IT203 Unit 8: Database Security I Is It Secure? Copyright © 2012 Pearson Education, Inc. Publishing as Prentice HallChapter8.1.

Slides:



Advertisements
Similar presentations
IT203 Unit 9: Database Security II Is It Secure? Copyright © 2012 Pearson Education, Inc. Publishing as Prentice HallChapter8.1.
Advertisements

Statistics for Managers using Microsoft Excel 6th Edition
Copyright © 2010 Pearson Education, Inc. Publishing as Prentice Hall Chapter 5 The Voice of the Customer.
INSERT BOOK COVER 1Copyright © 2011 Pearson Education, Inc. Publishing as Prentice Hall. Exploring Microsoft Office Excel 2010 by Robert Grauer, Keith.
Chapter 1 Getting Started with Access Databases. Objectives Identify Good Database Design Create a Table and Define Fields in a New Blank Database Change.
Chapter Ten Marketing Communications and Customer Response.
Chapter 9 Understanding Work Teams
1 Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall. by Mary Anne Poatsy, Keith Mulbery, Eric Cameron, Jason Davidson, Rebecca Lawson,
1 Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall. by Mary Anne Poatsy, Keith Mulbery, Eric Cameron, Jason Davidson, Rebecca Lawson,
1 Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall. by Mary Anne Poatsy, Keith Mulbery, Eric Cameron, Jason Davidson, Rebecca Lawson,
Skills for Success with Microsoft Office 2013 Volume 1
chapter 13 International Strategic Alliances
Getting Started Chapter One DAVID M. KROENKE and DAVID J. AUER DATABASE CONCEPTS, 5 th Edition.
Job Analysis and the Talent Management Process
Getting Started with Microsoft SQL Server 2012 Express Edition Appendix A DAVID M. KROENKE and DAVID J. AUER DATABASE CONCEPTS, 6 th Edition.
Chapter One Customer Focus and Managing Customer Loyalty
1 Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall. by Mary Anne Poatsy, Keith Mulbery, Eric Cameron, Jason Davidson, Rebecca Lawson,
Getting Started with Microsoft Access The Access Workbench: Section One DAVID M. KROENKE and DAVID J. AUER DATABASE CONCEPTS, 4 th Edition.
Copyright ©2014 Pearson Education, Inc. Chapter 8 Is it Secure? Chapter8.1.
Getting Started with Oracle Database 11g Release 2 Express Edition Appendix B DAVID M. KROENKE and DAVID J. AUER DATABASE CONCEPTS, 6 th Edition.
GO! All In One 2/E By: Shelley Gaskin, Nancy Graviett, Debra Geoghan Chapter 11 Creating Tables and Inserting Functions and Charts Copyright © 2015 Pearson.
Getting Started Chapter One DAVID M. KROENKE and DAVID J. AUER DATABASE CONCEPTS, 6 th Edition.
Copyright © 2010 Pearson Education, Inc. Publishing as Prentice Hall 1 Committed to Shaping the Next Generation of IT Experts. Chapter 1: Finding Your.
1 Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall. by Mary Anne Poatsy, Keith Mulbery, Lynn Hogan, Amy Rutledge, Cyndi Krebs, Eric.
1 Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall. Access Module 1 Workshop 1 The Four Main Database Objects Series Editor Amy Kinser.
1 Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall. Access Module 2 Workshop 4 Accessing, Maintaining, and Presenting Information Series.
Chapter Nine Marketing Channels and Channel Mapping
1Copyright © 2011 Pearson Education, Inc. Publishing as Prentice Hall. Exploring Microsoft Access 2010 by Robert Grauer, Keith Mast, Mary Anne Poatsy Chapter.
GO! All In One 2/E By: Shelley Gaskin, Nancy Graviett, Debra Geoghan Chapter 2 Getting Started with Windows 8.1 Copyright © 2015 Pearson Education, Inc.
Direct / Online marketing Copyright © 2011 Pearson Education, Inc. Publishing as Prentice Hall 17.
Chapter Sixteen Market-Based Management and Financial Performance.
Target marketing Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall 7.
INSERT BOOK COVER 1Copyright © 2011 Pearson Education, Inc. Publishing as Prentice Hall. Exploring Microsoft Office Access 2010 by Robert Grauer, Keith.
GO! with Office 2013 Volume 1 By: Shelley Gaskin, Alicia Vargas, and Carolyn McLellan Access Chapter 3 Forms, Filters, and Reports.
GO! All In One 2/E By: Shelley Gaskin, Nancy Graviett, Debra Geoghan Chapter 13 Creating and Editing Presentations with Microsoft PowerPoint 2013 Copyright.
Chapter Thirteen Defensive Strategies. Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall13-2 Defensive Strategies Defensive strategic.
1 Copyright © 2010 Pearson Education, Inc. Publishing as Prentice Hall.
Chapter Six Competitor Analysis and Sources of Advantage.
Chapter Four The Customer Experience and Value Creation.
© 2012 Pearson Education, Inc. publishing Prentice Hall. Chapter 2 Situation Assessment: The External Environment.
GO! with Office 2013 Volume 1 By: Shelley Gaskin, Alicia Vargas, and Carolyn McLellan PowerPoint Chapter 2 Formatting PowerPoint 2 Presentations.
© 2012 Pearson Education, Inc. publishing Prentice Hall. Note 7 Company Assessment— The Value Chain.
Integrating Word, Excel,
GO! with Office 2013 Volume 1 By: Shelley Gaskin, Alicia Vargas, and Carolyn McLellan Word Chapter 1 Creating Documents with Microsoft Word 2013.
Marketing Information 04 Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
Services and Intangibles 10 Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
Getting Started Chapter One DAVID M. KROENKE and DAVID J. AUER DATABASE CONCEPTS, 4 th Edition.
Skills for Success with Microsoft Office 2013 Volume 1 Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall. by Kris Townsend, Catherine.
Skills for Success with Microsoft Office 2013 Volume 1 Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall. by Kris Townsend, Catherine.
Chapter Five Market Segmentation and Segmentation Strategies.
GO! with Office 2013 Volume 1 By: Shelley Gaskin, Alicia Vargas, and Carolyn McLellan Word Chapter 3 Creating Research Papers, Newsletters, and Merged.
By Mary Anne Poatsy, Keith Mulbery, Eric Cameron, Jason Davidson, Rebecca Lawson, Linda Lau, Jerri Williams Chapter 6 Action and Specialized Queries 1.
© 2012 Pearson Education, Inc. publishing Prentice Hall. Note 9 The Product Life Cycle.
Chapter 3 Requirements and Business Rules Copyright © 2012 Pearson Education, Inc. Publishing as Prentice HallChapter3.1.
© 2012 Pearson Education, Inc. publishing Prentice Hall. Note 18 Generic Strategies—The Value Map.
GO! with Office 2013 Volume 1 By: Shelley Gaskin, Alicia Vargas, and Carolyn McLellan Excel Chapter 3 Analyzing Data with Pie Charts, Line Charts, and.
© 2012 Pearson Education, Inc. publishing Prentice Hall. Note 16 What is a Marketing Strategy?
Chapter Fourteen Building a Marketing Plan. Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall14-2 Building a Marketing Plan Creativity.
GO! with Office 2013 Volume 1 By: Shelley Gaskin, Alicia Vargas, and Carolyn McLellan Word Chapter 2 Using Tables and Templates to Create Resumes and Cover.
GO! with Office 2013 Volume 1 By: Shelley Gaskin, Alicia Vargas, and Carolyn McLellan PowerPoint Chapter 3 Enhancing a Presentation with Animation, Video,
David M. Kroenke and David J. Auer Database Processing: Fundamentals, Design, and Implementation Chapter Ten: Managing Databases with SQL Server 2012,
Organizational Behavior 15th Ed Diversity in Organizations Copyright © 2013 Pearson Education, Inc. publishing as Prentice Hall2-1 Robbins and Judge Chapter.
Chapter Two Marketing Performance and Marketing Profitability.
GO! with Microsoft® Access e
Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall
PT2520 Unit 9: Database Security II
PT2520 Unit 8: Database Security I
Getting Started Chapter One DATABASE CONCEPTS, 5th Edition
Getting Started Chapter One DATABASE CONCEPTS, 4th Edition
Presentation transcript:

IT203 Unit 8: Database Security I Is It Secure? Copyright © 2012 Pearson Education, Inc. Publishing as Prentice HallChapter8.1

Overview Security is essential for any database that will be put into production. One way to begin thinking about security is to look at two terms: – Authentication – Authorization Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall Chapter8.2

Authentication Authentication is the process of determining if the person is, in fact, who he or she claims to be. This can be done in a variety of ways: – Login name and password – Certificate – Biometrics Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall Chapter8.3

Authorization Authorization is about authorizing a user to do things in the database. It involves setting permissions on objects and data. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall Chapter8.4

SQL Server Authentication SQL Server has two primary ways of authenticating users: – Windows authentication – SQL Server authentication Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall Chapter8.5

Windows Authentication In Windows Authentication, a windows or Active Directory account is mapped to a SQL Server Account. Users log into their Windows machine and access the SQL Server through this account. This is the preferred method of authentication. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall Chapter8.6

SQL Server Authentication In SQL Server or mixed authentication, a user is given a login name and a password for logging into the server. This is useful in environments where not every user has a Windows account. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall Chapter8.7

Example: Creating a SQL Server Login CREATE LOGIN StudentLogIn WITH DEFAULT_DATABASE=TutorManagement Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall Chapter_.8

Roles Roles are collections of permissions. Rather than try to assign and maintain individual user permissions, users can be assigned to a role that provides a common set of permissions. Roles provide a much more efficient and maintainable way of controlling user access to the database. New roles can be created as needed and SQL Server provides a set of built-in roles. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall Chapter8.9

Table of Built-in Roles Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall Chapter8.10 Database RoleDescription db_accessadminCan ALTER any User and create Schema db_backupoperatorGrants the user to back up and restore the particular database db_datareaderGrants the user SELECT on all Tables and Views in the database db_datawriter Grants the user INSERT, UPDATE and DELETE permissions on all Tables and Views db_ddladminGrants the ability to CREATE or ALTER any database object db_denydatareaderDenies SELECT on all Tables and Views db_denydatawriterDenies INSERT,UPDATE, and DELETE on all Tables and Views db_ownerGrants ownership and full permissions on all database objects db_securityadminGrants the ability to ALTER roles and CREATE Schema publicGrants access to database but by default has no permissions on any objects. Every user is a member of public as well as any other roles. The public role cannot be removed

Example: Creating a Role USE TutorManagement Go CREATE ROLE StudentRole Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall Chapter_.11

Schema Schema can be used to achieve results similar to roles. However, a role is a collection of permissions; a schema is a collection of objects owned by a schema. Users can be assigned to a schema and then assigned permissions on schema objects. When they log in, they will only see the objects in their schema. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall Chapter8.12

Analyzing Security Needs One way to analyze the security needs of a database is to look at the security requirements of each type of database user. You can analyze those needs in terms of specific permissions on tables and objects. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall Chapter8.13

Analysis Example Table nameSELECTINSERTUPDATEDELETEConstraints Student TutorX A public subset of tutor info CourseX StudentCourse Ethnicity SessionXX* *Only for own sessions RequestX RequestNoteX Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall Chapter8.14

All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording, or otherwise, without the prior written permission of the publisher. Printed in the United States of America. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.