Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 5 Database Application Security Models.

Slides:



Advertisements
Similar presentations
Chapter 23 Database Security and Authorization Copyright © 2004 Pearson Education, Inc.
Advertisements

Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 8 Application Data Auditing.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 8 Application Data Auditing.
Lecture-7/ T. Nouf Almujally
Management Information Systems, Sixth Edition
Database Management System
Data - Information - Knowledge
8.
1 Chapter 2 Database Environment Transparencies © Pearson Education Limited 1995, 2005.
Client/Server Databases and the Oracle 10g Relational Database
Database Management: Getting Data Together Chapter 14.
The Architecture of Transaction Processing Systems
Chapter 4: Database Management. Databases Before the Use of Computers Data kept in books, ledgers, card files, folders, and file cabinets Long response.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 4 Profiles, Password Policies, Privileges, and Roles.
Systems Architecture, Fourth Edition1 Internet and Distributed Application Services Chapter 13.
Chapter 5 Database Application Security Models
Chapter 2 Database Environment Pearson Education © 2014.
Introduction to Web Applications Instructor: Enoch E. Damson.
Chapter 4 Database Management Systems. Chapter 4Slide 2 What is a Database Management System (DBMS)?  Database An organized collection of related data.
Security Architecture Dr. Gabriel. Security Database security: –degree to which data is fully protected from tampering or unauthorized acts –Full understanding.
Emmanuel Cecchet et al.  Performance Scalability of J2EE application servers.  Test effect of: ◦ Application Implementation Methods ◦ Container Design.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 3 Administration of Users.
Chapter 2 Database System Concepts and Architecture
Database Application Security Models
ISOM MIS3150 Data and Info Mgmt Database Security Arijit Sengupta.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 3 Administration of Users.
CST221: Database Systems Dr. Zhen Jiang Computer Science Department West Chester University West Chester, PA
1 Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.
The McGraw-Hill Companies, Inc Information Technology & Management Thompson Cats-Baril Chapter 3 Content Management.
CSC271 Database Systems Lecture # 4.
Security Architecture
M1G Introduction to Database Development 6. Building Applications.
Web Server Administration Chapter 7 Installing and Testing a Programming Environment.
Web Design and Development for E-Business By Jensen J. Zhao Copyright 2003 Prentice Hall, Inc. Web Design and Development for E-Business Jensen J. Zhao.
Database Application Security Models Database Application Security Models 1.
CHAPTER 8: MANAGING DATA RESOURCES. File Organization Terms Field: group of characters that represent something Record: group of related fields File:
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 4 Profiles, Password Policies, Privileges, and Roles.
The protection of the DB against intentional or unintentional threats using computer-based or non- computer-based controls. Database Security – Part 2.
Discovering Computers Fundamentals Fifth Edition Chapter 9 Database Management.
Controlling User Access. Objectives After completing this lesson, you should be able to do the following: Create users Create roles to ease setup and.
5-1 McGraw-Hill/Irwin Copyright © 2007 by The McGraw-Hill Companies, Inc. All rights reserved.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 1 Security Architecture.
6.1 © 2010 by Prentice Hall 6 Chapter Foundations of Business Intelligence: Databases and Information Management.
MANAGING DATA RESOURCES ~ pertemuan 7 ~ Oleh: Ir. Abdul Hayat, MTI.
CSCI 3140 Module 6 – Database Security Theodore Chiasson Dalhousie University.
1 Introduction to Oracle Chapter 1. 2 Before Databases Information was kept in files: Each field describes one piece of information about student Fields.
Controlling User Access. 2 home back first prev next last What Will I Learn? Compare the difference between object privileges and system privileges Construct.
Database Security. Multi-user database systems like Oracle include security to control how the database is accessed and used for example security Mechanisms:
Module 6: Data Protection. Overview What does Data Protection include? Protecting data from unauthorized users and authorized users who are trying to.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 1 Security Architecture.
Privilege Management Chapter 22.
Computer Security: Principles and Practice
Oracle 11g: SQL Chapter 7 User Creation and Management.
Chapter 2 Database Environment.
3-1 Modeling Basic Entities DBMS Create Sort Search Addition Deletion Modification Create Sort Search Addition Deletion Modification DBMS is a Software.
Database Security. Introduction to Database Security Issues (1) Threats to databases Loss of integrity Loss of availability Loss of confidentiality To.
ISC321 Database Systems I Chapter 2: Overview of Database Languages and Architectures Fall 2015 Dr. Abdullah Almutairi.
Slide 1 © 2016, Lera Technologies. All Rights Reserved. Oracle Data Integrator By Lera Technologies.
Management Information Systems by Prof. Park Kyung-Hye Chapter 7 (8th Week) Databases and Data Warehouses 07.
James A. Senn’s Information Technology, 3rd Edition
Client/Server Databases and the Oracle 10g Relational Database
Chapter 2 Database System Concepts and Architecture
Server Concepts Dr. Charles W. Kann.
Chapter 2 Database Environment Pearson Education © 2009.
MANAGING DATA RESOURCES
Introduction of Week 9 Return assignment 5-2
INTRODUCTION A Database system is basically a computer based record keeping system. The collection of data, usually referred to as the database, contains.
Presentation transcript:

Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 5 Database Application Security Models

Database Security & Auditing: Protecting Data Integrity & Accessibility2 Objectives Describe the different types of users in a database environment and the distinct purpose of each Identify and explain the concepts of five security models List the most commonly used application types

Database Security & Auditing: Protecting Data Integrity & Accessibility3 Objectives (continued) Implement the most common application security models Understand the use of data encryption within database applications

Database Security & Auditing: Protecting Data Integrity & Accessibility4 Types of Users Application: –Solves a problem –Performs a specific business function Database: collection of related data files used by an application Application user: user within the application schema

Database Security & Auditing: Protecting Data Integrity & Accessibility5 Types of Users (continued) Types: –Application administrator –Application owner –Application user –Database administrator –Database user –Proxy user –Schema owner –Virtual user

Database Security & Auditing: Protecting Data Integrity & Accessibility6 Security Models Access Matrix Model: –Represents two main entities: objects and subjects: Columns represent objects Rows represent subjects –Objects: tables, views, procedures, database objects –Subjects: users, roles, privileges, modules –Authorization cell

Database Security & Auditing: Protecting Data Integrity & Accessibility7 Security Models (continued)

Database Security & Auditing: Protecting Data Integrity & Accessibility8 Security Models (continued) Access Modes Model: –Based on the Take-Grant model –Uses objects and subjects –Specifies access modes: static and dynamic modes –Access levels: a subject has access to objects at its level and all levels below it

Database Security & Auditing: Protecting Data Integrity & Accessibility9 Security Models (continued)

Database Security & Auditing: Protecting Data Integrity & Accessibility10 Security Models (continued)

Database Security & Auditing: Protecting Data Integrity & Accessibility11 Application Types Client/Server applications: –Management Information System (MIS) department: Thirty year ago centralized information Developed mainframe projects Was a bottleneck –Personal computer was introduced: developing need for client/server applications –Based on the business model

Database Security & Auditing: Protecting Data Integrity & Accessibility12 Client/Server Applications

Database Security & Auditing: Protecting Data Integrity & Accessibility13 Client/Server Applications (continued) Provides a flexible and scalable structure Components: –User interface –Business logic –Data access Components usually spread out over several tiers: –Minimum two –Normally, four to five

Database Security & Auditing: Protecting Data Integrity & Accessibility14 Client/Server Applications (continued)

Database Security & Auditing: Protecting Data Integrity & Accessibility15 Client/Server Applications (continued)

Database Security & Auditing: Protecting Data Integrity & Accessibility16 Web Applications Evolved with the rise of dot-com and Web- based companies Uses the Web to connect and communicate to the server A Web application uses HTML pages created using: –ActiveX –Java applets or beans –ASP (Active Server Pages)

Database Security & Auditing: Protecting Data Integrity & Accessibility17 Web Applications (continued)

Database Security & Auditing: Protecting Data Integrity & Accessibility18 Web Applications (continued) Components: –Web browser layer –Web server layer –Application server layer –Business logic layer –Database server layer

Database Security & Auditing: Protecting Data Integrity & Accessibility19 Web Applications (continued)

Database Security & Auditing: Protecting Data Integrity & Accessibility20 Data Warehouse Applications Used in decision-support applications Collection of many types of data taken from a number of different databases Typically composed of a database server Accessed by software applications or reporting applications: online analytical processing (OLAP)

Database Security & Auditing: Protecting Data Integrity & Accessibility21 Data Warehouse Applications (continued)

Database Security & Auditing: Protecting Data Integrity & Accessibility22 Application Security Models Models: –Database role based –Application role based –Application function based –Application role and function based –Application table based

Database Security & Auditing: Protecting Data Integrity & Accessibility23 Security Model Based on Database Roles Application authenticates application users: maintain all users in a table Each user is assigned a role; roles have privileges assigned to them A proxy user is needed to activate assigned roles; all roles are assigned to the proxy user Model and privileges are database dependent

Database Security & Auditing: Protecting Data Integrity & Accessibility24 Security Model Based on Database Roles (continued)

Database Security & Auditing: Protecting Data Integrity & Accessibility25 Security Model Based on Database Roles (continued) Implementation in Oracle: –Create users –Add content to your tables –Add a row for an application user –Look for application user’s role –Activate the role for this specific session

Database Security & Auditing: Protecting Data Integrity & Accessibility26 Security Model Based on Database Roles (continued) Implementation in SQL Server: –Use application roles: Special roles you that are activated at the time of authorization Require a password and cannot contain members –Connect a user to the application role: overrules user’s privileges

Database Security & Auditing: Protecting Data Integrity & Accessibility27 Security Model Based on Database Roles (continued) Implementation in SQL Server (continued): –Create and drop application roles using the command line and the Enterprise Manager: SP_ADDAPPROLE SP_DROPAPPROLE –You can activate application roles using SP_SETAPPROLE

Database Security & Auditing: Protecting Data Integrity & Accessibility28 Security Model Based on Database Roles (continued) Implementation in SQL Server (continued): –Connect to database as the proxy user –Validate the user name and password –Retrieve the application role name –Activate the application role

Database Security & Auditing: Protecting Data Integrity & Accessibility29 Security Model Based on Database Roles (continued)

Database Security & Auditing: Protecting Data Integrity & Accessibility30 Security Model Based on Application Roles Application roles are mapped to real business roles Application authenticates users Each user is assigned to an application role; application roles are provided with application privileges (read and write)

Database Security & Auditing: Protecting Data Integrity & Accessibility31 Security Model Based on Application Roles (continued)

Database Security & Auditing: Protecting Data Integrity & Accessibility32 Security Model Based on Application Roles (continued) Implementation in SQL Server –Create a database user –Connect the application to the database using this user –Create stored procedures to perform all database operations

Database Security & Auditing: Protecting Data Integrity & Accessibility33 Security Model Based on Application Functions Application authenticates users Application is divided into functions Considerations: –Isolates application security from database –Passwords must be securely encrypted –Must use a real database user –Granular privileges require more effort during implementation

Database Security & Auditing: Protecting Data Integrity & Accessibility34 Security Model Based on Application Functions (continued)

Database Security & Auditing: Protecting Data Integrity & Accessibility35 Security Model Based on Application Roles and Functions Combination of models Application authenticates users Application is divided into functions: –Roles are assigned to functions –Functions are assigned to users Highly flexible model

Database Security & Auditing: Protecting Data Integrity & Accessibility36 Security Model Based on Application Roles and Functions (continued)

Database Security & Auditing: Protecting Data Integrity & Accessibility37 Security Model Based on Application Tables Depends on the application to authenticate users Application provides privileges to the user based on tables; not on a role or a function User is assigned access privilege to each table owned by the application owner

Database Security & Auditing: Protecting Data Integrity & Accessibility38 Security Model Based on Application Tables (continued)

Database Security & Auditing: Protecting Data Integrity & Accessibility39 Security Model Based on Application Tables (continued) Implementation in SQL Server: –Grant authorization on application functions to the end user –Alter authorization table from the security model based on database roles; incorporate the table and access columns required to support model

Database Security & Auditing: Protecting Data Integrity & Accessibility40 Application Security Models

Database Security & Auditing: Protecting Data Integrity & Accessibility41 Application Security Models (continued)

Database Security & Auditing: Protecting Data Integrity & Accessibility42 Data Encryption Passwords should be kept confidential and preferably encrypted Passwords should be compared encrypted: –Never decrypt the data –Hash the passwords and compare the hashes

Database Security & Auditing: Protecting Data Integrity & Accessibility43 Data Encryption (continued)

Database Security & Auditing: Protecting Data Integrity & Accessibility44 Summary An application user is simply a record created for a user within the application schema; usually does not have database privileges or roles assigned Access matrix: –Columns represent objects –Rows represent subjects –Authorization cell Access mode

Database Security & Auditing: Protecting Data Integrity & Accessibility45 Summary (continued) Application types: client/server, Web, and Data Warehouse Application security models –Database roles –Application roles –Application functions –Roles and functions in the application –Application tables

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.