Presentation is loading. Please wait.

Presentation is loading. Please wait.

Database Management Systems, 3ed, R. Ramakrishnan and J. Gehrke1 Database architecture and security Workshop 4.

Published byGinger Underwood Modified over 8 years ago

Similar presentations

Presentation on theme: "Database Management Systems, 3ed, R. Ramakrishnan and J. Gehrke1 Database architecture and security Workshop 4."— Presentation transcript:

1 Database Management Systems, 3ed, R. Ramakrishnan and J. Gehrke1 Database architecture and security Workshop 4

2 Database Management Systems, 3ed, R. Ramakrishnan and J. Gehrke2 Database & security  Authentication vs. authorisation  Authorisation in DBMS  Discretionary access control  Mandatory access control  SQL  GRANT and REVOKE  Covered in the lecture and text book

3 Database Management Systems, 3ed, R. Ramakrishnan and J. Gehrke3 Bigger picture  Database  Information system  Web-based interface  Communication by sending messages over insecure network (Internet)  Alice sending a letter to Bob while Eve is eavesdropping…

4 Database Management Systems, 3ed, R. Ramakrishnan and J. Gehrke4 Key security concepts  Confidentiality (secrecy)  Integrity  Authenticity  Non-repudiation  Availability

5 Database Management Systems, 3ed, R. Ramakrishnan and J. Gehrke5 Key security concepts  Confidentiality (secrecy)  Users are not able to see things they are not supposed to.  Integrity  Authenticity  Non-repudiation  Availability

6 Database Management Systems, 3ed, R. Ramakrishnan and J. Gehrke6 Key security concepts  Confidentiality (secrecy)  Users are not able to see things they are not supposed to.  Integrity  Users are not able to modify things they are not supposed to.  Authenticity  Non-repudiation  Availability

7 Database Management Systems, 3ed, R. Ramakrishnan and J. Gehrke7 Key security concepts  Confidentiality (secrecy)  Users are not able to see things they are not supposed to.  Integrity  Users are not able to modify things they are not supposed to.  Authenticity  Users are who they are pretending to be.  Non-repudiation  Availability

8 Database Management Systems, 3ed, R. Ramakrishnan and J. Gehrke8 Key security concepts  Confidentiality (secrecy)  Users are not able to see things they are not supposed to.  Integrity  Users are not able to modify things they are not supposed to.  Authenticity  Users are who they are pretending to be.  Non-repudiation  Users are not able to deny that they did what they did.  Availability

9 Database Management Systems, 3ed, R. Ramakrishnan and J. Gehrke9 Key security concepts  Confidentiality (secrecy)  Users are not able to see things they are not supposed to.  Integrity  Users are not able to modify things they are not supposed to.  Authenticity  Users are who they are pretending to be.  Non-repudiation  Users are not able to deny that they did what they did.  Availability  Users are able to see and modify things they are allowed to.

10 Database Management Systems, 3ed, R. Ramakrishnan and J. Gehrke10 Symmetric encryption

11 Database Management Systems, 3ed, R. Ramakrishnan and J. Gehrke11 Asymmetric encryption

12 Database Management Systems, 3ed, R. Ramakrishnan and J. Gehrke12 Asymmetric encryption  Like sending a chest with an opened lock  Pros:  Cons:

13 Database Management Systems, 3ed, R. Ramakrishnan and J. Gehrke13 Asymmetric encryption  Like sending a chest with an opened lock  Pros:  no need to transmit a shared key via secret channel  Cons:  computationally more expensive  How to make sure that public key X belongs to X (certification authorities)?

14 Database Management Systems, 3ed, R. Ramakrishnan and J. Gehrke14 Certification authority

15 Database Management Systems, 3ed, R. Ramakrishnan and J. Gehrke15 Digital signatures

16 Database Management Systems, 3ed, R. Ramakrishnan and J. Gehrke16 SSL/TSL

17 Database Management Systems, 3ed, R. Ramakrishnan and J. Gehrke17 SSL/TSL  Secure Sockets Layer and Transport Layer Security protocols  SSL/TSL allows client-server applications to communicate across a network securely  designed to prevent eavesdropping and tampering  Asymmetric cryptography for key exchange  Symmetric encryption for confidentiality

18 Database Management Systems, 3ed, R. Ramakrishnan and J. Gehrke18 SSL/TSL Change Cipher Spec.

19 Database Management Systems, 3ed, R. Ramakrishnan and J. Gehrke19 Key concepts – a reflection  Confidentiality (secrecy)  Integrity  Authenticity and non-repudiation  Availability

20 Database Management Systems, 3ed, R. Ramakrishnan and J. Gehrke20 Key concepts – a reflection  Confidentiality (secrecy)  Encryption (DES, AES, RSA); addressed in SSL  Integrity  Authenticity and non-repudiation  Availability

21 Database Management Systems, 3ed, R. Ramakrishnan and J. Gehrke21 Key concepts – a reflection  Confidentiality (secrecy)  Encryption (DES, AES, RSA); addressed in SSL  Integrity  Digital signatures (use encryption); cryptographic hashing; addressed in SSL  Authenticity and non-repudiation  Availability

22 Database Management Systems, 3ed, R. Ramakrishnan and J. Gehrke22 Key concepts – a reflection  Confidentiality (secrecy)  Encryption (DES, AES, RSA); addressed in SSL  Integrity  Digital signatures (use encryption); cryptographic hashing; addressed in SSL  Authenticity and non-repudiation  Digital signatures (use encryption); keyed cryptographic hashing; addressed in SSL  Availability

23 Database Management Systems, 3ed, R. Ramakrishnan and J. Gehrke23 Key concepts – a reflection  Confidentiality (secrecy)  Encryption (DES, AES, RSA); addressed in SSL  Integrity  Digital signatures (use encryption); cryptographic hashing; addressed in SSL  Authenticity and non-repudiation  Digital signatures (use encryption); keyed cryptographic hashing; addressed in SSL  Availability  Counter-measures against DoS attacks and similar

Download ppt "Database Management Systems, 3ed, R. Ramakrishnan and J. Gehrke1 Database architecture and security Workshop 4."

Similar presentations

Security and Privacy over the Internet Chan Hing Wing, Anthony Mphil Yr. 1, CSE, CUHK Oct 19, 1998.

Security and Privacy over the Internet Chan Hing Wing, Anthony Mphil Yr. 1, CSE, CUHK Oct 19, 1998.
By Md Emran Mazumder Ottawa University Student no: 6282845.

By Md Emran Mazumder Ottawa University Student no:
Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.

Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
SSL : An Overview Bruhadeshwar Bezawada International Institute of Information Technology, Hyderabad.

SSL : An Overview Bruhadeshwar Bezawada International Institute of Information Technology, Hyderabad.
Computer and Network Security Mini Lecture by Milica Barjaktarovic.

Computer and Network Security Mini Lecture by Milica Barjaktarovic.
More on SSL/TLS. Internet security: TLS TLS is one of the more prominent internet security protocols. TLS is one of the more prominent internet security.

More on SSL/TLS. Internet security: TLS TLS is one of the more prominent internet security protocols. TLS is one of the more prominent internet security.
L0. Introduction Rocky K. C. Chang, January 2013.

L0. Introduction Rocky K. C. Chang, January 2013.
1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.

1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.
Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.

Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.
Lecture III : Communication Security, Services & Mechanisms Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University.

Lecture III : Communication Security, Services & Mechanisms Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University.
Cryptography and Network Security Chapter 17

Cryptography and Network Security Chapter 17
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue Technology and security specialists are part of the system.

Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue Technology and security specialists are part of the system.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.

Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.

TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.
Chapter 19 Security.

Chapter 19 Security.
Web services security I

Web services security I
Announcement Final exam: Wed, June 9, 9:30-11:18 Scope: materials after RSA (but you need to know RSA) Open books, open notes. Calculators allowed. 1.

Announcement Final exam: Wed, June 9, 9:30-11:18 Scope: materials after RSA (but you need to know RSA) Open books, open notes. Calculators allowed. 1.

Similar presentations

Ads by Google