Presentation is loading. Please wait.

Presentation is loading. Please wait.

Authorization.

Published byJennifer Robinson Modified over 6 years ago

Similar presentations

Presentation on theme: "Authorization."— Presentation transcript:

1 Authorization

2 Authorization Database Authorization
Make sure users see only the data they’re supposed to see Guard the database against modifications by malicious users

3 Authorization Database Authorization
Users have privileges; can only operate on data for which they are authorized Select on R or Select(A1,…,An) on R Insert on R or Insert(A1,…,An) on R Update on R or Update(A1,…,An) on R Delete on R

4 Authorization Update Apply Set dec = ‘Y’ Where sID In (Select sID
From Student Where GPA > 3.9) College Student Apply cName state enr sID sName GPA HS sID cName major dec

5 Authorization Delete From Student Where sID Not In
(Select sID From Apply) College Student Apply cName state enr sID sName GPA HS sID cName major dec

6 Authorization Select student info for Stanford applicants only
Create View SS As Select * From Student Where sID In (Select sID From Apply Where cName =‘Stanford’) College Student Apply cName state enr sID sName GPA HS sID cName major dec

7 Authorization Delete Berkeley applications only Create View BA As
Select * From Apply Where cName =‘Berkeley’ College Student Apply cName state enr sID sName GPA HS sID cName major dec

8 Authorization Obtaining Privileges Relation creator is owner
Owner has all privileges and may grant privileges Grant privs On R To users [ With Grant Option ]

9 Authorization Revoking Privileges Revoke privs On R From users
[ Cascade | Restrict ]

10 Authorization Revoking Privileges Cascade: Also revoke privileges granted from privileges being revoked (transitively), unless also granted from another source Revoke privs On R From users [ Cascade | Restrict ]

11 Authorization Revoking Privileges Restrict: Disallow if Cascade would revoke any other privileges Revoke privs On R From users [ Cascade | Restrict ]

12 Authorization Where Privileges Reside DBMS Data Database application
End user Even more software Database application developer More software DBMS Data

13 Authorization Database Authorization
Make sure users see only the data they’re supposed to see Guard the database against modifications by malicious users Users have privileges; can only operate on data for which they are authorized Grant and Revoke statements Beyond simple table-level privileges: use views

Download ppt "Authorization."

Similar presentations

14-1 Copyright  Oracle Corporation, 1998. All rights reserved. Privileges Database security: – System security – Data security System privileges: Gain.

14-1 Copyright  Oracle Corporation, All rights reserved. Privileges Database security: – System security – Data security System privileges: Gain.
13 Copyright © Oracle Corporation, 2001. All rights reserved. Controlling User Access.

13 Copyright © Oracle Corporation, All rights reserved. Controlling User Access.
Jan. 2014Dr. Yangjun Chen ACS-49021 Database security and authorization (Ch. 22, 3 rd ed. – Ch. 23, 4 th ed. – Ch. 24, 6 th )

Jan. 2014Dr. Yangjun Chen ACS Database security and authorization (Ch. 22, 3 rd ed. – Ch. 23, 4 th ed. – Ch. 24, 6 th )
Security and Authorization. Introduction to DB Security Secrecy: Users shouldn’t be able to see things they are not supposed to. –E.g., A student can’t.

Security and Authorization. Introduction to DB Security Secrecy: Users shouldn’t be able to see things they are not supposed to. –E.g., A student can’t.
Database Security by Muhammad Waheed Aslam SIS Project Leader ITC/KFUPM.

Database Security by Muhammad Waheed Aslam SIS Project Leader ITC/KFUPM.
Security and Authorization. Introduction to DB Security Secrecy: Users shouldn’t be able to see things they are not supposed to. –E.g., A student can’t.

Security and Authorization. Introduction to DB Security Secrecy: Users shouldn’t be able to see things they are not supposed to. –E.g., A student can’t.
Authority, Sequence, Changing Data Pepper. SECURITY Everyone can use the same database Different people can make different changes Some to structure Some.

Authority, Sequence, Changing Data Pepper. SECURITY Everyone can use the same database Different people can make different changes Some to structure Some.
1 Query Languages: How to build or interrogate a relational database Structured Query Language (SQL)

1 Query Languages: How to build or interrogate a relational database Structured Query Language (SQL)
CSCI 5707: Database Security Pusheng Zhang University of Minnesota March 2, 2004.

CSCI 5707: Database Security Pusheng Zhang University of Minnesota March 2, 2004.
Security and Transaction Management Pertemuan 8 Matakuliah: T0413/Current Popular IT II Tahun: 2007.

Security and Transaction Management Pertemuan 8 Matakuliah: T0413/Current Popular IT II Tahun: 2007.
Dec 15, 2003Murali Mani Transactions and Security B term 2004: lecture 17.

Dec 15, 2003Murali Mani Transactions and Security B term 2004: lecture 17.
Cs3431 Transactions, Logging and Security. cs3431 Transactions: What and Why? A set of operations on a database must appear as one “unit”. Example: Consider.

Cs3431 Transactions, Logging and Security. cs3431 Transactions: What and Why? A set of operations on a database must appear as one “unit”. Example: Consider.
Triggers, security and authorization in SQL Niki Sardjono Niki Sardjono CS 157A sect 2 Prof. S. M. Lee.

Triggers, security and authorization in SQL Niki Sardjono Niki Sardjono CS 157A sect 2 Prof. S. M. Lee.
Jennifer Widom SQL Data Modification Statements. Jennifer Widom Insert Into Table Values(A 1,A 2,…,A n ) SQL: Modifications Inserting new data (2 methods)

Jennifer Widom SQL Data Modification Statements. Jennifer Widom Insert Into Table Values(A 1,A 2,…,A n ) SQL: Modifications Inserting new data (2 methods)
Security and Integrity

Security and Integrity
Copyright س Oracle Corporation, 1998. All rights reserved. 14 Controlling User Access.

Copyright س Oracle Corporation, All rights reserved. 14 Controlling User Access.
Database Programming Sections 13–Creating, revoking objects privileges.

Database Programming Sections 13–Creating, revoking objects privileges.
Controlling User Access. Objectives After completing this lesson, you should be able to do the following: Create users Create roles to ease setup and.

Controlling User Access. Objectives After completing this lesson, you should be able to do the following: Create users Create roles to ease setup and.
DCL/1 Data Control Language Objectives –To learn about the security mechanisms implemented in an RDBMS and how to use them Contents –Identifying Users.

DCL/1 Data Control Language Objectives –To learn about the security mechanisms implemented in an RDBMS and how to use them Contents –Identifying Users.
Database Management COP4540, SCS, FIU Constraints and security in SQL (Ch. 8.6, Ch22.2)

Database Management COP4540, SCS, FIU Constraints and security in SQL (Ch. 8.6, Ch22.2)

Similar presentations

Ads by Google