SlideShare uma empresa Scribd logo

OS Database Security Chapter 6

Transferir como PPT, PDF
AfiqEfendy Zaen
AfiqEfendy Zaen
TecnologiaNegócios
1 de 49
11 CHAPTER 6CHAPTER 6 OPERATING SYSTEM &OPERATING SYSTEM & DATABASE SECURITYDATABASE SECURITY
22 Operating System SecurityOperating System Security
33 INTRODUCTIONINTRODUCTION What is an operating system?What is an operating system?  In simple words, OS is a computer program that manages allIn simple words, OS is a computer program that manages all other programs on the machine.other programs on the machine.  Every general-purpose computer must have an operatingEvery general-purpose computer must have an operating system to run other programs.system to run other programs.  OS performs basic tasks, such as recognizing input from theOS performs basic tasks, such as recognizing input from the keyboard, sending output to the display screen, keeping trackkeyboard, sending output to the display screen, keeping track of files and directories on the disk, and controlling peripheralof files and directories on the disk, and controlling peripheral devices such as disk drives and printers.devices such as disk drives and printers.
44 INTRODUCTIONINTRODUCTION What is Multiprogramming?What is Multiprogramming?  The concurrent execution of multiple programs by a singleThe concurrent execution of multiple programs by a single processing unit.processing unit.  Concurrent execution of several different programs by sharingConcurrent execution of several different programs by sharing the same central processing unit (CPU).the same central processing unit (CPU).  A form of processing in which a computer holds more thanA form of processing in which a computer holds more than one program in memory and works on them in round-robinone program in memory and works on them in round-robin fashion that is, by sharing out the processor's time so that eachfashion that is, by sharing out the processor's time so that each program receives some attention some of the time. This way ofprogram receives some attention some of the time. This way of working is in contrast to using the processor to run oneworking is in contrast to using the processor to run one program at a time.program at a time.
55 SECURITY METHODS OFSECURITY METHODS OF OPERATING SYSTEMSOPERATING SYSTEMS  The basis of protection isThe basis of protection is separationseparation – keeping one– keeping one user’s objects separate from other users.user’s objects separate from other users.  According to Rushby and Randell (1983) separationAccording to Rushby and Randell (1983) separation in OS can occur in several ways:in OS can occur in several ways:  Physical separationPhysical separation – processes use different physical– processes use different physical objects such as separate printers for output requiringobjects such as separate printers for output requiring different level of security.different level of security.  Temporal separationTemporal separation – processes having different security– processes having different security requirements are executed at different times.requirements are executed at different times.
66 SECURITY METHODS OFSECURITY METHODS OF OPERATING SYSTEMSOPERATING SYSTEMS  According to Rushby and Randell (1983) separationAccording to Rushby and Randell (1983) separation in OS can occur in several ways:in OS can occur in several ways:  Logical separationLogical separation – users operate under the illusion that– users operate under the illusion that no other processes exist as when an OS constraints ano other processes exist as when an OS constraints a program accesses so that it cannot access objects outside itsprogram accesses so that it cannot access objects outside its permited domain.permited domain.  Cryptographic separationCryptographic separation – processes conceal their data– processes conceal their data and computations in such a way that they are unintelligibleand computations in such a way that they are unintelligible outside processes.outside processes. But separation is only half of the answer – although we want to separate users and their objects, at the same time we want to be able to provide sharing for some of those objects.
77 SECURITY METHODS OFSECURITY METHODS OF OPERATING SYSTEMSOPERATING SYSTEMS  Besides separation, OS may offer protection at any ofBesides separation, OS may offer protection at any of several levels:several levels:  No protectionNo protection – these systems are appropriate when– these systems are appropriate when sensitive procedures are being run at separate time.sensitive procedures are being run at separate time.  IsolationIsolation – different processes running concurrently are– different processes running concurrently are unaware of the presence of each other. Each process has itsunaware of the presence of each other. Each process has its own address space, files and other objects.own address space, files and other objects.  Share all or share nothingShare all or share nothing – with this form of protection– with this form of protection the owner of an object declares it to be public (available tothe owner of an object declares it to be public (available to all users) or private (available only to its owner).all users) or private (available only to its owner).
88 SECURITY METHODS OFSECURITY METHODS OF OPERATING SYSTEMSOPERATING SYSTEMS  Besides separation, OS may offer protection at any of severalBesides separation, OS may offer protection at any of several levels:levels:  Share via access limitationShare via access limitation – the OS checks the– the OS checks the allowability of each potential access. Access control isallowability of each potential access. Access control is implemented for a specific user and a specific object – theimplemented for a specific user and a specific object – the OS acts as a guard between users and objects ensuring thatOS acts as a guard between users and objects ensuring that only authorized accesses occur.only authorized accesses occur.  Share by capabilityShare by capability – an extension of limited access– an extension of limited access sharing, where it allows dynamic creation of sharing rightssharing, where it allows dynamic creation of sharing rights for objects. The degree of sharing can depend on the ownerfor objects. The degree of sharing can depend on the owner or on the object itself.or on the object itself.  Limit use of and objectLimit use of and object – it limits not just the access to an– it limits not just the access to an object but the use made of that object after it has beenobject but the use made of that object after it has been accessed. For example : a user may have the right to view aaccessed. For example : a user may have the right to view a sensitive document but not allow to print a copy of it.sensitive document but not allow to print a copy of it.
99 Protecting Access to General ObjectsProtecting Access to General Objects  The term object and subject will be usedThe term object and subject will be used interchangeably where subject will refer to the user (ainterchangeably where subject will refer to the user (a programmer, a program, etc.) who uses theprogrammer, a program, etc.) who uses the computing system objects.computing system objects.  Here are some examples of the kinds of objects forHere are some examples of the kinds of objects for which protection is desirable:which protection is desirable:  MemoryMemory  A file or data set on an auxiliary storage deviceA file or data set on an auxiliary storage device  Directory filesDirectory files  InstructionsInstructions  Passwords and the user authentication mechanismsPasswords and the user authentication mechanisms
1010 Protecting Access to General ObjectsProtecting Access to General Objects  There are several ways to protect access toThere are several ways to protect access to general object:general object:  DirectoryDirectory  Access Control ListAccess Control List  Access Control MatrixAccess Control Matrix  CapabilityCapability
1111 Protecting Access to General ObjectsProtecting Access to General Objects DirectoryDirectory  Each user has a file directory which lists allEach user has a file directory which lists all the files to which that users has access.the files to which that users has access.  No user can be allowed to write in the fileNo user can be allowed to write in the file directory because that would be a way to forgedirectory because that would be a way to forge access to a file.access to a file.
1212 Protecting Access to General ObjectsProtecting Access to General Objects Access Control ListAccess Control List  This differs from the directory list because there isThis differs from the directory list because there is one access control list perone access control list per objectobject while a directory iswhile a directory is created for eachcreated for each subjectsubject..  Although this difference seems small, there are someAlthough this difference seems small, there are some significant advantages.significant advantages.  For example if subjects A and S both have access toFor example if subjects A and S both have access to object F, the OS will maintain just one access list forobject F, the OS will maintain just one access list for F showing the access rights for A and S.F showing the access rights for A and S.
1313 Access Control List - ACL An access list which specifies for each object, the list of valid subjects which can access it. E.g. For objects X, Y and Z with subjects A, B and C X : A (read), B (read, execute) Y : A (write) Z : A (read, execute), B (read), C (read, execute) A: r B: r B: x A: w A: r A: x B: r C: r C: x X Y Z Each column is stored with the object corresponding to that column
1414 Protecting Access to General ObjectsProtecting Access to General Objects Access Control MatrixAccess Control Matrix  It is a table in which each row represents a subject,It is a table in which each row represents a subject, each column represents an object and each entry iseach column represents an object and each entry is the set of rights for that subject to that object.the set of rights for that subject to that object. Data 1Data 1 Data 2Data 2 Prog 1Prog 1 Prog 2Prog 2 AliceAlice RWRW RWRW EE XX BobBob XX RR RWERWE RWRW CarolCarol XX WW XX EE
1515 Protecting Access to General ObjectsProtecting Access to General Objects CapabilityCapability  A capability is analogous to a ticket to a movie or anA capability is analogous to a ticket to a movie or an ID card that cannot be duplicatedID card that cannot be duplicated  Is an unforgeable token giving the possessor certainIs an unforgeable token giving the possessor certain rights to an object.rights to an object.  One way to make an unforgeable ticket is not to giveOne way to make an unforgeable ticket is not to give the ticket directly to the user – instead the OS holdsthe ticket directly to the user – instead the OS holds all the tickets on behalf of the users.all the tickets on behalf of the users.  A capability can be created only by specific requestA capability can be created only by specific request from a user to the OS.from a user to the OS.
1616 ..Capabilities e.g. for objects X, Y and Z with subjects A, B and C A: X (read), Y (read), Z (write, execute) B: X (read, execute), Z (read) C: Z (read, execute) X/r, Y/r, Z/w, Z/x X/r, X/x, Z/r Z/r, Z/x A B C Each row is stored with the subject corresponding to that row.
1717 PROTECTING MEMORY &PROTECTING MEMORY & ADDRESSINGADDRESSING  The most obvious problem of multiprogramming isThe most obvious problem of multiprogramming is preventing one program from affecting the memorypreventing one program from affecting the memory of other programs.of other programs.  There are several ways to protect memory andThere are several ways to protect memory and addressing :addressing :  FenceFence  RelocationRelocation  Base and Bound RegistersBase and Bound Registers  Tagged ArchitectureTagged Architecture  SegmentationSegmentation  PagingPaging
1818 PROTECTING MEMORY &PROTECTING MEMORY & ADDRESSINGADDRESSING FenceFence  Is a method to confine users to one side of the boundary.Is a method to confine users to one side of the boundary.  The fence is a predefine memory address, so that the OSThe fence is a predefine memory address, so that the OS resided on one side and the user on the other.resided on one side and the user on the other.  The implementation is very restrictive because a predefinedThe implementation is very restrictive because a predefined amount of space was reserved for the OS – and if less than thatamount of space was reserved for the OS – and if less than that amount of space was required, the excess space was wastedamount of space was required, the excess space was wasted and the OS could not grow beyond the fence boundary.and the OS could not grow beyond the fence boundary.  Another alternative is to implement the fence register.Another alternative is to implement the fence register.
1919 PROTECTING MEMORY &PROTECTING MEMORY & ADDRESSINGADDRESSING Fence RegisterFence Register  Contained the address of the end of the OS.Contained the address of the end of the OS.  This location of this fence could be changed.This location of this fence could be changed.  Each time a user program generated an address for dataEach time a user program generated an address for data modification, the address was automatically compared againstmodification, the address was automatically compared against the fence address – the address was greater than the fencethe fence address – the address was greater than the fence address (in the user area) the instruction was executed – if itaddress (in the user area) the instruction was executed – if it was less than the fence address (in the OS area) an errorwas less than the fence address (in the OS area) an error condition was raised.condition was raised.
2020 PROTECTING MEMORY &PROTECTING MEMORY & ADDRESSINGADDRESSING RelocationRelocation  Is the process of taking a program written as if itIs the process of taking a program written as if it began at address 0 and changing all addresses tobegan at address 0 and changing all addresses to reflect the actual address at which the program isreflect the actual address at which the program is located in memory.located in memory.  Conveniently, the fence register can be used in thisConveniently, the fence register can be used in this situation to provide an important extra benefit.situation to provide an important extra benefit.
2121 PROTECTING MEMORY &PROTECTING MEMORY & ADDRESSINGADDRESSING Base and Bound RegistersBase and Bound Registers  The concept is similar to fence register but haveThe concept is similar to fence register but have additional value since fence registers only acts asadditional value since fence registers only acts as base registers (stating the starting address but not thebase registers (stating the starting address but not the upper address).upper address).  Bound registers are often added to indicate the upperBound registers are often added to indicate the upper address limit.address limit.  In this way, a program’s addresses are neatlyIn this way, a program’s addresses are neatly confined to the space between the base and the boundconfined to the space between the base and the bound register.register.
2222 PROTECTING MEMORY &PROTECTING MEMORY & ADDRESSINGADDRESSING Tagged ArchitectureTagged Architecture  Error in coding is bound to happen and thisError in coding is bound to happen and this easily compromise the security based oneasily compromise the security based on base/bound registers techniques.base/bound registers techniques.  Solve with tagged architecture – every word ofSolve with tagged architecture – every word of machine memory has one or extra bits tomachine memory has one or extra bits to identify the access rights to that word.identify the access rights to that word.  These access bit are tested every time anThese access bit are tested every time an instruction accesses that location.instruction accesses that location.
2323 PROTECTING MEMORY &PROTECTING MEMORY & ADDRESSINGADDRESSING SegmentationSegmentation  The notation of dividing a program intoThe notation of dividing a program into separate pieces.separate pieces.  Each segment has a unique name.Each segment has a unique name.  A code or data item within a segment isA code or data item within a segment is addressed as a pair of <addressed as a pair of <name, offsetname, offset> where> where namename is the name of the segment andis the name of the segment and offsetoffset isis its location within the segment.its location within the segment.
2424 PROTECTING MEMORY &PROTECTING MEMORY & ADDRESSINGADDRESSING PagingPaging  Alternative to segmentationAlternative to segmentation  Each address is a two part object <Each address is a two part object <page, offsetpage, offset>>  The program is divided into equal size piecesThe program is divided into equal size pieces called pages and memory is divided into thecalled pages and memory is divided into the same sized units called page frames.same sized units called page frames.
2525 Designing Trusted Operating SystemDesigning Trusted Operating System What is a trusted system?What is a trusted system?  Security professionals speak of trusted ratherSecurity professionals speak of trusted rather than secure OS – connecting the ones thatthan secure OS – connecting the ones that meet their intended security requirements andmeet their intended security requirements and justify confidence in the quality.justify confidence in the quality.
2626 Designing Trusted Operating SystemDesigning Trusted Operating System SecureSecure versusversus TrustedTrusted SecureSecure TrustedTrusted  Either-or conceptEither-or concept  Graded – there are degree ofGraded – there are degree of “trustedness”“trustedness”  Property of presenterProperty of presenter  Property of receiverProperty of receiver  Asserted: based on productAsserted: based on product characteristicscharacteristics  Judged: based on evidence andJudged: based on evidence and analysisanalysis  Absolute: not qualified as toAbsolute: not qualified as to how, where, when or by whomhow, where, when or by whom usedused  Relative: viewed in context ofRelative: viewed in context of useuse  A goalA goal  A characteristicsA characteristics
2727 Designing Trusted Operating SystemDesigning Trusted Operating System Among the components underpinningAmong the components underpinning trusted OStrusted OS are:are:  Security policySecurity policy: a statement of the security we expect the: a statement of the security we expect the system to enforce.system to enforce.  ModelModel: the representation of the policy that the OS will: the representation of the policy that the OS will enforce.enforce.  DesignDesign: covers both what the trusted OS is and how it is: covers both what the trusted OS is and how it is to be constructedto be constructed  TrustTrust: based on two aspects that is: based on two aspects that is featuresfeatures (the OS has(the OS has all the necessary functionality needed to enforce theall the necessary functionality needed to enforce the expected security policy) andexpected security policy) and assuranceassurance (the OS has(the OS has been implemented in a such a way that we havebeen implemented in a such a way that we have confidence it will enforce the security policy).confidence it will enforce the security policy).
2828 Security PoliciesSecurity Policies  A Security policy is a statement of theA Security policy is a statement of the security we expect the system to enforcesecurity we expect the system to enforce
2929 Military Security PoliciesMilitary Security Policies (MSP)(MSP)  MSP is based on protecting classified informationMSP is based on protecting classified information  Five Levels-Five Levels- 1-unclassified1-unclassified 2-restricted2-restricted 3-confidential3-confidential 4-secret4-secret 5-top secret5-top secret
3030  Classified information may be associated with oneClassified information may be associated with one or more projects called compartmentor more projects called compartment  The combination of rank and compartment isThe combination of rank and compartment is called the class or classification of a piece ofcalled the class or classification of a piece of informationinformation  Clearance - a person is trusted to access certainClearance - a person is trusted to access certain information up to a level of sensitivity calledinformation up to a level of sensitivity called dominancedominance
3131 A subject can read an object only ifA subject can read an object only if a)a) The clearance level of the subject is at least asThe clearance level of the subject is at least as high as that of the informationhigh as that of the information b)b) The subject has a need to know about allThe subject has a need to know about all compartments for which the information iscompartments for which the information is classifiedclassified
3232 Military Security Policy Information classified <secret, {sweden}> can access/read by • <top secret, {sweden, crypto> or • <secret, {sweden, crypto}> But can’t access/read by • <top secret, {crypto}> or • <confidential, {sweden}>
3333 Chinese Wall Security PolicyChinese Wall Security Policy A conflict of interest exists when one person can obtain sensitiveA conflict of interest exists when one person can obtain sensitive information on competing companies.information on competing companies. 3 Levels of Abstraction:-3 Levels of Abstraction:- i) Objects- lowest levels are elementary objects example:-filesi) Objects- lowest levels are elementary objects example:-files each file contains information concerning only one groupeach file contains information concerning only one group companycompany ii) Company group- all object concerning each company areii) Company group- all object concerning each company are grouped togethergrouped together iii) Conflict classes- at the highest level, all groups of objectiveiii) Conflict classes- at the highest level, all groups of objective for competing companies are clustered.for competing companies are clustered. Each object thus belonging to a unique company group,andEach object thus belonging to a unique company group,and each company group contained in a unique conflict classeach company group contained in a unique conflict class
3434 A conflict class may contain one or moreA conflict class may contain one or more company groupcompany group Chinese wall policy is a commercially inspiredChinese wall policy is a commercially inspired confidentiality policy where as commercialconfidentiality policy where as commercial policies focus on integritypolicies focus on integrity
3535 Air Asia MAS Cadbury Vochele Hershey TNB Company group Conflict class Someone have a data on six company groups ACCESS SCHEME – a person can access any information as long as person as never accessed information from different company in the same conflict class Inspired confidentiality policy
3636 Security Features of TrustedSecurity Features of Trusted Operating SystemsOperating Systems  The features of trusted operating systems include:The features of trusted operating systems include:  User identificationUser identification: Trusted OS requires identification of: Trusted OS requires identification of individuals and each individual must be uniquelyindividuals and each individual must be uniquely identified.identified.  Mandatory access controlMandatory access control: access control policy decisions: access control policy decisions are made beyond the control of the individual owner of anare made beyond the control of the individual owner of an object – a central authority determines what information isobject – a central authority determines what information is to be accessible by whom and the user cannot change theto be accessible by whom and the user cannot change the access rights.access rights.  Discretionary access controlDiscretionary access control: the owner can determine who: the owner can determine who should have access rights to an object and what those rightsshould have access rights to an object and what those rights should be.should be.
3737 Security Features of TrustedSecurity Features of Trusted Operating SystemsOperating Systems  The features of trusted operating systemsThe features of trusted operating systems include:include:  Object reuse protectionObject reuse protection: to prevent object reuse: to prevent object reuse leakage, OS clear (overwrite) all space to beleakage, OS clear (overwrite) all space to be reassigned.reassigned.  Complete mediationComplete mediation: all accesses are checked.: all accesses are checked.  Trusted pathTrusted path: for critical operations such as setting: for critical operations such as setting a password or changing access permission – usersa password or changing access permission – users would required communication through a trustedwould required communication through a trusted path.path.
3838 Security Features of TrustedSecurity Features of Trusted Operating SystemsOperating Systems  The features of trusted operating systemsThe features of trusted operating systems include:include:  Accountability and auditAccountability and audit: maintaining a log of: maintaining a log of security-relevant events that have occurred, listingsecurity-relevant events that have occurred, listing each event and the person responsible.each event and the person responsible.  Intrusion detection systemIntrusion detection system: software builds usage: software builds usage patterns of the normal system and triggers an alarmpatterns of the normal system and triggers an alarm anytime the usage is abnormal.anytime the usage is abnormal.
3939 Hardening Your OSHardening Your OS Operating System HardeningOperating System Hardening  Hardening of operating systems is the first step towards safeguardingHardening of operating systems is the first step towards safeguarding systems from intrusion. Workstations and servers typically arrive from thesystems from intrusion. Workstations and servers typically arrive from the vendor, installed with a multitude of development tools and utilities,vendor, installed with a multitude of development tools and utilities, which, although beneficial to the new user, also provide potential back-which, although beneficial to the new user, also provide potential back- door access to an organisation's systems.door access to an organisation's systems.  Hardening of an operating system involves the removal of all non essentialHardening of an operating system involves the removal of all non essential tools, utilities and other systems administration options, any of whichtools, utilities and other systems administration options, any of which could be used to ease a hacker's path to your systems. Following this, thecould be used to ease a hacker's path to your systems. Following this, the hardening process will ensure that all appropriate security features arehardening process will ensure that all appropriate security features are activated and configured correctly. Again, 'out of the box' systems willactivated and configured correctly. Again, 'out of the box' systems will likely be set up for ease of access with access to 'root' / Administratorlikely be set up for ease of access with access to 'root' / Administrator account. Some vendors have now recognised that a market exists for pre-account. Some vendors have now recognised that a market exists for pre- hardened systems.hardened systems.
4040 Database SecurityDatabase Security
4141 IntroductionIntroduction  Database is a collection of data and set of rules thatDatabase is a collection of data and set of rules that organize the data by specifying certain relationshipsorganize the data by specifying certain relationships among data.among data.  Through these rules, the user describes a logicalThrough these rules, the user describes a logical format for the data.format for the data.  The user interacts with the data base through aThe user interacts with the data base through a program called a database manager or databaseprogram called a database manager or database management system (DBMS) informally known as amanagement system (DBMS) informally known as a front end.front end.
4242 IntroductionIntroduction Advantages of Using DatabasesAdvantages of Using Databases  Shared AccessShared Access – so that many users can use one common,– so that many users can use one common, centralized set of data.centralized set of data.  Minimal RedundancyMinimal Redundancy – so that individual users do not have to– so that individual users do not have to collect and maintain their own sets of data.collect and maintain their own sets of data.  Data consistencyData consistency – so that a change to a data value affects all– so that a change to a data value affects all users of the data value.users of the data value.  Data integrityData integrity – so that data values are protected against– so that data values are protected against accidental or malicious incorrect changes.accidental or malicious incorrect changes.  Controlled accessControlled access – so that only authorized users allowed to– so that only authorized users allowed to view or modify data values.view or modify data values.
4343 Security RequirementsSecurity Requirements  Physical data base integrityPhysical data base integrity – so that the data of a– so that the data of a database is immune to physical problems such asdatabase is immune to physical problems such as power failures and so that someone can reconstructpower failures and so that someone can reconstruct the database if it is destroy through a catastrophe.the database if it is destroy through a catastrophe.  Logical database integrityLogical database integrity – so that the structure of– so that the structure of the database is preserved. With logical integrity of athe database is preserved. With logical integrity of a database, a modification to the value of one field doesdatabase, a modification to the value of one field does not affect other fields.not affect other fields.
4444 Security RequirementsSecurity Requirements  Element integrityElement integrity – so that the data contained– so that the data contained in each element is accurate.in each element is accurate.  AuditabilityAuditability – to be able to track who has– to be able to track who has accessed (or modified) the elements in theaccessed (or modified) the elements in the database.database.  Access controlAccess control – so that a user is allowed to– so that a user is allowed to access only authorized data and so thataccess only authorized data and so that different users can be restricted to differentdifferent users can be restricted to different modes of access (such as read or write).modes of access (such as read or write).
4545 Security RequirementsSecurity Requirements  User authenticationUser authentication – to ensure that every user– to ensure that every user is positively identifed, both for the audit trailis positively identifed, both for the audit trail and for permission to access certain data.and for permission to access certain data.  AvailabilityAvailability – meaning that users can access– meaning that users can access the database in general and all the data forthe database in general and all the data for which they are authorized.which they are authorized.
4646 Sensitive DataSensitive Data  Sensitive data is data that should not madeSensitive data is data that should not made public.public.  Determining which data items are sensitiveDetermining which data items are sensitive depends on the individual database and thedepends on the individual database and the underlying meaning of the data.underlying meaning of the data.  Example: Library Public Catalog (no sensitiveExample: Library Public Catalog (no sensitive data) Military and Defense Databases (alldata) Military and Defense Databases (all sensitive data), a university Databases (somesensitive data), a university Databases (some but not all sensitive).but not all sensitive).
4747 Types of DisclosureTypes of Disclosure  Exact DataExact Data – the most serious disclosure is the exact– the most serious disclosure is the exact value of the sensitive data itself.value of the sensitive data itself.  BoundsBounds – indicating that a sensitive value (y) is– indicating that a sensitive value (y) is between values L and H.between values L and H.  Negative resultNegative result – Sometimes one can word a query to– Sometimes one can word a query to determine a negative results (determine a negative results (zz is not the value ofis not the value of yy).).  ExistenceExistence – the existence of data itself a sensitive– the existence of data itself a sensitive piece of data regardless of the actual value.piece of data regardless of the actual value.  Probable valueProbable value – it may be possible to determine the– it may be possible to determine the probability that a certain element has a certain value.probability that a certain element has a certain value.
4848 Proposals for Secure MultilevelProposals for Secure Multilevel DatabasesDatabases PartitioningPartitioning  The database is divided into separateThe database is divided into separate databases, each at its own level of sensitivity.databases, each at its own level of sensitivity.  This approach is similar to maintainingThis approach is similar to maintaining separate files in separate file cabinets.separate files in separate file cabinets.
4949 Proposals for Secure MultilevelProposals for Secure Multilevel DatabasesDatabases EncryptionEncryption  If sensitive data is encrypted, a user whoIf sensitive data is encrypted, a user who accidentally receives sensitive data cannotaccidentally receives sensitive data cannot interpret the data.interpret the data.

Recomendados

Introduction to Network Security
Introduction to Network SecurityIntroduction to Network Security
Introduction to Network SecurityJohn Ely Masculino
 
Database security
Database securityDatabase security
Database securityCAS
 
Operating system security
Operating system securityOperating system security
Operating system securityRamesh Ogania
 
Information security
Information securityInformation security
Information securityLusungu Mkandawire CISA,CISM,CGEIT,CPF,PRINCE2
 
Information Security
Information SecurityInformation Security
Information SecurityDhilsath Fathima
 
The CIA triad.pptx
The CIA triad.pptxThe CIA triad.pptx
The CIA triad.pptxGulnurAzat
 
Cloud deployment models
Cloud deployment modelsCloud deployment models
Cloud deployment modelsAshok Kumar
 
Protection and security
Protection and securityProtection and security
Protection and securitymbadhi
 

Recomendados

Introduction to Network Security
Introduction to Network SecurityIntroduction to Network Security
Introduction to Network SecurityJohn Ely Masculino
 
Database security
Database securityDatabase security
Database securityCAS
 
Operating system security
Operating system securityOperating system security
Operating system securityRamesh Ogania
 
Information security
Information securityInformation security
Information securityLusungu Mkandawire CISA,CISM,CGEIT,CPF,PRINCE2
 
Information Security
Information SecurityInformation Security
Information SecurityDhilsath Fathima
 
The CIA triad.pptx
The CIA triad.pptxThe CIA triad.pptx
The CIA triad.pptxGulnurAzat
 
Cloud deployment models
Cloud deployment modelsCloud deployment models
Cloud deployment modelsAshok Kumar
 
Protection and security
Protection and securityProtection and security
Protection and securitymbadhi
 
System security
System securitySystem security
System securitysommerville-videos
 
Network management ppt
Network management pptNetwork management ppt
Network management pptDheerajPachauri
 
Information Security- Threats and Attacks presentation by DHEERAJ KATARIA
Information Security- Threats and Attacks presentation by DHEERAJ KATARIAInformation Security- Threats and Attacks presentation by DHEERAJ KATARIA
Information Security- Threats and Attacks presentation by DHEERAJ KATARIADheeraj Kataria
 
Data security in cloud computing
Data security in cloud computingData security in cloud computing
Data security in cloud computingPrince Chandu
 
Computer security concepts
Computer security conceptsComputer security concepts
Computer security conceptsG Prachi
 
Cloud security ppt
Cloud security pptCloud security ppt
Cloud security pptVenkatesh Chary
 
Distributed computing ).ppt him
Distributed computing ).ppt himDistributed computing ).ppt him
Distributed computing ).ppt himHimanshu Saini
 
Information Security Lecture #1 ppt
Information Security Lecture #1 pptInformation Security Lecture #1 ppt
Information Security Lecture #1 pptvasanthimuniasamy
 
CLOUD COMPUTING AND STORAGE
CLOUD COMPUTING AND STORAGECLOUD COMPUTING AND STORAGE
CLOUD COMPUTING AND STORAGEShalini Toluchuri
 
SE_Lec 05_System Modelling and Context Model
SE_Lec 05_System Modelling and Context ModelSE_Lec 05_System Modelling and Context Model
SE_Lec 05_System Modelling and Context ModelAmr E. Mohamed
 
Security models
Security models Security models
Security models LJ PROJECTS
 
Database security
Database securityDatabase security
Database securitySoftware Engineering
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security FundamentalsRahmat Suhatman
 
Information security
Information security Information security
Information security razendar79
 
03 cia
03 cia03 cia
03 ciaJadavsejal
 
File Management in Operating System
File Management in Operating SystemFile Management in Operating System
File Management in Operating SystemJanki Shah
 
Information Security Blueprint
Information Security BlueprintInformation Security Blueprint
Information Security BlueprintZefren Edior
 
Cloud Computing Security Challenges
Cloud Computing Security ChallengesCloud Computing Security Challenges
Cloud Computing Security ChallengesYateesh Yadav
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detectionCAS
 
Overview of Information Security & Privacy
Overview of Information Security & PrivacyOverview of Information Security & Privacy
Overview of Information Security & PrivacyNawanan Theera-Ampornpunt
 
Network Security Chapter 7
Network Security Chapter 7Network Security Chapter 7
Network Security Chapter 7AfiqEfendy Zaen
 
Virus and Malicious Code Chapter 5
Virus and Malicious Code Chapter 5Virus and Malicious Code Chapter 5
Virus and Malicious Code Chapter 5AfiqEfendy Zaen
 

Mais conteúdo relacionado

Mais procurados

Information Security- Threats and Attacks presentation by DHEERAJ KATARIA
Information Security- Threats and Attacks presentation by DHEERAJ KATARIAInformation Security- Threats and Attacks presentation by DHEERAJ KATARIA
Information Security- Threats and Attacks presentation by DHEERAJ KATARIADheeraj Kataria
 
Data security in cloud computing
Data security in cloud computingData security in cloud computing
Data security in cloud computingPrince Chandu
 
Computer security concepts
Computer security conceptsComputer security concepts
Computer security conceptsG Prachi
 
Distributed computing ).ppt him
Distributed computing ).ppt himDistributed computing ).ppt him
Distributed computing ).ppt himHimanshu Saini
 
Information Security Lecture #1 ppt
Information Security Lecture #1 pptInformation Security Lecture #1 ppt
Information Security Lecture #1 pptvasanthimuniasamy
 
SE_Lec 05_System Modelling and Context Model
SE_Lec 05_System Modelling and Context ModelSE_Lec 05_System Modelling and Context Model
SE_Lec 05_System Modelling and Context ModelAmr E. Mohamed
 
Security models
Security models Security models
Security models LJ PROJECTS
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security FundamentalsRahmat Suhatman
 
Information security
Information security Information security
Information security razendar79
 
File Management in Operating System
File Management in Operating SystemFile Management in Operating System
File Management in Operating SystemJanki Shah
 
Information Security Blueprint
Information Security BlueprintInformation Security Blueprint
Information Security BlueprintZefren Edior
 
Cloud Computing Security Challenges
Cloud Computing Security ChallengesCloud Computing Security Challenges
Cloud Computing Security ChallengesYateesh Yadav
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detectionCAS
 

Mais procurados (20)

System security
System securitySystem security
System security
 
Network management ppt
Network management pptNetwork management ppt
Network management ppt
 
Information Security- Threats and Attacks presentation by DHEERAJ KATARIA
Information Security- Threats and Attacks presentation by DHEERAJ KATARIAInformation Security- Threats and Attacks presentation by DHEERAJ KATARIA
Information Security- Threats and Attacks presentation by DHEERAJ KATARIA
 
Data security in cloud computing
Data security in cloud computingData security in cloud computing
Data security in cloud computing
 
Computer security concepts
Computer security conceptsComputer security concepts
Computer security concepts
 
Cloud security ppt
Cloud security pptCloud security ppt
Cloud security ppt
 
Distributed computing ).ppt him
Distributed computing ).ppt himDistributed computing ).ppt him
Distributed computing ).ppt him
 
Information Security Lecture #1 ppt
Information Security Lecture #1 pptInformation Security Lecture #1 ppt
Information Security Lecture #1 ppt
 
CLOUD COMPUTING AND STORAGE
CLOUD COMPUTING AND STORAGECLOUD COMPUTING AND STORAGE
CLOUD COMPUTING AND STORAGE
 
SE_Lec 05_System Modelling and Context Model
SE_Lec 05_System Modelling and Context ModelSE_Lec 05_System Modelling and Context Model
SE_Lec 05_System Modelling and Context Model
 
Security models
Security models Security models
Security models
 
Database security
Database securityDatabase security
Database security
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security Fundamentals
 
Information security
Information security Information security
Information security
 
03 cia
03 cia03 cia
03 cia
 
File Management in Operating System
File Management in Operating SystemFile Management in Operating System
File Management in Operating System
 
Information Security Blueprint
Information Security BlueprintInformation Security Blueprint
Information Security Blueprint
 
Cloud Computing Security Challenges
Cloud Computing Security ChallengesCloud Computing Security Challenges
Cloud Computing Security Challenges
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detection
 
Overview of Information Security & Privacy
Overview of Information Security & PrivacyOverview of Information Security & Privacy
Overview of Information Security & Privacy
 

Destaque

Network Security Chapter 7
Network Security Chapter 7Network Security Chapter 7
Network Security Chapter 7AfiqEfendy Zaen
 
Virus and Malicious Code Chapter 5
Virus and Malicious Code Chapter 5Virus and Malicious Code Chapter 5
Virus and Malicious Code Chapter 5AfiqEfendy Zaen
 
1. chapter 1 introduction of Finance
1. chapter 1 introduction of Finance1. chapter 1 introduction of Finance
1. chapter 1 introduction of FinanceAfiqEfendy Zaen
 
Protocols and Practices in Using Encryption Chapter 4
Protocols and Practices in Using Encryption Chapter 4Protocols and Practices in Using Encryption Chapter 4
Protocols and Practices in Using Encryption Chapter 4AfiqEfendy Zaen
 
Secure Encyrption Systems Chapter 2
Secure Encyrption Systems Chapter 2Secure Encyrption Systems Chapter 2
Secure Encyrption Systems Chapter 2AfiqEfendy Zaen
 
Basic Security Chapter 1
Basic Security Chapter 1Basic Security Chapter 1
Basic Security Chapter 1AfiqEfendy Zaen
 
Basic Encryption Decryption Chapter 2
Basic Encryption Decryption Chapter 2Basic Encryption Decryption Chapter 2
Basic Encryption Decryption Chapter 2AfiqEfendy Zaen
 
Threats to information security
Threats to information securityThreats to information security
Threats to information securityswapneel07
 
2. financial statement cash flow
2. financial statement cash flow2. financial statement cash flow
2. financial statement cash flowAfiqEfendy Zaen
 
Security & protection in operating system
Security & protection in operating systemSecurity & protection in operating system
Security & protection in operating systemAbou Bakr Ashraf
 
Introdution To Finance
Introdution To FinanceIntrodution To Finance
Introdution To FinanceYousef Hani
 
10. cash flow in capital budgeting
10. cash flow in capital budgeting10. cash flow in capital budgeting
10. cash flow in capital budgetingAfiqEfendy Zaen
 
Database Security
Database SecurityDatabase Security
Database Securityalraee
 

Destaque (17)

Network Security Chapter 7
Network Security Chapter 7Network Security Chapter 7
Network Security Chapter 7
 
Virus and Malicious Code Chapter 5
Virus and Malicious Code Chapter 5Virus and Malicious Code Chapter 5
Virus and Malicious Code Chapter 5
 
1. chapter 1 introduction of Finance
1. chapter 1 introduction of Finance1. chapter 1 introduction of Finance
1. chapter 1 introduction of Finance
 
Protocols and Practices in Using Encryption Chapter 4
Protocols and Practices in Using Encryption Chapter 4Protocols and Practices in Using Encryption Chapter 4
Protocols and Practices in Using Encryption Chapter 4
 
Secure Encyrption Systems Chapter 2
Secure Encyrption Systems Chapter 2Secure Encyrption Systems Chapter 2
Secure Encyrption Systems Chapter 2
 
Basic Security Chapter 1
Basic Security Chapter 1Basic Security Chapter 1
Basic Security Chapter 1
 
Basic Encryption Decryption Chapter 2
Basic Encryption Decryption Chapter 2Basic Encryption Decryption Chapter 2
Basic Encryption Decryption Chapter 2
 
Register & Memory
Register & MemoryRegister & Memory
Register & Memory
 
Threats to information security
Threats to information securityThreats to information security
Threats to information security
 
3 financial ratio
3 financial ratio3 financial ratio
3 financial ratio
 
Security threats
Security threatsSecurity threats
Security threats
 
2. financial statement cash flow
2. financial statement cash flow2. financial statement cash flow
2. financial statement cash flow
 
Security & protection in operating system
Security & protection in operating systemSecurity & protection in operating system
Security & protection in operating system
 
Introdution To Finance
Introdution To FinanceIntrodution To Finance
Introdution To Finance
 
Computer Security Threats
Computer Security ThreatsComputer Security Threats
Computer Security Threats
 
10. cash flow in capital budgeting
10. cash flow in capital budgeting10. cash flow in capital budgeting
10. cash flow in capital budgeting
 
Database Security
Database SecurityDatabase Security
Database Security
 

Semelhante a OS Database Security Chapter 6

System protection in Operating System
System protection in Operating SystemSystem protection in Operating System
System protection in Operating Systemsohaildanish
 
Exploitation and distribution of setuid and setgid binaries on Linux systems
Exploitation and distribution of setuid and setgid binaries on Linux systemsExploitation and distribution of setuid and setgid binaries on Linux systems
Exploitation and distribution of setuid and setgid binaries on Linux systemsZero Science Lab
 
Operating Systems R20 Unit 1.pptx
Operating Systems R20 Unit 1.pptxOperating Systems R20 Unit 1.pptx
Operating Systems R20 Unit 1.pptxPrudhvi668506
 
Unix SVR4/OpenSolaris and allumos Access Control
Unix SVR4/OpenSolaris and allumos Access ControlUnix SVR4/OpenSolaris and allumos Access Control
Unix SVR4/OpenSolaris and allumos Access ControlSalem Elbargathy
 
Osonto documentatie
Osonto documentatieOsonto documentatie
Osonto documentatiewondernet
 
CSI-503 - 10. Security & Protection (Operating System)
CSI-503 - 10. Security & Protection (Operating System) CSI-503 - 10. Security & Protection (Operating System)
CSI-503 - 10. Security & Protection (Operating System) ghayour abbas
 
chapter 3 opreating system lecture note and its is impaortamt concept for mn
chapter 3 opreating system lecture note and its is impaortamt concept for mnchapter 3 opreating system lecture note and its is impaortamt concept for mn
chapter 3 opreating system lecture note and its is impaortamt concept for mndejenehundaol91
 
operating system calls input and output by (rohit malav)
operating system calls input and output by (rohit malav)operating system calls input and output by (rohit malav)
operating system calls input and output by (rohit malav)Rohit malav
 
16. Computer Systems Basic Software 2
16. Computer Systems Basic Software 216. Computer Systems Basic Software 2
16. Computer Systems Basic Software 2New Era University
 
01. english version operating system
01. english version operating system01. english version operating system
01. english version operating systemJimmi Sitorus
 
Protection and security of operating system
Protection and security of operating systemProtection and security of operating system
Protection and security of operating systemAbdullah Khosa
 

Semelhante a OS Database Security Chapter 6 (20)

System protection in Operating System
System protection in Operating SystemSystem protection in Operating System
System protection in Operating System
 
Exploitation and distribution of setuid and setgid binaries on Linux systems
Exploitation and distribution of setuid and setgid binaries on Linux systemsExploitation and distribution of setuid and setgid binaries on Linux systems
Exploitation and distribution of setuid and setgid binaries on Linux systems
 
Os lecture 6
Os lecture 6Os lecture 6
Os lecture 6
 
Operating Systems R20 Unit 1.pptx
Operating Systems R20 Unit 1.pptxOperating Systems R20 Unit 1.pptx
Operating Systems R20 Unit 1.pptx
 
OS Security 2009
OS Security 2009OS Security 2009
OS Security 2009
 
Unix SVR4/OpenSolaris and allumos Access Control
Unix SVR4/OpenSolaris and allumos Access ControlUnix SVR4/OpenSolaris and allumos Access Control
Unix SVR4/OpenSolaris and allumos Access Control
 
Osonto documentatie
Osonto documentatieOsonto documentatie
Osonto documentatie
 
CSI-503 - 10. Security & Protection (Operating System)
CSI-503 - 10. Security & Protection (Operating System) CSI-503 - 10. Security & Protection (Operating System)
CSI-503 - 10. Security & Protection (Operating System)
 
chapter 3 opreating system lecture note and its is impaortamt concept for mn
chapter 3 opreating system lecture note and its is impaortamt concept for mnchapter 3 opreating system lecture note and its is impaortamt concept for mn
chapter 3 opreating system lecture note and its is impaortamt concept for mn
 
Ch11
Ch11Ch11
Ch11
 
Ch11 system administration
Ch11 system administration Ch11 system administration
Ch11 system administration
 
Protection
ProtectionProtection
Protection
 
OS Lec2.pptx
OS Lec2.pptxOS Lec2.pptx
OS Lec2.pptx
 
operating system calls input and output by (rohit malav)
operating system calls input and output by (rohit malav)operating system calls input and output by (rohit malav)
operating system calls input and output by (rohit malav)
 
VOSUnit
VOSUnitVOSUnit
VOSUnit
 
16. Computer Systems Basic Software 2
16. Computer Systems Basic Software 216. Computer Systems Basic Software 2
16. Computer Systems Basic Software 2
 
01. english version operating system
01. english version operating system01. english version operating system
01. english version operating system
 
Hiding files.pptx
Hiding files.pptxHiding files.pptx
Hiding files.pptx
 
Protection and security of operating system
Protection and security of operating systemProtection and security of operating system
Protection and security of operating system
 
OpeatingSystemPPT
OpeatingSystemPPTOpeatingSystemPPT
OpeatingSystemPPT
 

Mais de AfiqEfendy Zaen

10. short term financial planning
10. short term financial planning10. short term financial planning
10. short term financial planningAfiqEfendy Zaen
 

Mais de AfiqEfendy Zaen (6)

10. short term financial planning
10. short term financial planning10. short term financial planning
10. short term financial planning
 
9. cost of capital
9. cost of capital9. cost of capital
9. cost of capital
 
8. stock valuation
8. stock valuation8. stock valuation
8. stock valuation
 
6. risk return
6. risk return6. risk return
6. risk return
 
6. bond valuation
6. bond valuation6. bond valuation
6. bond valuation
 
4. time value of money
4. time value of money4. time value of money
4. time value of money
 

Último

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Principled Technologies
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 

Último (20)

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 

OS Database Security Chapter 6

  • 1. 11 CHAPTER 6CHAPTER 6 OPERATING SYSTEM &OPERATING SYSTEM & DATABASE SECURITYDATABASE SECURITY
  • 3. 33 INTRODUCTIONINTRODUCTION What is an operating system?What is an operating system?  In simple words, OS is a computer program that manages allIn simple words, OS is a computer program that manages all other programs on the machine.other programs on the machine.  Every general-purpose computer must have an operatingEvery general-purpose computer must have an operating system to run other programs.system to run other programs.  OS performs basic tasks, such as recognizing input from theOS performs basic tasks, such as recognizing input from the keyboard, sending output to the display screen, keeping trackkeyboard, sending output to the display screen, keeping track of files and directories on the disk, and controlling peripheralof files and directories on the disk, and controlling peripheral devices such as disk drives and printers.devices such as disk drives and printers.
  • 4. 44 INTRODUCTIONINTRODUCTION What is Multiprogramming?What is Multiprogramming?  The concurrent execution of multiple programs by a singleThe concurrent execution of multiple programs by a single processing unit.processing unit.  Concurrent execution of several different programs by sharingConcurrent execution of several different programs by sharing the same central processing unit (CPU).the same central processing unit (CPU).  A form of processing in which a computer holds more thanA form of processing in which a computer holds more than one program in memory and works on them in round-robinone program in memory and works on them in round-robin fashion that is, by sharing out the processor's time so that eachfashion that is, by sharing out the processor's time so that each program receives some attention some of the time. This way ofprogram receives some attention some of the time. This way of working is in contrast to using the processor to run oneworking is in contrast to using the processor to run one program at a time.program at a time.
  • 5. 55 SECURITY METHODS OFSECURITY METHODS OF OPERATING SYSTEMSOPERATING SYSTEMS  The basis of protection isThe basis of protection is separationseparation – keeping one– keeping one user’s objects separate from other users.user’s objects separate from other users.  According to Rushby and Randell (1983) separationAccording to Rushby and Randell (1983) separation in OS can occur in several ways:in OS can occur in several ways:  Physical separationPhysical separation – processes use different physical– processes use different physical objects such as separate printers for output requiringobjects such as separate printers for output requiring different level of security.different level of security.  Temporal separationTemporal separation – processes having different security– processes having different security requirements are executed at different times.requirements are executed at different times.
  • 6. 66 SECURITY METHODS OFSECURITY METHODS OF OPERATING SYSTEMSOPERATING SYSTEMS  According to Rushby and Randell (1983) separationAccording to Rushby and Randell (1983) separation in OS can occur in several ways:in OS can occur in several ways:  Logical separationLogical separation – users operate under the illusion that– users operate under the illusion that no other processes exist as when an OS constraints ano other processes exist as when an OS constraints a program accesses so that it cannot access objects outside itsprogram accesses so that it cannot access objects outside its permited domain.permited domain.  Cryptographic separationCryptographic separation – processes conceal their data– processes conceal their data and computations in such a way that they are unintelligibleand computations in such a way that they are unintelligible outside processes.outside processes. But separation is only half of the answer – although we want to separate users and their objects, at the same time we want to be able to provide sharing for some of those objects.
  • 7. 77 SECURITY METHODS OFSECURITY METHODS OF OPERATING SYSTEMSOPERATING SYSTEMS  Besides separation, OS may offer protection at any ofBesides separation, OS may offer protection at any of several levels:several levels:  No protectionNo protection – these systems are appropriate when– these systems are appropriate when sensitive procedures are being run at separate time.sensitive procedures are being run at separate time.  IsolationIsolation – different processes running concurrently are– different processes running concurrently are unaware of the presence of each other. Each process has itsunaware of the presence of each other. Each process has its own address space, files and other objects.own address space, files and other objects.  Share all or share nothingShare all or share nothing – with this form of protection– with this form of protection the owner of an object declares it to be public (available tothe owner of an object declares it to be public (available to all users) or private (available only to its owner).all users) or private (available only to its owner).
  • 8. 88 SECURITY METHODS OFSECURITY METHODS OF OPERATING SYSTEMSOPERATING SYSTEMS  Besides separation, OS may offer protection at any of severalBesides separation, OS may offer protection at any of several levels:levels:  Share via access limitationShare via access limitation – the OS checks the– the OS checks the allowability of each potential access. Access control isallowability of each potential access. Access control is implemented for a specific user and a specific object – theimplemented for a specific user and a specific object – the OS acts as a guard between users and objects ensuring thatOS acts as a guard between users and objects ensuring that only authorized accesses occur.only authorized accesses occur.  Share by capabilityShare by capability – an extension of limited access– an extension of limited access sharing, where it allows dynamic creation of sharing rightssharing, where it allows dynamic creation of sharing rights for objects. The degree of sharing can depend on the ownerfor objects. The degree of sharing can depend on the owner or on the object itself.or on the object itself.  Limit use of and objectLimit use of and object – it limits not just the access to an– it limits not just the access to an object but the use made of that object after it has beenobject but the use made of that object after it has been accessed. For example : a user may have the right to view aaccessed. For example : a user may have the right to view a sensitive document but not allow to print a copy of it.sensitive document but not allow to print a copy of it.
  • 9. 99 Protecting Access to General ObjectsProtecting Access to General Objects  The term object and subject will be usedThe term object and subject will be used interchangeably where subject will refer to the user (ainterchangeably where subject will refer to the user (a programmer, a program, etc.) who uses theprogrammer, a program, etc.) who uses the computing system objects.computing system objects.  Here are some examples of the kinds of objects forHere are some examples of the kinds of objects for which protection is desirable:which protection is desirable:  MemoryMemory  A file or data set on an auxiliary storage deviceA file or data set on an auxiliary storage device  Directory filesDirectory files  InstructionsInstructions  Passwords and the user authentication mechanismsPasswords and the user authentication mechanisms
  • 10. 1010 Protecting Access to General ObjectsProtecting Access to General Objects  There are several ways to protect access toThere are several ways to protect access to general object:general object:  DirectoryDirectory  Access Control ListAccess Control List  Access Control MatrixAccess Control Matrix  CapabilityCapability
  • 11. 1111 Protecting Access to General ObjectsProtecting Access to General Objects DirectoryDirectory  Each user has a file directory which lists allEach user has a file directory which lists all the files to which that users has access.the files to which that users has access.  No user can be allowed to write in the fileNo user can be allowed to write in the file directory because that would be a way to forgedirectory because that would be a way to forge access to a file.access to a file.
  • 12. 1212 Protecting Access to General ObjectsProtecting Access to General Objects Access Control ListAccess Control List  This differs from the directory list because there isThis differs from the directory list because there is one access control list perone access control list per objectobject while a directory iswhile a directory is created for eachcreated for each subjectsubject..  Although this difference seems small, there are someAlthough this difference seems small, there are some significant advantages.significant advantages.  For example if subjects A and S both have access toFor example if subjects A and S both have access to object F, the OS will maintain just one access list forobject F, the OS will maintain just one access list for F showing the access rights for A and S.F showing the access rights for A and S.
  • 13. 1313 Access Control List - ACL An access list which specifies for each object, the list of valid subjects which can access it. E.g. For objects X, Y and Z with subjects A, B and C X : A (read), B (read, execute) Y : A (write) Z : A (read, execute), B (read), C (read, execute) A: r B: r B: x A: w A: r A: x B: r C: r C: x X Y Z Each column is stored with the object corresponding to that column
  • 14. 1414 Protecting Access to General ObjectsProtecting Access to General Objects Access Control MatrixAccess Control Matrix  It is a table in which each row represents a subject,It is a table in which each row represents a subject, each column represents an object and each entry iseach column represents an object and each entry is the set of rights for that subject to that object.the set of rights for that subject to that object. Data 1Data 1 Data 2Data 2 Prog 1Prog 1 Prog 2Prog 2 AliceAlice RWRW RWRW EE XX BobBob XX RR RWERWE RWRW CarolCarol XX WW XX EE
  • 15. 1515 Protecting Access to General ObjectsProtecting Access to General Objects CapabilityCapability  A capability is analogous to a ticket to a movie or anA capability is analogous to a ticket to a movie or an ID card that cannot be duplicatedID card that cannot be duplicated  Is an unforgeable token giving the possessor certainIs an unforgeable token giving the possessor certain rights to an object.rights to an object.  One way to make an unforgeable ticket is not to giveOne way to make an unforgeable ticket is not to give the ticket directly to the user – instead the OS holdsthe ticket directly to the user – instead the OS holds all the tickets on behalf of the users.all the tickets on behalf of the users.  A capability can be created only by specific requestA capability can be created only by specific request from a user to the OS.from a user to the OS.
  • 16. 1616 ..Capabilities e.g. for objects X, Y and Z with subjects A, B and C A: X (read), Y (read), Z (write, execute) B: X (read, execute), Z (read) C: Z (read, execute) X/r, Y/r, Z/w, Z/x X/r, X/x, Z/r Z/r, Z/x A B C Each row is stored with the subject corresponding to that row.
  • 17. 1717 PROTECTING MEMORY &PROTECTING MEMORY & ADDRESSINGADDRESSING  The most obvious problem of multiprogramming isThe most obvious problem of multiprogramming is preventing one program from affecting the memorypreventing one program from affecting the memory of other programs.of other programs.  There are several ways to protect memory andThere are several ways to protect memory and addressing :addressing :  FenceFence  RelocationRelocation  Base and Bound RegistersBase and Bound Registers  Tagged ArchitectureTagged Architecture  SegmentationSegmentation  PagingPaging
  • 18. 1818 PROTECTING MEMORY &PROTECTING MEMORY & ADDRESSINGADDRESSING FenceFence  Is a method to confine users to one side of the boundary.Is a method to confine users to one side of the boundary.  The fence is a predefine memory address, so that the OSThe fence is a predefine memory address, so that the OS resided on one side and the user on the other.resided on one side and the user on the other.  The implementation is very restrictive because a predefinedThe implementation is very restrictive because a predefined amount of space was reserved for the OS – and if less than thatamount of space was reserved for the OS – and if less than that amount of space was required, the excess space was wastedamount of space was required, the excess space was wasted and the OS could not grow beyond the fence boundary.and the OS could not grow beyond the fence boundary.  Another alternative is to implement the fence register.Another alternative is to implement the fence register.
  • 19. 1919 PROTECTING MEMORY &PROTECTING MEMORY & ADDRESSINGADDRESSING Fence RegisterFence Register  Contained the address of the end of the OS.Contained the address of the end of the OS.  This location of this fence could be changed.This location of this fence could be changed.  Each time a user program generated an address for dataEach time a user program generated an address for data modification, the address was automatically compared againstmodification, the address was automatically compared against the fence address – the address was greater than the fencethe fence address – the address was greater than the fence address (in the user area) the instruction was executed – if itaddress (in the user area) the instruction was executed – if it was less than the fence address (in the OS area) an errorwas less than the fence address (in the OS area) an error condition was raised.condition was raised.
  • 20. 2020 PROTECTING MEMORY &PROTECTING MEMORY & ADDRESSINGADDRESSING RelocationRelocation  Is the process of taking a program written as if itIs the process of taking a program written as if it began at address 0 and changing all addresses tobegan at address 0 and changing all addresses to reflect the actual address at which the program isreflect the actual address at which the program is located in memory.located in memory.  Conveniently, the fence register can be used in thisConveniently, the fence register can be used in this situation to provide an important extra benefit.situation to provide an important extra benefit.
  • 21. 2121 PROTECTING MEMORY &PROTECTING MEMORY & ADDRESSINGADDRESSING Base and Bound RegistersBase and Bound Registers  The concept is similar to fence register but haveThe concept is similar to fence register but have additional value since fence registers only acts asadditional value since fence registers only acts as base registers (stating the starting address but not thebase registers (stating the starting address but not the upper address).upper address).  Bound registers are often added to indicate the upperBound registers are often added to indicate the upper address limit.address limit.  In this way, a program’s addresses are neatlyIn this way, a program’s addresses are neatly confined to the space between the base and the boundconfined to the space between the base and the bound register.register.
  • 22. 2222 PROTECTING MEMORY &PROTECTING MEMORY & ADDRESSINGADDRESSING Tagged ArchitectureTagged Architecture  Error in coding is bound to happen and thisError in coding is bound to happen and this easily compromise the security based oneasily compromise the security based on base/bound registers techniques.base/bound registers techniques.  Solve with tagged architecture – every word ofSolve with tagged architecture – every word of machine memory has one or extra bits tomachine memory has one or extra bits to identify the access rights to that word.identify the access rights to that word.  These access bit are tested every time anThese access bit are tested every time an instruction accesses that location.instruction accesses that location.
  • 23. 2323 PROTECTING MEMORY &PROTECTING MEMORY & ADDRESSINGADDRESSING SegmentationSegmentation  The notation of dividing a program intoThe notation of dividing a program into separate pieces.separate pieces.  Each segment has a unique name.Each segment has a unique name.  A code or data item within a segment isA code or data item within a segment is addressed as a pair of <addressed as a pair of <name, offsetname, offset> where> where namename is the name of the segment andis the name of the segment and offsetoffset isis its location within the segment.its location within the segment.
  • 24. 2424 PROTECTING MEMORY &PROTECTING MEMORY & ADDRESSINGADDRESSING PagingPaging  Alternative to segmentationAlternative to segmentation  Each address is a two part object <Each address is a two part object <page, offsetpage, offset>>  The program is divided into equal size piecesThe program is divided into equal size pieces called pages and memory is divided into thecalled pages and memory is divided into the same sized units called page frames.same sized units called page frames.
  • 25. 2525 Designing Trusted Operating SystemDesigning Trusted Operating System What is a trusted system?What is a trusted system?  Security professionals speak of trusted ratherSecurity professionals speak of trusted rather than secure OS – connecting the ones thatthan secure OS – connecting the ones that meet their intended security requirements andmeet their intended security requirements and justify confidence in the quality.justify confidence in the quality.
  • 26. 2626 Designing Trusted Operating SystemDesigning Trusted Operating System SecureSecure versusversus TrustedTrusted SecureSecure TrustedTrusted  Either-or conceptEither-or concept  Graded – there are degree ofGraded – there are degree of “trustedness”“trustedness”  Property of presenterProperty of presenter  Property of receiverProperty of receiver  Asserted: based on productAsserted: based on product characteristicscharacteristics  Judged: based on evidence andJudged: based on evidence and analysisanalysis  Absolute: not qualified as toAbsolute: not qualified as to how, where, when or by whomhow, where, when or by whom usedused  Relative: viewed in context ofRelative: viewed in context of useuse  A goalA goal  A characteristicsA characteristics
  • 27. 2727 Designing Trusted Operating SystemDesigning Trusted Operating System Among the components underpinningAmong the components underpinning trusted OStrusted OS are:are:  Security policySecurity policy: a statement of the security we expect the: a statement of the security we expect the system to enforce.system to enforce.  ModelModel: the representation of the policy that the OS will: the representation of the policy that the OS will enforce.enforce.  DesignDesign: covers both what the trusted OS is and how it is: covers both what the trusted OS is and how it is to be constructedto be constructed  TrustTrust: based on two aspects that is: based on two aspects that is featuresfeatures (the OS has(the OS has all the necessary functionality needed to enforce theall the necessary functionality needed to enforce the expected security policy) andexpected security policy) and assuranceassurance (the OS has(the OS has been implemented in a such a way that we havebeen implemented in a such a way that we have confidence it will enforce the security policy).confidence it will enforce the security policy).
  • 28. 2828 Security PoliciesSecurity Policies  A Security policy is a statement of theA Security policy is a statement of the security we expect the system to enforcesecurity we expect the system to enforce
  • 29. 2929 Military Security PoliciesMilitary Security Policies (MSP)(MSP)  MSP is based on protecting classified informationMSP is based on protecting classified information  Five Levels-Five Levels- 1-unclassified1-unclassified 2-restricted2-restricted 3-confidential3-confidential 4-secret4-secret 5-top secret5-top secret
  • 30. 3030  Classified information may be associated with oneClassified information may be associated with one or more projects called compartmentor more projects called compartment  The combination of rank and compartment isThe combination of rank and compartment is called the class or classification of a piece ofcalled the class or classification of a piece of informationinformation  Clearance - a person is trusted to access certainClearance - a person is trusted to access certain information up to a level of sensitivity calledinformation up to a level of sensitivity called dominancedominance
  • 31. 3131 A subject can read an object only ifA subject can read an object only if a)a) The clearance level of the subject is at least asThe clearance level of the subject is at least as high as that of the informationhigh as that of the information b)b) The subject has a need to know about allThe subject has a need to know about all compartments for which the information iscompartments for which the information is classifiedclassified
  • 32. 3232 Military Security Policy Information classified <secret, {sweden}> can access/read by • <top secret, {sweden, crypto> or • <secret, {sweden, crypto}> But can’t access/read by • <top secret, {crypto}> or • <confidential, {sweden}>
  • 33. 3333 Chinese Wall Security PolicyChinese Wall Security Policy A conflict of interest exists when one person can obtain sensitiveA conflict of interest exists when one person can obtain sensitive information on competing companies.information on competing companies. 3 Levels of Abstraction:-3 Levels of Abstraction:- i) Objects- lowest levels are elementary objects example:-filesi) Objects- lowest levels are elementary objects example:-files each file contains information concerning only one groupeach file contains information concerning only one group companycompany ii) Company group- all object concerning each company areii) Company group- all object concerning each company are grouped togethergrouped together iii) Conflict classes- at the highest level, all groups of objectiveiii) Conflict classes- at the highest level, all groups of objective for competing companies are clustered.for competing companies are clustered. Each object thus belonging to a unique company group,andEach object thus belonging to a unique company group,and each company group contained in a unique conflict classeach company group contained in a unique conflict class
  • 34. 3434 A conflict class may contain one or moreA conflict class may contain one or more company groupcompany group Chinese wall policy is a commercially inspiredChinese wall policy is a commercially inspired confidentiality policy where as commercialconfidentiality policy where as commercial policies focus on integritypolicies focus on integrity
  • 35. 3535 Air Asia MAS Cadbury Vochele Hershey TNB Company group Conflict class Someone have a data on six company groups ACCESS SCHEME – a person can access any information as long as person as never accessed information from different company in the same conflict class Inspired confidentiality policy
  • 36. 3636 Security Features of TrustedSecurity Features of Trusted Operating SystemsOperating Systems  The features of trusted operating systems include:The features of trusted operating systems include:  User identificationUser identification: Trusted OS requires identification of: Trusted OS requires identification of individuals and each individual must be uniquelyindividuals and each individual must be uniquely identified.identified.  Mandatory access controlMandatory access control: access control policy decisions: access control policy decisions are made beyond the control of the individual owner of anare made beyond the control of the individual owner of an object – a central authority determines what information isobject – a central authority determines what information is to be accessible by whom and the user cannot change theto be accessible by whom and the user cannot change the access rights.access rights.  Discretionary access controlDiscretionary access control: the owner can determine who: the owner can determine who should have access rights to an object and what those rightsshould have access rights to an object and what those rights should be.should be.
  • 37. 3737 Security Features of TrustedSecurity Features of Trusted Operating SystemsOperating Systems  The features of trusted operating systemsThe features of trusted operating systems include:include:  Object reuse protectionObject reuse protection: to prevent object reuse: to prevent object reuse leakage, OS clear (overwrite) all space to beleakage, OS clear (overwrite) all space to be reassigned.reassigned.  Complete mediationComplete mediation: all accesses are checked.: all accesses are checked.  Trusted pathTrusted path: for critical operations such as setting: for critical operations such as setting a password or changing access permission – usersa password or changing access permission – users would required communication through a trustedwould required communication through a trusted path.path.
  • 38. 3838 Security Features of TrustedSecurity Features of Trusted Operating SystemsOperating Systems  The features of trusted operating systemsThe features of trusted operating systems include:include:  Accountability and auditAccountability and audit: maintaining a log of: maintaining a log of security-relevant events that have occurred, listingsecurity-relevant events that have occurred, listing each event and the person responsible.each event and the person responsible.  Intrusion detection systemIntrusion detection system: software builds usage: software builds usage patterns of the normal system and triggers an alarmpatterns of the normal system and triggers an alarm anytime the usage is abnormal.anytime the usage is abnormal.
  • 39. 3939 Hardening Your OSHardening Your OS Operating System HardeningOperating System Hardening  Hardening of operating systems is the first step towards safeguardingHardening of operating systems is the first step towards safeguarding systems from intrusion. Workstations and servers typically arrive from thesystems from intrusion. Workstations and servers typically arrive from the vendor, installed with a multitude of development tools and utilities,vendor, installed with a multitude of development tools and utilities, which, although beneficial to the new user, also provide potential back-which, although beneficial to the new user, also provide potential back- door access to an organisation's systems.door access to an organisation's systems.  Hardening of an operating system involves the removal of all non essentialHardening of an operating system involves the removal of all non essential tools, utilities and other systems administration options, any of whichtools, utilities and other systems administration options, any of which could be used to ease a hacker's path to your systems. Following this, thecould be used to ease a hacker's path to your systems. Following this, the hardening process will ensure that all appropriate security features arehardening process will ensure that all appropriate security features are activated and configured correctly. Again, 'out of the box' systems willactivated and configured correctly. Again, 'out of the box' systems will likely be set up for ease of access with access to 'root' / Administratorlikely be set up for ease of access with access to 'root' / Administrator account. Some vendors have now recognised that a market exists for pre-account. Some vendors have now recognised that a market exists for pre- hardened systems.hardened systems.
  • 41. 4141 IntroductionIntroduction  Database is a collection of data and set of rules thatDatabase is a collection of data and set of rules that organize the data by specifying certain relationshipsorganize the data by specifying certain relationships among data.among data.  Through these rules, the user describes a logicalThrough these rules, the user describes a logical format for the data.format for the data.  The user interacts with the data base through aThe user interacts with the data base through a program called a database manager or databaseprogram called a database manager or database management system (DBMS) informally known as amanagement system (DBMS) informally known as a front end.front end.
  • 42. 4242 IntroductionIntroduction Advantages of Using DatabasesAdvantages of Using Databases  Shared AccessShared Access – so that many users can use one common,– so that many users can use one common, centralized set of data.centralized set of data.  Minimal RedundancyMinimal Redundancy – so that individual users do not have to– so that individual users do not have to collect and maintain their own sets of data.collect and maintain their own sets of data.  Data consistencyData consistency – so that a change to a data value affects all– so that a change to a data value affects all users of the data value.users of the data value.  Data integrityData integrity – so that data values are protected against– so that data values are protected against accidental or malicious incorrect changes.accidental or malicious incorrect changes.  Controlled accessControlled access – so that only authorized users allowed to– so that only authorized users allowed to view or modify data values.view or modify data values.
  • 43. 4343 Security RequirementsSecurity Requirements  Physical data base integrityPhysical data base integrity – so that the data of a– so that the data of a database is immune to physical problems such asdatabase is immune to physical problems such as power failures and so that someone can reconstructpower failures and so that someone can reconstruct the database if it is destroy through a catastrophe.the database if it is destroy through a catastrophe.  Logical database integrityLogical database integrity – so that the structure of– so that the structure of the database is preserved. With logical integrity of athe database is preserved. With logical integrity of a database, a modification to the value of one field doesdatabase, a modification to the value of one field does not affect other fields.not affect other fields.
  • 44. 4444 Security RequirementsSecurity Requirements  Element integrityElement integrity – so that the data contained– so that the data contained in each element is accurate.in each element is accurate.  AuditabilityAuditability – to be able to track who has– to be able to track who has accessed (or modified) the elements in theaccessed (or modified) the elements in the database.database.  Access controlAccess control – so that a user is allowed to– so that a user is allowed to access only authorized data and so thataccess only authorized data and so that different users can be restricted to differentdifferent users can be restricted to different modes of access (such as read or write).modes of access (such as read or write).
  • 45. 4545 Security RequirementsSecurity Requirements  User authenticationUser authentication – to ensure that every user– to ensure that every user is positively identifed, both for the audit trailis positively identifed, both for the audit trail and for permission to access certain data.and for permission to access certain data.  AvailabilityAvailability – meaning that users can access– meaning that users can access the database in general and all the data forthe database in general and all the data for which they are authorized.which they are authorized.
  • 46. 4646 Sensitive DataSensitive Data  Sensitive data is data that should not madeSensitive data is data that should not made public.public.  Determining which data items are sensitiveDetermining which data items are sensitive depends on the individual database and thedepends on the individual database and the underlying meaning of the data.underlying meaning of the data.  Example: Library Public Catalog (no sensitiveExample: Library Public Catalog (no sensitive data) Military and Defense Databases (alldata) Military and Defense Databases (all sensitive data), a university Databases (somesensitive data), a university Databases (some but not all sensitive).but not all sensitive).
  • 47. 4747 Types of DisclosureTypes of Disclosure  Exact DataExact Data – the most serious disclosure is the exact– the most serious disclosure is the exact value of the sensitive data itself.value of the sensitive data itself.  BoundsBounds – indicating that a sensitive value (y) is– indicating that a sensitive value (y) is between values L and H.between values L and H.  Negative resultNegative result – Sometimes one can word a query to– Sometimes one can word a query to determine a negative results (determine a negative results (zz is not the value ofis not the value of yy).).  ExistenceExistence – the existence of data itself a sensitive– the existence of data itself a sensitive piece of data regardless of the actual value.piece of data regardless of the actual value.  Probable valueProbable value – it may be possible to determine the– it may be possible to determine the probability that a certain element has a certain value.probability that a certain element has a certain value.
  • 48. 4848 Proposals for Secure MultilevelProposals for Secure Multilevel DatabasesDatabases PartitioningPartitioning  The database is divided into separateThe database is divided into separate databases, each at its own level of sensitivity.databases, each at its own level of sensitivity.  This approach is similar to maintainingThis approach is similar to maintaining separate files in separate file cabinets.separate files in separate file cabinets.
  • 49. 4949 Proposals for Secure MultilevelProposals for Secure Multilevel DatabasesDatabases EncryptionEncryption  If sensitive data is encrypted, a user whoIf sensitive data is encrypted, a user who accidentally receives sensitive data cannotaccidentally receives sensitive data cannot interpret the data.interpret the data.