Presentation is loading. Please wait.

Presentation is loading. Please wait.

Jennifer Widom Authorization. Jennifer Widom Authorization Database Authorization  Make sure users see only the data they’re supposed to see  Guard.

Published byLouise Gregory Modified over 8 years ago

Similar presentations

Presentation on theme: "Jennifer Widom Authorization. Jennifer Widom Authorization Database Authorization  Make sure users see only the data they’re supposed to see  Guard."— Presentation transcript:

1 Jennifer Widom Authorization

2 Jennifer Widom Authorization Database Authorization  Make sure users see only the data they’re supposed to see  Guard the database against modifications by malicious users

3 Jennifer Widom Authorization Database Authorization Users have privileges; can only operate on data for which they are authorized  Select on R or Select(A 1,…,A n ) on R  Insert on R or Insert(A 1,…,A n ) on R  Update on R or Update(A 1,…,A n ) on R  Delete on R

4 Jennifer Widom cNamestateenr sIDsNameGPAHSsIDcNamemajordec CollegeStudentApply Authorization Update Apply Set dec = ‘Y’ Where sID In (Select sID From Student Where GPA > 3.9)

5 Jennifer Widom cNamestateenr sIDsNameGPAHSsIDcNamemajordec CollegeStudentApply Authorization Delete From Student Where sID Not In (Select sID From Apply)

6 Jennifer Widom cNamestateenr sIDsNameGPAHSsIDcNamemajordec CollegeStudentApply Authorization Select student info for Stanford applicants only Create View SS As Select * From Student Where sID In (Select sID From Apply Where cName =‘Stanford’)

7 Jennifer Widom cNamestateenr sIDsNameGPAHSsIDcNamemajordec CollegeStudentApply Authorization Delete Berkeley applications only Create View BA As Select * From Apply Where cName =‘Berkeley’

8 Jennifer Widom Authorization Obtaining Privileges  Relation creator is owner  Owner has all privileges and may grant privileges Grant privs On R To users [ With Grant Option ]

9 Jennifer Widom Authorization Revoking Privileges Revoke privs On R From users [ Cascade | Restrict ]

10 Jennifer Widom Authorization Revoking Privileges Cascade : Also revoke privileges granted from privileges being revoked (transitively), unless also granted from another source Revoke privs On R From users [ Cascade | Restrict ]

11 Jennifer Widom Authorization Revoking Privileges Restrict : Disallow if Cascade would revoke any other privileges Revoke privs On R From users [ Cascade | Restrict ]

12 Jennifer Widom DBMS More software Even more software Data Authorization Where Privileges Reside Database application developer End user

13 Jennifer Widom Authorization Database Authorization  Make sure users see only the data they’re supposed to see  Guard the database against modifications by malicious users  Users have privileges; can only operate on data for which they are authorized  Grant and Revoke statements  Beyond simple table-level privileges: use views

Download ppt "Jennifer Widom Authorization. Jennifer Widom Authorization Database Authorization  Make sure users see only the data they’re supposed to see  Guard."

Similar presentations

14-1 Copyright  Oracle Corporation, 1998. All rights reserved. Privileges Database security: – System security – Data security System privileges: Gain.

14-1 Copyright  Oracle Corporation, All rights reserved. Privileges Database security: – System security – Data security System privileges: Gain.
13 Copyright © Oracle Corporation, 2001. All rights reserved. Controlling User Access.

13 Copyright © Oracle Corporation, All rights reserved. Controlling User Access.
Jan. 2014Dr. Yangjun Chen ACS-49021 Database security and authorization (Ch. 22, 3 rd ed. – Ch. 23, 4 th ed. – Ch. 24, 6 th )

Jan. 2014Dr. Yangjun Chen ACS Database security and authorization (Ch. 22, 3 rd ed. – Ch. 23, 4 th ed. – Ch. 24, 6 th )
Security and Authorization. Introduction to DB Security Secrecy: Users shouldn’t be able to see things they are not supposed to. –E.g., A student can’t.

Security and Authorization. Introduction to DB Security Secrecy: Users shouldn’t be able to see things they are not supposed to. –E.g., A student can’t.
Database Security by Muhammad Waheed Aslam SIS Project Leader ITC/KFUPM.

Database Security by Muhammad Waheed Aslam SIS Project Leader ITC/KFUPM.
Security and Authorization. Introduction to DB Security Secrecy: Users shouldn’t be able to see things they are not supposed to. –E.g., A student can’t.

Security and Authorization. Introduction to DB Security Secrecy: Users shouldn’t be able to see things they are not supposed to. –E.g., A student can’t.
1 SQL Authorization Privileges Grant and Revoke Grant Diagrams.

1 SQL Authorization Privileges Grant and Revoke Grant Diagrams.
Authority, Sequence, Changing Data Pepper. SECURITY Everyone can use the same database Different people can make different changes Some to structure Some.

Authority, Sequence, Changing Data Pepper. SECURITY Everyone can use the same database Different people can make different changes Some to structure Some.
1 SQL Authorization Privileges Grant and Revoke Grant Diagrams.

1 SQL Authorization Privileges Grant and Revoke Grant Diagrams.
Manajemen Basis Data Pertemuan 1 Matakuliah: M0264/Manajemen Basis Data Tahun: 2008.

Manajemen Basis Data Pertemuan 1 Matakuliah: M0264/Manajemen Basis Data Tahun: 2008.
Security and Authorization. Introduction to DB Security Secrecy: Users shouldn’t be able to see things they are not supposed to. –E.g., A student can’t.

Security and Authorization. Introduction to DB Security Secrecy: Users shouldn’t be able to see things they are not supposed to. –E.g., A student can’t.
CSCI 5707: Database Security Pusheng Zhang University of Minnesota March 2, 2004.

CSCI 5707: Database Security Pusheng Zhang University of Minnesota March 2, 2004.
Security and Transaction Management Pertemuan 8 Matakuliah: T0413/Current Popular IT II Tahun: 2007.

Security and Transaction Management Pertemuan 8 Matakuliah: T0413/Current Popular IT II Tahun: 2007.
Dec 15, 2003Murali Mani Transactions and Security B term 2004: lecture 17.

Dec 15, 2003Murali Mani Transactions and Security B term 2004: lecture 17.
Cs3431 Transactions, Logging and Security. cs3431 Transactions: What and Why? A set of operations on a database must appear as one “unit”. Example: Consider.

Cs3431 Transactions, Logging and Security. cs3431 Transactions: What and Why? A set of operations on a database must appear as one “unit”. Example: Consider.
Triggers, security and authorization in SQL Niki Sardjono Niki Sardjono CS 157A sect 2 Prof. S. M. Lee.

Triggers, security and authorization in SQL Niki Sardjono Niki Sardjono CS 157A sect 2 Prof. S. M. Lee.
View n A single table derived from other tables which can be a base table or previously defined views n Virtual table: doesn’t exist physically n Limitation.

View n A single table derived from other tables which can be a base table or previously defined views n Virtual table: doesn’t exist physically n Limitation.
Relational Databases Relational Algebra (2)

Relational Databases Relational Algebra (2)
Jennifer Widom SQL Data Modification Statements. Jennifer Widom Insert Into Table Values(A 1,A 2,…,A n ) SQL: Modifications Inserting new data (2 methods)

Jennifer Widom SQL Data Modification Statements. Jennifer Widom Insert Into Table Values(A 1,A 2,…,A n ) SQL: Modifications Inserting new data (2 methods)
Security and Integrity

Security and Integrity

Similar presentations

Ads by Google