II.I Selected Database Issues: 1 - SecuritySlide 1/20 II. Selected Database Issues Part 1: Security Lecture 2 Lecturer: Chris Clack 3C13/D6.

Slides:



Advertisements
Similar presentations
1 Chapter 13 Securing an Access Application. 13 Chapter Objectives Learn about the elements of security Explore application-level security Use user-level.
Advertisements

Chapter 23 Database Security and Authorization Copyright © 2004 Pearson Education, Inc.
Database Management System
Principles of Information Security, 2nd edition1 Cryptography.
Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.
ICS 421 Spring 2010 Security & Authorization Asst. Prof. Lipyeow Lim Information & Computer Science Department University of Hawaii at Manoa 4/20/20101Lipyeow.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Cryptographic Technologies
1 Minggu 7, Pertemuan 13 Security Matakuliah: T0206-Sistem Basisdata Tahun: 2005 Versi: 1.0/0.0.
System Administration Accounts privileges, users and roles
Manajemen Basis Data Pertemuan 1 Matakuliah: M0264/Manajemen Basis Data Tahun: 2008.
EECC694 - Shaaban #1 lec #16 Spring Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able.
Chapter 8 Security Transparencies © Pearson Education Limited 1995, 2005.
Chapter 19 Security Transparencies © Pearson Education Limited 1995, 2005.
Lecture 4 Cryptographic Tools (cont) modified from slides of Lawrie Brown.
Encryption Methods By: Michael A. Scott
DATABASE SECURITY By Oscar Suciadi CS 157B Prof. Sin-Min Lee.
Secure Systems Research Group - FAU Patterns for Digital Signature using hashing Presented by Keiko Hashizume.
1 Fluency with Information Technology Lawrence Snyder Chapter 17 Privacy & Digital Security Encryption.
Chapter 19 Security Transparencies. 2 Chapter 19 - Objectives Scope of database security. Why database security is a serious concern for an organization.
1 Introduction to Security and Cryptology Enterprise Systems DT211 Denis Manley.
II.I Selected Database Issues: 1 - SecuritySlide 1/24 II. Selected Database Issues Part 1: Security Lecture 1 Lecturer: Chris Clack 3C13/D6.
ISOM MIS3150 Data and Info Mgmt Database Security Arijit Sengupta.
By Lecturer / Aisha Dawood 1.  Administering Users  Create and manage database user accounts.  Create and manage roles.  Grant and revoke privileges.
Linux Networking and Security Chapter 8 Making Data Secure.
E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.
Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 5 “Database and Cloud Security”.
SEC835 Practical aspects of security implementation Part 1.
IS 221: DATABASE ADMINISTRATION Lecture 6:Create Users & Manage Users. Information Systems Department 1.
The protection of the DB against intentional or unintentional threats using computer-based or non- computer-based controls. Database Security – Part 2.
7 Copyright © 2004, Oracle. All rights reserved. Administering Users.
1 Securing Data and Communication. 2 Module - Securing Data and Communication ♦ Overview Data and communication over public networks like Internet can.
Controlling User Access. Objectives After completing this lesson, you should be able to do the following: Create users Create roles to ease setup and.
DCL/1 Data Control Language Objectives –To learn about the security mechanisms implemented in an RDBMS and how to use them Contents –Identifying Users.
Internet Security. Four Issues of Internet Security Authenticity: Is the sender of a message who they claim to be? Privacy: Are the contents of a message.
Section 3 Database Security. 3-2 CA306 Introduction Section Content 3.1 Security Overview 3.2 Security Controls 3.3 Views 3.4 Security in Oracle 3.5 Web.
Encryption Questions answered in this lecture: How does encryption provide privacy? How does encryption provide authentication? What is public key encryption?
Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.
CSCI 3140 Module 6 – Database Security Theodore Chiasson Dalhousie University.
11/4/2012ISC239 Isabelle Bichindaritz1 Database Security.
Database Security Tampere University of Technology, Introduction to Databases. Oleg Esin.
Controlling User Access. 2 home back first prev next last What Will I Learn? Compare the difference between object privileges and system privileges Construct.
Database Security. Multi-user database systems like Oracle include security to control how the database is accessed and used for example security Mechanisms:
Encryption Basics Module 7 Section 2. History of Encryption Secret - NSA National Security Agency –has powerful computers - break codes –monitors all.
INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.
Database Security Cmpe 226 Fall 2015 By Akanksha Jain Jerry Mengyuan Zheng.
Deck 10 Accounting Information Systems Romney and Steinbart Linda Batch March 2012.
IST 318 Database Administration Lecture 9 Database Security.
Chapter 13Introduction to Oracle9i: SQL1 Chapter 13 User Creation and Management.
Oracle 11g: SQL Chapter 7 User Creation and Management.
Database Security. Multi-user database systems like Oracle include security to control how the database is accessed and used for example security Mechanisms:
CSI-09 COMMUNICATION TECHNOLOGY SECURITY MECHANISMS IN A NETWORK AUTHOR - V. V. SUBRAHMANYAM.
INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.
Information Systems Design and Development Security Precautions Computing Science.
Department of Computer Science Chapter 5 Introduction to Cryptography Semester 1.
Database Management Systems, 3ed, R. Ramakrishnan and J. Gehrke1 Database architecture and security Workshop 4.
Database and Cloud Security
Controlling User Access
Database Security and Authorization
Security and Administration Transparencies
Database Security.
By Oscar Suciadi CS 157B Prof. Sin-Min Lee
Database Security.
OER- UNIT 3 Authorization
By Oscar Suciadi CS 157B Prof. Sin-Min Lee
By Oscar Suciadi CS 157B Prof. Sin-Min Lee
Operating Systems Concepts
Presentation transcript:

II.I Selected Database Issues: 1 - SecuritySlide 1/20 II. Selected Database Issues Part 1: Security Lecture 2 Lecturer: Chris Clack 3C13/D6

II.I Selected Database Issues: 1 - SecuritySlide 2/20 1. Content 2.0 Objectives 2.1 Countermeasures: computer-based controls (BRAVE) Encryption 2.2 Authentication and Authorisation in Microsoft Access DBMS Authentication: Setting a password Authorisation: User-level security 2.3 Authorisation in Oracle DBMS Privileges Content

II.I Selected Database Issues: 1 - SecuritySlide 3/ Objectives Objectives In this Lecture you will learn: 1.The final element of “BRAVE” security control mechanisms: –Encryption 2.Microsoft Access authentication and authorisation measures 3.Oracle DBMS security measures

II.I Selected Database Issues: 1 - SecuritySlide 4/ BRAVE: Encryption

II.I Selected Database Issues: 1 - SecuritySlide 5/ Countermeasures: computer-based controls Encryption Encryption: the encoding of the data by a special algorithm that renders the data unreadable by any program without the decryption key. Encode data of a sensitive nature as a precaution against possible external threats. The DBMS can access the data after decoding it, although there is a degradation in performance as it takes time to decode. Encryption protects data transmitted over communication lines. There are a number of techniques for encoding data…

II.I Selected Database Issues: 1 - SecuritySlide 6/ Countermeasures: computer-based controls Encryption Irreversible encryption –Does not permit the original data to be known. –However, the encrypted data can be used to obtain valid statistical information. Reversible encryption –More common. –To transmit data securely over an insecure network requires the use of a cryptosystem.

II.I Selected Database Issues: 1 - SecuritySlide 7/ Countermeasures: computer-based controls Encryption Cryptosystem Includes: –Encryption key to encrypt the data (plaintext). –Encryption algorithm that, with the encryption key, transforms the plaintext into ciphertext –Decryption key to decrypt the ciphertext –Decryption algorithm that, with the decryption key, transforms the ciphertext back into plaintext. text encryption algorithmdecryption algorithm text encryption keydecryption key cypher text

II.I Selected Database Issues: 1 - SecuritySlide 8/ Countermeasures: computer-based controls Encryption Symmetric Encryption: –Uses the same key for encryption and decryption. –Requires a secure communication line for exchanging the key. Most users don't have a secure line. –To be really secure the key should be as long as the message, most however use shorter keys. Asymmetric Encryption: –Uses different keys. Symmetric Example: DES (Data Encryption Standard) –Developed by IBM. –Not universally regarded as being secure. Some authors say a larger key is required. –PGP Pretty Good Privacy uses a 128-bit symmetric algorithm for bulk encryption of the data it sends.

II.I Selected Database Issues: 1 - SecuritySlide 9/ Countermeasures: computer-based controls Encryption Keys with 64-bits are now considered breakable by major governments, though at substantial cost. This technology will be within the reach of organized criminals, major organizations and smaller governments either already or very soon It is probable that keys with 128-bits will remain unbreakable for the foreseeable future. The terms strong authentication and weak authentication are sometimes used to distinguish between algorithms that cannot be broken with existing technologies and knowledge (strong) and those that can (weak).

II.I Selected Database Issues: 1 - SecuritySlide 10/ Countermeasures: computer-based controls Encryption Asymmetric Example: Public key systems. Two keys are used. One is public and one is private. The encryption algorithm may also be public. Anyone can send an encoded message using the public key and algorithm given by the owner. But only the owner of the private key may decipher the message. A digital signature can also be used to prove the message came from the person who claimed to have sent it (see later lecture). RSA is the most well known asymmetric encryption (the name derives from the initials of the algorithm designers). Generally, asymmetric algorithms are much slower to execute. In practice the two types of encryption are used together.

II.I Selected Database Issues: 1 - SecuritySlide 11/ Authentication and authorisation in Microsoft Access DBMS

II.I Selected Database Issues: 1 - SecuritySlide 12/ Authentication & authorisation in Microsoft Access DBMS Authentication and authorisation in Microsoft Access DBMS Prerequisite course covered Microsoft Access 2000 DBMS and SQL GRANT and REVOKE statements Access instead of GRANT and REVOKE statements, Access provides: system security : setting a password for opening a database (authentication) data security : user-level security, which limits the parts of the database a user can read or update (authorisation)

II.I Selected Database Issues: 1 - SecuritySlide 13/ Authentication & authorisation in Microsoft Access DBMS Authentication in Microsoft Access DBMS Example (Password): Password set from Tools, Security menu Secure. Access encrypts password

II.I Selected Database Issues: 1 - SecuritySlide 14/ Authentication & authorisation in Microsoft Access DBMS Authorisation in Microsoft Access DBMS Example (user-level security) Within the Microsoft Access workgroup information File users are identified as belonging to a group. Default groups: - administrator (Admin group) - users (Users group).

II.I Selected Database Issues: 1 - SecuritySlide 15/ Authentication & authorisation in Microsoft Access DBMS Authorisation in Microsoft Access DBMS Example (user-level security: Permissions) Permissions granted to groups and users Dialog box used to regulate how they can work with given objects No. of possible permissions: Open/Run, Read Design, Modify Design, Update Data, Read Data, Delete Data etc...

II.I Selected Database Issues: 1 - SecuritySlide 16/ Authorisation in Oracle DBMS

II.I Selected Database Issues: 1 - SecuritySlide 17/ Authorisation in Oracle DBMS Authorisation in Oracle DBMS Privileges Privilege: the right to execute a particular type of SQL statement or to access another user’s objects. Some examples of Oracle privileges are: connect to the database (create a session) create a table select rows from another user’s table

II.I Selected Database Issues: 1 - SecuritySlide 18/ Authorisation in Oracle DBMS Authorisation in Oracle DBMS Privileges There are two distinct categories of privileges in Oracle: 1. System privileges: the right to perform a particular action, or to perform an action on schema objects of a certain type. Control privileges associated with some schema objects (clusters, indexes and triggers). Example: creation of table spaces or of users in a database. Privileges granted or revoked in two ways: 1.Grant System Privileges/Roles dialog box and Revoke System Privileges/Roles dialog box of Oracle Security Manager. 2.SQL GRANT and REVOKE statements.

II.I Selected Database Issues: 1 - SecuritySlide 19/ Authorisation in Oracle DBMS Authorisation in Oracle DBMS Privileges 2. Object privileges: the right to perform a particular action on a specific table, view, sequence, procedure, function or package. Example: the privilege to delete rows from the Staff table. A user automatically has all object privileges for schema objects contained in their schema. They can grant object privileges on any schema object owned. The inclusion in the grant of the WITH GRANT OPTION (of the GRANT statement) allows the user to further grant the object privileges to other users.

II.I Selected Database Issues: 1 - SecuritySlide 20/ Authorisation in Oracle DBMS Authorisation in Oracle DBMS Privileges A user can receive a privilege in two different ways: 1.Privileges can be granted to users explicitly. Example: GRANT INSERT ON PropertyForRent TO Beech, means the object privilege “insert rows” has been granted to Mr Beech on the said table. 2. Privileges can be granted to a role. The role can then be granted to one or more users. Example: the object privileges insert, delete and update could be granted to the role `Assistant’ User Beech can then be granted the role Assistant. `Role ’ : a named group of privileges A user can access several roles and several users can be assigned the same role. This is a better and easier way to manage privileges.

II.I Selected Database Issues: 1 - SecuritySlide 21/ Summary Summary 1.3 The final “BRAVE” countermeasure E ncryption 2.2 Authentication and authorisation in Microsoft Access DBMS Setting a password User-level security 2.3 Authorisation in Oracle DBMS Privileges NEXT LECTURE: DBMS and Web Security - Firewalls - Signatures - Certificates

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.