Presentation is loading. Please wait.

Presentation is loading. Please wait.

Database Security By Bei Yuan. Why do we need DB Security? Make data arranged and secret Secure other’s DB.

Published byArchibald Griffith Modified over 9 years ago

Similar presentations

Presentation on theme: "Database Security By Bei Yuan. Why do we need DB Security? Make data arranged and secret Secure other’s DB."— Presentation transcript:

1 Database Security By Bei Yuan

2 Why do we need DB Security? Make data arranged and secret Secure other’s DB

3 Security Issues: Security Policy Access Control Encryption Internet Security Threat Monitoring (Auditing)

4 Security Policy Exposures: A form of possible loss of a firm. Vulnerabilities: Weakness in an enterprise’s system. Threats: Specific, potential attack on the enterprise. Controls: Eliminate threats, vulnerabilities and exposures

5 A security system is a system.

6 Access Control ♦ Access Control Models ♦ User Authentication

7 Access Control Models Discretionary Access Control (DAC) Model Mandatory Access Control (MAC) Model Role-Based Access Control (RABC) Model

8 Discretionary Access Control Ownership-based, flexible, most widely used, low assurance Privileged users: DBA and owners of the tables

9 Limitations of DAC

10 Mandatory Access Control Administration-based Data flow control rules High level of security, but less flexible

11 MAC Policy

12 Role-Based Access Control Flexible Separation of duty Able to express DAC, MAC, and user- specific policies using role constraints Easy to incorporated into current tech

13 User Authentication Password-Based Authentication Host-Based Authentication Third Party-Based Authentication

14 Encryption Full Database Encryption Partial Database Encryption Off-Line Database Encryption

15 Full Database Encryption Limit readability of DB files in the OS Redundance Time-consuming in changing encryption key

16 Off-line Database Encryption A note of caution: Organizations considering this should thoroughly test that data which is encrypted before storage off- line can be decrypted and re-imported successfully before embarking on large-scale encryption of backup data.

17 Internet Security Server Security — Static Web Pages — Dynamic Page Generation Session Security

18 Secret-key Security (Using single key) Public-key Security (Using two keys) — SSL protocol

19 Auditing Audit via the database or operating system The DBA must be able to log every relevant user action in order to recreate a series of actions. The series of user actions is called the audit trail.

20 Conclusion Database security will always be the critical component of every information system. “Security costs. Pay for it, or pay for not having it.”

Download ppt "Database Security By Bei Yuan. Why do we need DB Security? Make data arranged and secret Secure other’s DB."

Similar presentations

ACCESS CONTROL: THE NEGLECTED FRONTIER Ravi Sandhu George Mason University.

ACCESS CONTROL: THE NEGLECTED FRONTIER Ravi Sandhu George Mason University.
Lecture 6 User Authentication (cont)

Lecture 6 User Authentication (cont)
Notes: Update as of 1/13/2010. Vulnerabilities are included for SQL Server 2000, SQL Server 2005, SQL Server 2008. Oracle (8i, 9i, 9iR2, 10g, 10gR2,11g),

Notes: Update as of 1/13/2010. Vulnerabilities are included for SQL Server 2000, SQL Server 2005, SQL Server Oracle (8i, 9i, 9iR2, 10g, 10gR2,11g),
Access Control Chapter 3 Part 3 Pages 209 to 227.

Access Control Chapter 3 Part 3 Pages 209 to 227.
The twenty-four/seven database Oracle Database Security David Yahalom Senior database consultant

The twenty-four/seven database Oracle Database Security David Yahalom Senior database consultant
Database Administration and Security Transparencies 1.

Database Administration and Security Transparencies 1.
Copyright © 2004 Pearson Education, Inc.. Chapter 23 Database Security and Authorization.

Copyright © 2004 Pearson Education, Inc.. Chapter 23 Database Security and Authorization.
Chapter 11 Database Security: An Introduction Copyright © 2004 Pearson Education, Inc.

Chapter 11 Database Security: An Introduction Copyright © 2004 Pearson Education, Inc.
Database Management System

Database Management System
Security+ Guide to Network Security Fundamentals, Fourth Edition

Security+ Guide to Network Security Fundamentals, Fourth Edition
Lecture III : Communication Security, Services & Mechanisms Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University.

Lecture III : Communication Security, Services & Mechanisms Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 5 Database Application Security Models.

Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 5 Database Application Security Models.
Chapter 7 HARDENING SERVERS.

Chapter 7 HARDENING SERVERS.
Security Dale-Marie Wilson, Ph.D.. Why Database Security? Data Valuable resource Must be strictly controlled and managed Corporate resource Have strategic.

Security Dale-Marie Wilson, Ph.D.. Why Database Security? Data Valuable resource Must be strictly controlled and managed Corporate resource Have strategic.
Chapter 8 Security Transparencies © Pearson Education Limited 1995, 2005.

Chapter 8 Security Transparencies © Pearson Education Limited 1995, 2005.
Chapter 5 Database Application Security Models

Chapter 5 Database Application Security Models
Chapter 20: Network Security Business Data Communications, 4e.

Chapter 20: Network Security Business Data Communications, 4e.
2  A system can protect itself in two ways: It can limit who can access the system. This requires the system to implement a two-step process of identification.

2  A system can protect itself in two ways: It can limit who can access the system. This requires the system to implement a two-step process of identification.
Chapter 19 Security Transparencies © Pearson Education Limited 1995, 2005.

Chapter 19 Security Transparencies © Pearson Education Limited 1995, 2005.
Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 4 “Overview”.

Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 4 “Overview”.

Similar presentations

Ads by Google