Presentation is loading. Please wait.

Presentation is loading. Please wait.

Database Security Jagdish S. Gangolly School of Business

Published byLillian Hines Modified over 6 years ago

Similar presentations

Presentation on theme: "Database Security Jagdish S. Gangolly School of Business"— Presentation transcript:

1 Database Security Jagdish S. Gangolly School of Business
State University of New York at Albany NOTE: These notes are based on the book Security in Computing, by Charles & Shari Pfleeger, and are prepared solely for the students in the course Acc 661 at SUNY Albany. They are not to be used by others without the permission of the instructor. 12/6/2018 Acc 661 Auditing of Adv Acctg Info Systems

2 Acc 661 Auditing of Adv Acctg Info Systems
Database Security Security requirements Physical database integrity Logical database integrity Element integrity Auditability Access control User authentication Availability 12/6/2018 Acc 661 Auditing of Adv Acctg Info Systems

3 Example of Oracle DBMS Architecture
Source: 12/6/2018 Acc 661 Auditing of Adv Acctg Info Systems

4 Database Integrity & Auditability
Field Checks (Domain) Access control Maintenance of change log Granularity problem Pass-through problem Direct access of data vs. Inference problem 12/6/2018 Acc 661 Auditing of Adv Acctg Info Systems

5 Database reliability & Integrity
Two-phase update: intent phase and commit phase Redundancy/internal consistency Error correction codes Shadow fields Backup and recovery procedures Concurrency/Consistency/Deadlock management Monitors and range comparisons State constraints (eg., commit flag) and Transition constraints (eg., referential integrity) 12/6/2018 Acc 661 Auditing of Adv Acctg Info Systems

6 Acc 661 Auditing of Adv Acctg Info Systems
Inference Problem Direct vs. Indirect attacks Tracker attacks: count((SEX=F)  (RACE=C)  (DORM=Holmes)) = count(SEX=F) – count((SEX=F)  ((RACE  C) (DORM  Holmes))) Linear system vulnerability (inference by solving equations) 12/6/2018 Acc 661 Auditing of Adv Acctg Info Systems

7 Controls against Inference Attacks
Controls applied against queries Controls applied against individual items in the database Suppression: sensitive data values are not provided (query is rejected) Concealment: answer provided is close, but not the actual value Limited response suppression: Low frequency elements are not displayed 12/6/2018 Acc 661 Auditing of Adv Acctg Info Systems

8 Approaches to the Inference Problem
Suppress obviously sensitive information Track what the user knows Disguise data (random perturbation, rounding, …) 12/6/2018 Acc 661 Auditing of Adv Acctg Info Systems

9 Acc 661 Auditing of Adv Acctg Info Systems
12/6/2018 Acc 661 Auditing of Adv Acctg Info Systems

Download ppt "Database Security Jagdish S. Gangolly School of Business"

Similar presentations

Statistical database security Special purpose: used only for statistical computations. General purpose: used with normal queries (and updates) as well.

Statistical database security Special purpose: used only for statistical computations. General purpose: used with normal queries (and updates) as well.
Information Security Principles & Applications

Information Security Principles & Applications
10/25/2001Database Management -- R. Larson Data Administration and Database Administration University of California, Berkeley School of Information Management.

10/25/2001Database Management -- R. Larson Data Administration and Database Administration University of California, Berkeley School of Information Management.
Transaction Processing Lecture 2005 09 22 ACID 2 phase commit.

Transaction Processing Lecture ACID 2 phase commit.
Database Integrity, Security and Recovery Database integrity Database integrity Database security Database security Database recovery Database recovery.

Database Integrity, Security and Recovery Database integrity Database integrity Database security Database security Database recovery Database recovery.
Security in Databases. 2 Srini & Nandita (CSE2500)DB Security Outline review of databases reliability & integrity protection of sensitive data protection.

Security in Databases. 2 Srini & Nandita (CSE2500)DB Security Outline review of databases reliability & integrity protection of sensitive data protection.
Pertemuan 7-8 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.

Pertemuan 7-8 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.
AUDITING INFORMATION TECHNOLOGY USING COMPUTER ASSISTED AUDIT TOOLS AND TECHNIQUES.

AUDITING INFORMATION TECHNOLOGY USING COMPUTER ASSISTED AUDIT TOOLS AND TECHNIQUES.
Chapter 8 Security Transparencies © Pearson Education Limited 1995, 2005.

Chapter 8 Security Transparencies © Pearson Education Limited 1995, 2005.
Security in Databases. 2 Outline review of databases reliability & integrity protection of sensitive data protection against inference multi-level security.

Security in Databases. 2 Outline review of databases reliability & integrity protection of sensitive data protection against inference multi-level security.
Managing Information Systems Information Systems Security and Control Part 2 Dr. Stephania Loizidou Himona ACSC 345.

Managing Information Systems Information Systems Security and Control Part 2 Dr. Stephania Loizidou Himona ACSC 345.
Functions of a Database Management System. Functions of a DBMS C.J. Date n Indexing n Views n Security n Integrity n Concurrency n Backup/Recovery n Design.

Functions of a Database Management System. Functions of a DBMS C.J. Date n Indexing n Views n Security n Integrity n Concurrency n Backup/Recovery n Design.
Last time Finish OTR Database Security Introduction to Databases

Last time Finish OTR Database Security Introduction to Databases
DBMS1 Database Management System (DBMS) Introductory Concepts Week-1.

DBMS1 Database Management System (DBMS) Introductory Concepts Week-1.
Security Architecture Dr. Gabriel. Security Database security: –degree to which data is fully protected from tampering or unauthorized acts –Full understanding.

Security Architecture Dr. Gabriel. Security Database security: –degree to which data is fully protected from tampering or unauthorized acts –Full understanding.
SE571 Security in Computing

SE571 Security in Computing
10/5/1999Database Management -- R. Larson Data Administration and Database Administration University of California, Berkeley School of Information Management.

10/5/1999Database Management -- R. Larson Data Administration and Database Administration University of California, Berkeley School of Information Management.
IT 221: Introduction to Information Security Principles Lecture 11: Database Security For Educational Purposes Only Revised: November 13, 2002.

IT 221: Introduction to Information Security Principles Lecture 11: Database Security For Educational Purposes Only Revised: November 13, 2002.
Database Integrity and Security HAP 709 – Healthcare Databases George Mason University Janusz Wojtusiak, PhD Fall, 2010.

Database Integrity and Security HAP 709 – Healthcare Databases George Mason University Janusz Wojtusiak, PhD Fall, 2010.
Chapter 6 – Database Security  Integrity for databases: record integrity, data correctness, update integrity  Security for databases: access control,

Chapter 6 – Database Security  Integrity for databases: record integrity, data correctness, update integrity  Security for databases: access control,

Similar presentations

Ads by Google