitions (striping unit) • Transparently distributed across multiple disks • Reliability • Improved through storing redundant information across the disks using parity scheme or error-correcting scheme

  19. RAID (Redundant Array of Independent Disks) Technology • Different disk configurations aka RAID levels • RAID 0 Nonredundant • RAID 1 Mirrored • RAID 0+1 Nonredundant and Mirrored • RAID 2 Memory-Style Error-Correcting Codes • RAID 3 Bit-Interleaved Parity • RAID 4 Block-Interleaved Parity • RAID 5 Block-Interleaved Distributed Parity • RAID 6 P+Q Redundancy

  20. DBMS and Web Security • Internet communication relies on TCP/IP • TCP/IP and HTTP not designed with security in mind • Without special software, all Internet traffic travels ‘in the clear’ • Anyone who monitors traffic can read it

  21. DBMS and Web Security • Must ensure while transmitting information over the Internet that: • inaccessible to anyone but sender and receiver (privacy); • not changed during transmission (integrity); • receiver can be sure it came from sender (authenticity); • sender can be sure receiver is genuine (non-fabrication); • sender cannot deny he or she sent it (non-repudiation).

  22. DBMS and Web Security • Measures include: • Proxy servers • Firewalls • Message digest algorithms and digital signatures • Digital certificates • Kerberos • Secure sockets layer (SSL) and Secure HTTP (S-HTTP) • Secure Electronic Transactions (SET) and Secure Transaction Technology (SST) • Java security • ActiveX security

  23. How Secure Electronic Transactions (SET) Works

  24. Chapter 19

More Related