O slideshow foi denunciado.
Utilizamos seu perfil e dados de atividades no LinkedIn para personalizar e exibir anúncios mais relevantes. Altere suas preferências de anúncios quando desejar.

Dbms ii mca-ch12-security-2013


  • Entre para ver os comentários

Dbms ii mca-ch12-security-2013

  1. 1. By C.Aruna Devi(DSCASC) 1 Database Security Chapter 12 UNIT V Data Base Management System [DBMS]
  2. 2. By C.Aruna Devi(DSCASC) 2 Database Security Techniques used for protecting the database against persons who are not authorized to access either certain parts of a database or the whole database.
  3. 3. By C.Aruna Devi(DSCASC) 3 Database Security Types of Security: Legal and ethical issues Policy issues System-related issues The need to identify multiple security levels
  4. 4. By C.Aruna Devi(DSCASC) 4 Types of Security: Legal and ethical issues: This is regarding the right to access certain information. Some Information may be deemed to be private and cannot be accessed legally by unauthorized persons. Policy issues: Policy issues at the governmental, institutional or corporate level as to what kind of information should not be made publicly available. System-related issues: System related issues such as the system levels at which various security functions should be enforced. Eg: Hardware level or DBMS level or OS level. The need to identify multiple security levels: In some organization there is a need for multiple security levels and to categorize the data and users based on these classifications. Eg: Top secret, secret, confidential.
  5. 5. By C.Aruna Devi(DSCASC) 5 Security In a multi-user database system, the DBMS must provide techniques to enable certain users or user groups to access selected portion of a database without gaining access to the rest of the database. For Eg: Employee Salaries.
  6. 6. By C.Aruna Devi(DSCASC) 6 Database Security Threats to databases: - Loss of integrity - Loss of availability - Loss of confidentiality To protect databases against these types of threats four kinds of countermeasures can be implemented : access control, inference control, flow control, and encryption.
  7. 7. By C.Aruna Devi(DSCASC) 7 Database Security A DBMS typically includes a database security and authorization subsystem that is responsible for ensuring the security portions of a database against unauthorized access. Two types of database security mechanisms: Discretionary security mechanisms  Mandatory security mechanisms
  8. 8. By C.Aruna Devi(DSCASC) 8 Types of database security Discretionary security mechanisms: These are used to grant privileges to users, including the capability to access specific data files, records, or fields in a specific mode (such as read, insert, delete, or update).  Mandatory security mechanisms: These are used to enforce multilevel security by classifying the data and users into various security classes. For eg: a typical security policy is to permit users at a certain classification level to see only the data items classified at the user’s own classification level.
  9. 9. By C.Aruna Devi(DSCASC) 9 Database Security Security Problem: To prevent unauthorized persons from accessing the system. ie., to change the data or delete the data. The security mechanism of a DBMS must include provisions for restricting access to the database as a whole; this function is called access control and is handled by creating user accounts and passwords to control login process by the DBMS.
  10. 10. By C.Aruna Devi(DSCASC) 10 Database Security Security Problem: The security problem associated with databases is that of controlling the access to a statistical database, which is used to provide statistical information or summaries of values based on various criteria. For eg: Database for population statistics. The countermeasures to statistical database security problem is called inference control measures.
  11. 11. By C.Aruna Devi(DSCASC) 11 Introduction to Database Security Issues Security Problem: Another security is that of flow control, which prevents information from flowing in such a way that it reaches unauthorized users. Channels that are pathways for information to flow implicitly in ways that violate the security policy of an organization are called covert channels.
  12. 12. By C.Aruna Devi(DSCASC) 12 Introduction to Database Security Issues Security Problem: A final security issue is data encryption, which is used to protect sensitive data (such as credit card numbers) that is being transmitted via some type communication network. The data is encoded using some coding algorithm. An unauthorized user who access encoded data will have difficulty deciphering it, but authorized users are given decoding or decrypting algorithms (or keys) to decipher data.
  13. 13. By C.Aruna Devi(DSCASC) 13 Database Security and the DBA The database administrator (DBA) is the central authority for managing a database system. The DBA’s responsibilities include granting privileges to users who need to use the system and classifying users and data in accordance with the policy of the organization. The DBA has a DBA account in the DBMS, sometimes called a system or super user account, which provides powerful capabilities .
  14. 14. By C.Aruna Devi(DSCASC) 14 Database Security and the DBA DBA privileged commands include: Granting and revoking privileges to individual account, users, or user groups and for performing the following types of action. 1. Account creation 2. Privilege granting 3. Privilege revocation 4. Security level assignment The DBA is responsible for the overall security of the database system. Action 1 is access control, whereas 2 and 3 are discretionary and 4 is used to control mandatory authorization.
  15. 15. By C.Aruna Devi(DSCASC) 15 DBA privileged commands 1.Account creation: This action creates a new account and password for a user or a group of users to enable them to access the DBMS. 2. Privilege granting: This action permits the DBA to grant certain privileges to certain account. 3. Privilege revocation: This action permits the DBA to revoke (cancel) certain privileges that where previously given to certain account. 4. Security level assignment: This action consists of assigning user accounts to the appropriate security classification level.
  16. 16. By C.Aruna Devi(DSCASC) 16 Access Protection, User Accounts, and Database Audits Whenever a person or group of persons need to access a database system, the individual or group must first apply for a user account. The DBA will then create a new account number and password for the user if there is a legitimate need to access the database. The user must log in to the DBMS by entering account number and password whenever database access is needed.