View n A single table derived from other tables which can be a base table or previously defined views n Virtual table: doesn’t exist physically n Limitation.

Slides:



Advertisements
Similar presentations
7- Sicurezza delle basi di dati
Advertisements

Chapter 23 Database Security and Authorization Copyright © 2004 Pearson Education, Inc.
Jan. 2014Dr. Yangjun Chen ACS Database security and authorization (Ch. 22, 3 rd ed. – Ch. 23, 4 th ed. – Ch. 24, 6 th )
Database Management Systems, 3ed, R. Ramakrishnan and J. Gehrke1 Security and Authorization Chapter 21.
Database Security CS461/ECE422 Spring Overview Database model – Relational Databases Access Control Inference and Statistical Databases Database.
Security and Authorization. Introduction to DB Security Secrecy: Users shouldn’t be able to see things they are not supposed to. –E.g., A student can’t.
Database Query Security
Copyright © 2004 Pearson Education, Inc.. Chapter 23 Database Security and Authorization.
Some slides were taken from Database Access Control Tutorial, Lars Olson, UIUC CS463, Computer Security.
Chapter 11 Database Security: An Introduction Copyright © 2004 Pearson Education, Inc.
Security and Integrity
Database Management System
Database Security - Farkas 1 Database Security and Privacy.
Security and Authorization. Introduction to DB Security Secrecy: Users shouldn’t be able to see things they are not supposed to. –E.g., A student can’t.
Monday, 08 June 2015Dr. Mohamed Osman1 What is Database Administration A high level function (technical Function) that is responsible for ► physical DB.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 5 Database Application Security Models.
Concepts of Database Management, 4th Edition, Pratt & Adamski
Security and Authorization. Introduction to DB Security Secrecy: Users shouldn’t be able to see things they are not supposed to. –E.g., A student can’t.
CSCI 5707: Database Security Pusheng Zhang University of Minnesota March 2, 2004.
A Guide to MySQL 7. 2 Objectives Understand, define, and drop views Recognize the benefits of using views Use a view to update data Grant and revoke users’
Chapter 5 Database Application Security Models
A Guide to SQL, Seventh Edition. Objectives Understand, create, and drop views Recognize the benefits of using views Grant and revoke user’s database.
CSC 2720 Building Web Applications Database and SQL.
Security and Integrity
Database Application Security Models
Chapter 6: Integrity and Security Thomas Nikl 19 October, 2004 CS157B.
Lecture 2 The Relational Model. Objectives Terminology of relational model. How tables are used to represent data. Connection between mathematical relations.
Database Security John Ortiz. Lecture 23Database Security2 Secure Passwords  Two main requirements for choosing a secure password:  1) MUST be easy.
Switch off your Mobiles Phones or Change Profile to Silent Mode.
HAP 709 – Healthcare Databases SQL Data Manipulation Language (DML) Updated Fall, 2009.
First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 5 – Database Security.
1 Database Administration. 2 Objectives  Understand, create, and drop views  Grant and revoke users’ privileges  Understand and obtain information.
Chapter 6 Database Administration
Metadata, Security, and the DBA Chapter 8.1 V3.0 Napier University Dr Gordon Russell.
Introduction to DB Security
Chapter 11 Database Security: An Introduction Copyright © 2004 Pearson Education, Inc.
DATABASE SECURITY MODULE 5.
D ISCRETIONARY A CCESS C ONTROLS Truong Quynh Chi Faculty of Computer Science & Engineering HCMC University of Technology
Access Control. What is Access Control? The ability to allow only authorized users, programs or processes system or resource access The ability to disallow.
Prepared By Prepared By : VINAY ALEXANDER ( विनय अलेक्सजेंड़र ) PGT(CS),KV JHAGRAKHAND.
1 Chapter 6 Database Administration. 2 Introduction Database administration The process of managing a database Database administrator A person or an entire.
Copyright © 2007 Ramez Elmasri and Shamkant B. Navathe Chapter 6 Data Integrity and Security.
Module Coordinator Tan Szu Tak School of Information and Communication Technology, Politeknik Brunei Semester
Programming Logic and Design Fourth Edition, Comprehensive Chapter 16 Using Relational Databases.
Indexes and Views Unit 7.
CS453: Databases and State in Web Applications (Part 2) Prof. Tom Horton.
Database Security Lesson Introduction ●Understand the importance of securing data stored in databases ●Learn how the structured nature of data in databases.
Academic Year 2014 Spring Academic Year 2014 Spring.
Chapter 11 Database Security: An Introduction Copyright © 2004 Pearson Education, Inc.
Mining real world data RDBMS and SQL. Index RDBMS introduction SQL (Structured Query language)
COEN 350: Network Security Authorization. Fundamental Mechanisms: Access Matrix Subjects Objects (Subjects can be objects, too.) Access Rights Example:
Database Security Chapter Terms Security – all the processes and mechanisms by which computer-based equipment, information and services are.
Chapter 9 Database Security and Authorization Copyright © 2004 Pearson Education, Inc.
Database Management Systems, 2 nd Edition, R. Ramakrishnan and J. Gehrke1 Security Lecture 17.
7 1 Database Systems: Design, Implementation, & Management, 7 th Edition, Rob & Coronel 7.6 Advanced Select Queries SQL provides useful functions that.
Constraints and Views Chap. 3-5 continued (7 th ed. 5-7)
Database Security. Introduction to Database Security Issues (1) Threats to databases Loss of integrity Loss of availability Loss of confidentiality To.
Database Security and Authorization Introduction to DB Security Access Controls Database Security and the DBA Discretionary Access Control The privileges.
Database Security Database System Implementation CSE 507 Some slides adapted from Navathe et. Al.
IST 210 Security. IST 210 Introduction to DB Security Secrecy: Users should not be able to see things they are not supposed to. E.g., A student can’t.
AdvDB-6 J. Teuhola Database Security Security = protection from unauthorized use 6.1. Security issues Legal / ethical / ownership issues Policy.
CHAPTER 30 Database Security. CHAPTER 30 Database Security.
Database System Implementation CSE 507
Access Control Model SAM-5.
Security Unit 5.2b Dr Gordon Russell, Napier University
Database Security and Authorization
DATABASE SECURITY For CSCL (BIM).
Access Control.
Database Security Chapter 30
DATABASE Purpose of database
Presentation transcript:

View n A single table derived from other tables which can be a base table or previously defined views n Virtual table: doesn’t exist physically n Limitation on Update Operations n Advantages: – Facilitate Retrieval Operations (always up- to-date) – Simply query specifications – Security Mechanism

View & SQL View & SQL n CREATE VIEW view_name AS SELECT statements; AS SELECT statements; n CREATE VIEW view_name (attributs) AS SELECT statements; AS SELECT statements; n DROP VIEW view_name; n Query on Views: same as on base tables n DBMS responsibility for keeping views updated;

View Update n A view with a single base table is updatable – primary key or candidate key of the base table must be a view attribute n Views on multiple tables using joins are not updatable n Views defined using grouping and aggregate functions are not updatable n Efficient implementation: – Query modification: – View Materialization : physically create a view table

DBS Security Problems n Physical Safety n Unauthorized Access Of Information n Malicious Alterations n Destruction Of Information n Interception Of Data Transmission n Malicious Software

DBS Security Measures n Physical Security n Discretionary Access Control (Dac) n Mandatory Access Control (Mac) n Statistical Database Security n Data Encryption n Controlling Viruses And Trojan Horses

Physical Security Measures n Penetration Alarm System n Physical Constructions And Barriers n Clear Spaces n Motion Detectors n Controlled Areas n Closed Circuit TV n Physical Personal Id System n Guard And Patrol n Emergency Response Team

Discretionary Access Control n Create user accounts, then grant or revoke privileges to users to access data in a specific mode (read, write, or update) n DB audit n Two level privileges: –account level – relation level: select, modify & reference n Access Matrix model –rows: subjects( users, accounts, programs) –column: objects (relations, views, t, col, operations)

Mandatory Access Control n Based on security classes n Security Classification (classes) Assignment: n Top Secret, Secret, Confidential, Unclassified n multilevel securities - combined with DAC n Bell-laPadula model: class (S), class (O) –read: class (S) >= class(O) –read: class (S) >= class(O) –write: class (S) –write: class (S) n Classification attribute & multilevel relation

Statistical DB Security n Protect the privacy of individual Information by disallowing retrieval of individual data, but allow statistical queries, Like Min. Max, Average,.. n Problem==> possible to deduce the individual information through a sequence of statistical queries –no statistical queries are permitted whenever the number of tuples in the population specified by the selection condition falls below some threshold –prohibit sequences of queries referring repeatedly to the same population –noise

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.