Database Security.

Slides:

Advertisements

Similar presentations

Data Modeling and Database Design Chapter 1: Database Systems: Architecture and Components.

Advertisements

Database Security CS461/ECE422 Spring Overview Database model – Relational Databases Access Control Inference and Statistical Databases Database.

Database Security - Farkas 1 Database Security and Privacy.

©Silberschatz, Korth and Sudarshan1.1Database System Concepts Chapter 1: Introduction Purpose of Database Systems View of Data Data Models Data Definition.

Chapter Information Systems Database Management.

Midterm Review Lecture 14b. 14 Lectures So Far 1.Introduction 2.The Relational Model 3.Disks and Files 4.Relational Algebra 5.File Org, Indexes 6.Relational.

©Silberschatz, Korth and Sudarshan1.1Database System Concepts Chapter 1: Introduction Purpose of Database Systems View of Data Data Models Data Definition.

Security in Databases. 2 Outline review of databases reliability & integrity protection of sensitive data protection against inference multi-level security.

SE571 Security in Computing

10/5/1999Database Management -- R. Larson Data Administration and Database Administration University of California, Berkeley School of Information Management.

Introduction to DBMS Purpose of Database Systems View of Data

Introduction to Data bases concepts

Chapter 6: Integrity and Security Thomas Nikl 19 October, 2004 CS157B.

DAVID M. KROENKE’S DATABASE PROCESSING, 10th Edition © 2006 Pearson Prentice Hall 7-1 David M. Kroenke’s Chapter Seven: SQL for Database Construction and.

Introduction to Databases

 Introduction Introduction  Purpose of Database SystemsPurpose of Database Systems  Levels of Abstraction Levels of Abstraction  Instances and Schemas.

Chapter 2 CIS Sungchul Hong

Database Technical Session By: Prof. Adarsh Patel.

STORING ORGANIZATIONAL INFORMATION— DATABASES CIS 429—Chapter 7.

Switch off your Mobiles Phones or Change Profile to Silent Mode.

Database Programming Sections 13–Creating, revoking objects privileges.

Chapter 6 – Database Security  Integrity for databases: record integrity, data correctness, update integrity  Security for databases: access control,

Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 5 “Database and Cloud Security”.

Information Systems: Databases Define the role of general information systems Describe the elements of a database management system (DBMS) Describe the.

Introduction to Database Management Systems. Information Instructor: Csilla Farkas Office: Swearingen 3A43 Office Hours: Monday, Wednesday 4:15 pm – 5:30.

Chapter 1 : Introduction §Purpose of Database Systems §View of Data §Data Models §Data Definition Language §Data Manipulation Language §Transaction Management.

CSCE 201 Introduction to Information Security Fall 2010 Access Control.

Introduction to Database Management Systems. Information Instructor: Csilla Farkas Office: Swearingen 3A43 Office Hours: M,T,W,Th,F 2:30 pm – 3:30 pm,

Next-generation databases Active databases: when a particular event occurs and given conditions are satisfied then some actions are executed. An active.

©Silberschatz, Korth and Sudarshan1.1Database System Concepts Chapter 1: Introduction Purpose of Database Systems View of Data Data Models Data Definition.

Lecture2: Database Environment Prepared by L. Nouf Almujally 1 Ref. Chapter2 Lecture2.

CSCE 824 Secure and Distributed Database Management Systems FarkasCSCE 8241.

CS 1308 Computer Literacy and the Internet

Database Security Outline.. Introduction Security requirement Reliability and Integrity Sensitive data Inference Multilevel databases Multilevel security.

INFO1408 Database Design Concepts Week 15: Introduction to Database Management Systems.

Introduction to Database Management Systems. Information Instructor: Csilla Farkas Office: Swearingen 3A43 Office Hours: Monday, Wednesday 2:30 pm – 3:30.

Database Environment Chapter 2. Data Independence Sometimes the way data are physically organized depends on the requirements of the application. Result:

1 CS 430 Database Theory Winter 2005 Lecture 4: Relational Model.

Academic Year 2014 Spring Academic Year 2014 Spring.

Chapter 5 : Integrity And Security  Domain Constraints  Referential Integrity  Security  Triggers  Authorization  Authorization in SQL  Views 

Mr.Prasad Sawant, MIT Pune India Introduction to DBMS.

What is Access Control? Discretionary Access Control (DAC)

CSCE 824 Secure (and Distributed) Database Management Systems FarkasCSCE

Introduction Database Security Overview. Readings This lecture: This lecture: –Textbook: Chapter 5.2 –Lecture materials from CSCE 522, Nov. 3, Lecture.

Access Control.

Inference Problem Privacy Preserving Data Mining.

ASET 1 Amity School of Engineering & Technology B. Tech. (CSE/IT), III Semester Database Management Systems Jitendra Rajpurohit.

Chapter 1: Introduction. 1.2 Database Management System (DBMS) DBMS contains information about a particular enterprise Collection of interrelated data.

Lecture on Database Management System

Database Environment Chapter 2. The Three-Level ANSI-SPARC Architecture External Level Conceptual Level Internal Level Physical Data.

Database System Concepts Introduction Purpose of Database Systems View of Data Data Models Data Definition Language Data Manipulation Language Transaction.

LECTURE TWO Introduction to Databases: Data models Relational database concepts Introduction to DDL & DML.

Database Security Database System Implementation CSE 507 Some slides adapted from Navathe et. Al.

©Silberschatz, Korth and Sudarshan 1.1 Database System Concepts قواعد البيانات Data Base قواعد البيانات CCS 402 Mr. Nedal hayajneh E- mail

CENG 351 File Structures and Data Management1 Relational Model Chapter 3.

7.5 Using Stored-Procedure and Triggers NAME MATRIC NUM GROUP Muhammad Azwan Bin Khairul Anwar CS2305A Muhammad Faiz Bin Badrol Shah CS2305B.

Database Security Advanced Database Dr. AlaaEddin Almabhouh.

Chapter 5 : DataBase Security Lecture #1-Week 8 Dr.Khalid Dr. Mohannad Information Security CIT460 Information Security Dr.Khalid Dr. Mohannad 1.

Database and Cloud Security

Introduction to DBMS Purpose of Database Systems View of Data

Chapter 1: Introduction

Chapter 12 Information Systems.

Information Systems Database Management

Introduction to Database Management Systems

Introduction to DBMS Purpose of Database Systems View of Data

Access Control.

Distributed Database Management Systems

Presentation transcript:

Database Security

Reading assignments Required: Pfleeger: Chapter 6 (except 6.3) Multilevel Secure Relational Data Model (S. Jajodia, R. S. Sandhu. Toward a Multilevel Secure Relational Data Model. Proc. 1991 ACM Int'l. Conf. on Management of Data (SIGMOD), 50-59. http://www.list.gmu.edu/articles/infosec_collection/20.pdf ) Recommended: Polyinstantiation (Sushil Jajodia, Ravi S. Sandhu, and Barbara T. Blaustein, Solutions to the Polyinstantiation Problem,http://www.acsac.org/secshelf/book001/21.pdf) MLS/RDMS Architectures (LouAnna Notargiacomo, Architectures for MLS Database Management Systems http://www.acsac.org/secshelf/book001/19.pdf CSCE 522 - Farkas

Database Management System (DBMS) Collection of interrelated data and set of programs to access the data Convenient and efficient processing of data Database Application Software CSCE 522 - Farkas

Data Models A collection of tools for describing Data Relationships among data items Semantics of stored data Database constraints CSCE 522 - Farkas

Relational Data Model Works Person-name Company-name Salary Smith BB&C $43,982 Dell Bell $97,900 Black $35,652 CSCE 522 - Farkas

Relational Data Model Set of relation names: R Set of attribute names: A Relation schema: S=(r,{a1, …,an}) r relation name in R {a1, …,an} subset of A e.g., (Works,{person-name,company-name,salary}) CSCE 522 - Farkas

Tuple (Record) e.g., t(person-name)=Smith Tuple over a relation scheme S is a mapping t: {a1, …,an}  dom(a1  …  an) e.g., t(person-name)=Smith t(company-name)=BB&C t(salary)= $43,982 CSCE 522 - Farkas

Relation Relation over schema S is a set of tuples over the scheme e.g., t(person-name)=Smith, t(company-name)=BB&C, t(salary)=$43,982 t’(person-name)=Dell, t’(company-name)=Bell, t’(salary)= $97,900 t”(person-name)=Black, t”(company-name)=BB&C, t”(salary)= $35,652 CSCE 522 - Farkas

Database Database: set of relations e.g., EMPLOYEE database: Lives(person-name,street,city) Works(person-name,company-name,salary) Located-in(company-name,city) Manages(person-name,manager-name) CSCE 522 - Farkas

Query Languages Relational Algebra SQL Set operations Bag operations CSCE 522 - Farkas

Relational Algebra Select () Project () Set difference (-) Union () Rename (Px(r)) Set intersection () Natural join () CSCE 522 - Farkas

Structured Query Language SQL Typical SQL query form: SELECT A1, A2, ..., An FROM r1, r2, ..., rm WHERE C Ais represent attributes to be returned ris represent relations C is a condition CSCE 522 - Farkas

Constraints Relationship among data elements DBMS should enforce the constraints Types Keys Foreign-key (referential integrity) Value-based constraints Integrity constraints Database dependencies (e.g., functional dependencies) CSCE 522 - Farkas

Database Security Requirements Physical database integrity Logical database integrity Element integrity Auditability Access control User authentication Availability CSCE 522 - Farkas

Sensitive data Inherently sensitive From a sensitive source Declared sensitive Part of a sensitive attribute or record In relation to previously disclosed information CSCE 522 - Farkas

Types of disclosures Exact data Range of data Negative results Existence Probable values CSCE 522 - Farkas

Access control Operating system Database Management System Granularity! CSCE 522 - Farkas

Granularity Database Relation Record Attribute Element Advantages vs. disadvantages of supporting different granularity levels CSCE 522 - Farkas

Relation-Level Granularity (Works)= Secret Person-name Company-name Salary Smith BB&C $43,982 Dell Bell $97,900 Black $35,652 CSCE 522 - Farkas

Tuple-level Granularity Works Person-name Company-name Salary  Smith BB&C $43,982 P Dell Bell $97,900 S Black $35,652 P CSCE 522 - Farkas

Attribute-Level Granularity Works Person- name =P Company-name =P Salary =S Smith BB&C $43,982 Dell Bell $97,900 Black $35,652 CSCE 522 - Farkas

Cell-Level Granularity Works Person-name Company-name Salary Smith P BB&C P $43,982 S Dell S Bell S $97,900 S Black P BB&C S $35,652 S CSCE 522 - Farkas

Access Control Mechanisms Security through Views Stored Procedures Grant and Revoke Query modification CSCE 522 - Farkas

Security Through Views Assign rights to access predefined views CREATE VIEW Outstanding-Student AS SELECT NAME, COURSE, GRADE FROM Student WHERE GRADE > B Problem: Difficult to maintain updates. CSCE 522 - Farkas

Security Through Views Student relation NAME COURSE GRADE SEMESTER White CSCE 122 C+ Fall 2000 Black CSCE 313 A Brown CSCE 580 Spring 2000 Green CSCE 850 B+ Blue B CSCE 522 - Farkas

Security Through Views CREATE VIEW Outstanding-Student AS SELECT NAME, COURSE, GRADE FROM Student WHERE GRADE > B Outstanding-Student NAME COURSE GRADE Black CSCE 313 A Brown CSCE 580 Green CSCE 850 B+ CSCE 522 - Farkas

Security Through Views CREATE VIEW Fall-Student AS SELECT NAME, COURSE FROM Student WHERE SEMESTER=“Fall 2000” NAME COURSE White CSCE 122 Black CSCE 313 Green CSCE 850 Blue Fall-Student CSCE 522 - Farkas

Stored Procedures Assign rights to execute compiled programs GRANT RUN ON <program> TO <user> Problem: Programs may access resources for which the user who runs the program does not have permission. CSCE 522 - Farkas

Grant and Revoke GRANT <privilege> ON <relation> To <user> [WITH GRANT OPTION] ------------------------------------------------------------------------------------------------------------------------------------ GRANT SELECT * ON Student TO Matthews GRANT SELECT *, UPDATE(GRADE) ON Student TO FARKAS GRANT SELECT(NAME) ON Student TO Brown GRANT command applies to base relations as well as views CSCE 522 - Farkas

Grant and Revoke REVOKE <privileges> [ON <relation>] FROM <user> ------------------------------------------------------------------------------------------------------------------------- REVOKE SELECT* ON Student FROM Blue REVOKE UPDATE ON Student FROM Black REVOKE SELECT(NAME) ON Student FROM Brown CSCE 522 - Farkas

Non-cascading Revoke A B C D E F A revokes D’s privileges E B A F C Lecture 17 CSCE 522 - Farkas

Cascading Revoke A B C D E F A revokes D’s privileges B A C Lecture 17 CSCE 522 - Farkas

Positive and Negative Authorization B C E D + - Problem: Contradictory authorizations GRANT <privilege> ON X TO <user> DENY <privilege> ON X TO <user> Lecture 17 CSCE 522 - Farkas

Negative Authorization B C E D + - - Positive authorization granted By A to D becomes blocked but NOT deleted. Lecture 17 CSCE 522 - Farkas

Negative Authorization B C E D + - - + F What should happen with the privilege given by D To F? (Blocked but not deleted) Lecture 17 CSCE 522 - Farkas

Query Modification GRANT SELECT(NAME) ON Student TO Blue WHERE COURSE=“CSCE 590” Blue’s query: SELECT * FROM Student Modified query: SELECT NAME WHERE COURSE=“CSCE 580” CSCE 522 - Farkas

Next Class: Inference Problem Lecture 17 CSCE 522 - Farkas