Presentation is loading. Please wait.

Presentation is loading. Please wait.

Learning outcomes At the end of this chapter, you should be able to: Define terms related to Database Security Describe threats to data security Describe.

Published byReynard McLaughlin Modified over 9 years ago

Similar presentations

Presentation on theme: "Learning outcomes At the end of this chapter, you should be able to: Define terms related to Database Security Describe threats to data security Describe."— Presentation transcript:

1

2 Learning outcomes At the end of this chapter, you should be able to: Define terms related to Database Security Describe threats to data security Describe problems of database security and list techniques that are used to enhance security Understand the role of databases in Sarbanes-Oxley compliance

3 Database Security Database Security: Database Security: Protection of the data against accidental or intentional loss, destruction, or misuse Increased difficulty due to Internet access and client/server technologies

4 Threats to Data Security Possible locations of data security threats

5 Threats to Data Security 1. Accidental losses, including h uman error, software and hardware caused breaches 2. Theft and fraud 3. Loss of privacy (personal data) 4. Loss of confidentiality (corporate data) 5. Loss of data integrity 6. Loss of availability (through, e.g. sabotage)

6 Threats to Data Security Accidental losses, including h uman error, software and hardware caused breaches Establishing operating procedures User authorization Uniform software installation procedures Hardware maintenance schedule Human error: Some losses are inevitable, but well-thought-out policies and procedures should reduce the amount and severity of losses

7 Threats to Data Security Theft and fraud Activities done by people, quite possibly through electronic means, and may or may not alter data. Physical security Firewall Loss of privacy or confidentiality Loss of privacy: loss of protection of data about individuals Loss of confidentiality: loss of protection of critical organizational data that may have strategic value to the organization

8 Threats to Data Security Loss of data integrity When data integrity is compromised, data will be invalid or corrupted Can be restored through established backup and recovery procedures Or else an organization may suffer serious losses or make incorrect and expensive decisions Loss of availability Sabotage of hardware, networks or applications Virus: corrupt data or software or to render the system unusable Installing antivirus Update the antivirus regularly

9 Establishing Client/Server Security Server security Multiple servers need to be protected (incl. db server) Secure area Password, layers of protection against intrusion Most DBMS  database-level password security In database server  sole reliance on OS authentication should not be encouraged

10 Establishing Client/Server Security Network security Networks are susceptible to breaches of security through: Eavesdropping Unauthorized connections Unauthorized retrieval of packets of information  traversing the network Encryption Authentication Audit trails Routers

11 Application security issues in three- tier Client/Server Environments Dynamic web page  require access to the database If database is not properly protected  vulnerable to inappropriate access by any user Privacy  companies collect information on users

12 Application security issues in three- tier Client/Server Environments Establishing Internet Security Web servers, Database servers

13 Web Security Static HTML files are easy to secure Protection must be established for the HTML stored on a Web server Standard database access controls HTML files  sensitive: placed in directories that are protected using OS security or they may be readable but not published in the directory

14 Web Security Dynamic pages are harder Web pages stored as a template Appropriate and current data are inserted from the database or user input once any queries associated with the page are run Web server must be able to access database Connection usually requires full access to the database Adequate server security is critical Database server: physically secure Execution of programs on the server should be controlled User input  could embed SQL commands: needs to be filtered Access to data can also be controlled through user authentication security Session security must be established TCP/IP is not a very secure protocol  encryption systems are essential  Secure Sockets Layer (SSL)

15 Web Security Additional methods of Web Security: Restrict the number of users on the Web Server Restrict access to the Web Server: keeping a minimum number of ports open Remove any unneeded programs that load automatically when setting up the server

16 Data Privacy Protection of individual privacy when using the Internet  IMPORTANT Rights of the individual? Individual privacy legislation: Right to know what data have been collected To correct any errors in those data Amount of data exchanged continues to grow: develop adequate data protection Adequate provisions to allow the data to be used for legitimate legal purposes

17 Data Privacy Individuals must guard their privacy rights and must be aware of the privacy implications of the tools they are using. E.g.: cookies At work: communication executed through employer’s machines and networks is not private Internet: privacy of communication is not guaranteed Encryption, anonymous remailers and built-in security mechanisms in software  help to preserve privacy

18 Web Privacy W3C has created a standard, the Platform for Privacy Preferences (P3P) that will communicate a Web site’s stated privacy policies and compare that statement with the user’s own policy preferences. Addresses the following: Who is collecting the data? What information is being collected and for what purpose? What information will be shared with others and who are those others? Can users make changes in the way their data will be used by the collector? How are disputes resolved? What policies are followed for retaining data? Where can the site’s detailed policies be found, in readable form?

19 Database Software Security Features Views or sub schemas Integrity controls Authorization rules User-defined procedures Encryption Authentication schemes Backup, journalizing, and checkpointing

20 Views Subset of the database that is presented to one or more users Created by using querying one or more of the base tables User can be given access privilege to view without allowing access privilege to underlying tables Example: Build a view that has sales by region information CREATE VIEW V_REGION_SALES AS SELECT A1.region_name REGION, SUM(A2.Sales) SALES FROM Geography A1, Store_Information A2 WHERE A1.store_name = A2.store_name GROUP BY A1.region_name

21 Views store_ name SalesDate Los Angeles 1500Jan-05-2008 San Diego 250Jan-07-2008 Los Angeles 300Jan-08-2008 Boston700Jan-08-2008 region_namestore_name EastBoston EastNew York WestLos Angeles WestSan Diego SELECT * FROM V_REGION_SALES REGIONSALES East700 West2050

22 Integrity Controls Protect data from unauthorized use Domains– set allowable values create domain MONEY as INTEGER (2); create domain ORDER_IDENT as INTEGER; create domain PRODUCT_NAME as char (20); create domain CUSTOMER_NAME as char (20);

23 Integrity Controls Assertions enforce database conditions The sum of all loan amounts for each branch must be less than the sum of all account balances at the branch. create assertion sum-constraint check (not exists (select * from branch where (select sum(amount) from loan where loan.branch-name = branch.branch-name) <= (select sum(amount) from account where loan.branch-name = branch.branch-name)))

24 Integrity Controls Triggers prevent inappropriate actions, invoke special handling procedures, write to log files Routines that execute in response to a database event (INSERT, UPDATE, or DELETE) CREATE TRIGGER STANDARD_PRICE_UPDATE AFTER UPDATE OF STANDARD_PRICE ON PRODUCT_T FOR EACH ROW INSERT INTO PRICE_UPDATES_T VALUES (PRODUCT_DESCRIPTION, DATE, STANDARD_PRICE);

25 Authorization Rules Controls incorporated in the data management system  Restrict: access to data actions that people can take on data  Authorization matrix for: Subjects Objects Actions Constraints

26 Authorization Rules

27 Authorization table for subjects (salespeople) Authorization table for objects (orders) Oracle privileges Some DBMSs also provide capabilities for user-defined procedures to customize the authorization process

28 Authorization Rules GRANT SELECT, UPDATE (unit_price) ON PRODUCT_T TO SMITH

29 User Defined Procedures Some DBMSs also provide capabilities for user-defined procedures to customize the authorization process User exits or interfaces that allow system designers to define their own security procedures in addition to the authorization rules. User procedure might be designed to provide positive user identification. User might be required to supply a procedure name in addition to a password Valid password & correct procedure names: system calls the procedure which asks the user a series of questions whose answers should be known only to that user.

30 Encryption The coding or scrambling of data so that humans cannot read them. Two common forms of encryption: One key: symmetric key: Data Encryption Standard (DES) Uses the same key to encrypt and decrypt Easy to understand and implement Two key Different keys to encrypt and decrypt (key pair) One key is published (the public key) Other key is kept secret (the private key)

31 Secure Sockets Layer (SSL) is a popular encryption scheme for TCP/IP connections

32 Authentication Schemes Goal – obtain a positive identification of the user In electronic environment: Something the user knows: Password/PIN Something the user possesses: Smart card/token Some unique personal characteristics: biometrics Authentication schemes: One-factor Two-factor Three-factor

33 Authentication Schemes First line of defense: One-factor First line of defense: One-factor Passwords Should be at least 8 characters long Should combine alphabetic and numeric data Should not be complete words or personal information Should be changed frequently

34 Authentication Schemes Strong Authentication Passwords are flawed: Users share them with each other They get written down, could be copied Automatic logon scripts remove need to explicitly type them in Unencrypted passwords travel the Internet Possible solutions: Two factor–e.g. smart card, PIN Three factor–e.g. smart card, biometric, PIN Biometric devices–use of fingerprints, retinal scans, etc. for positive ID Third-party mediated authentication–using secret keys, digital certificates

35 Sarbanes-Oxley (SOX) Designed to ensure the integrity of public companies’ financial statements. Sufficient control and security over the financial systems and IT infrastructure Requires companies to audit the access to sensitive data SOX audit involves: IT change management Logical access to data IT operations Audit starts with a walkthrough Auditor will try to understand how the THREE areas are handled by the IT organization

36 Sarbanes-Oxley (SOX): IT Change Management The process by which changes to operational systems and databases are authorized For database, changes to: schema, database configuration, updates to DBMS software Top deficiency found by SOX auditors: Segregation of duties between people who had access to databases in the three common environments: development, test, production SOX mandates: DBAs who have the ability to modify data in these environments must be different If not, other personnel should be authorized to do periodic reviews of database access by DBAs: use database audits

37 Sarbanes-Oxley (SOX): Logical Access to Data Security procedures in place to prevent unauthorized access to the data SOX perspective: Who has access to what? Who has access to too much? Organizations must establish administrative policies and procedures Two types of security policies and procedures: Personnel controls Physical access controls

38 Sarbanes-Oxley (SOX): Logical Access to Data Personnel controls Adequate controls of personnel must be developed and followed Hiring practices, employee monitoring, security training, separation of duties Physical access controls Limiting access to particular areas within a building Swipe cards, equipment locking, check-out procedures, screen placement, laptop protection

39 Sarbanes-Oxley (SOX): IT Operations Policies and procedures for day-to-day management of infrastructure, applications, and databases in an organization For databases: backup, recovery, availability An area of control that helps to maintain data quality and availability: vendor management Periodically review external maintenance agreements for hardware and software Consider reaching agreements: organization can get access to source code should developer go out of business or stop supporting the programs

40 END OF CHAPTER

Download ppt "Learning outcomes At the end of this chapter, you should be able to: Define terms related to Database Security Describe threats to data security Describe."

Similar presentations

Chapter 23 Database Security and Authorization Copyright © 2004 Pearson Education, Inc.

Chapter 23 Database Security and Authorization Copyright © 2004 Pearson Education, Inc.
1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
BP5- METHODS BY WHICH PERSONAL DATA CAN BE PROTECTED Data Protection.

BP5- METHODS BY WHICH PERSONAL DATA CAN BE PROTECTED Data Protection.
Database Administration and Security Transparencies 1.

Database Administration and Security Transparencies 1.
Database Management System

Database Management System
Information Security Policies and Standards

Information Security Policies and Standards
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.

19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 5 Database Application Security Models.

Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 5 Database Application Security Models.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Web Site Security ISYS 512/812. Authentication Authentication is the process that determines the identity of a user. Web.config file – node Options: –Windows:

Web Site Security ISYS 512/812. Authentication Authentication is the process that determines the identity of a user. Web.config file – node Options: –Windows:
1 Minggu 7, Pertemuan 13 Security Matakuliah: T0206-Sistem Basisdata Tahun: 2005 Versi: 1.0/0.0.

1 Minggu 7, Pertemuan 13 Security Matakuliah: T0206-Sistem Basisdata Tahun: 2005 Versi: 1.0/0.0.
Chapter 8 Security Transparencies © Pearson Education Limited 1995, 2005.

Chapter 8 Security Transparencies © Pearson Education Limited 1995, 2005.
IS 4420 Database Fundamentals Chapter 12: Data and Database Administration Leon Chen.

IS 4420 Database Fundamentals Chapter 12: Data and Database Administration Leon Chen.
Chapter 16 Security. 2 Chapter 16 - Objectives u The scope of database security. u Why database security is a serious concern for an organization. u The.

Chapter 16 Security. 2 Chapter 16 - Objectives u The scope of database security. u Why database security is a serious concern for an organization. u The.
Chapter 5 Database Application Security Models

Chapter 5 Database Application Security Models
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Factors to be taken into account when designing ICT Security Policies

Factors to be taken into account when designing ICT Security Policies
Stephen S. Yau CSE 465-591, Fall 2006 1 Security Strategies.

Stephen S. Yau CSE , Fall Security Strategies.
Chapter 19 Security.

Chapter 19 Security.
Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.

Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.

Similar presentations

Ads by Google