Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Database Security Floris Geerts. Course organization One introductory lecture (this one) Then, a range of db security topics presented by you You will.

Published byChristiana Holmes Modified over 9 years ago

Similar presentations

Presentation on theme: "1 Database Security Floris Geerts. Course organization One introductory lecture (this one) Then, a range of db security topics presented by you You will."— Presentation transcript:

1 1 Database Security Floris Geerts

2 Course organization One introductory lecture (this one) Then, a range of db security topics presented by you You will be graded on the quality of presentation, technical depth, critical assessment of the topic and ability to answer questions raised in class No exam. 2

3 Course organization Today, after this lecture: –Send me an email floris.geerts@ua.ac.befloris.geerts@ua.ac.be –with your name and at most two partners (in case we need to assign multiple persons to the same topic) –A ranked list of the top 10 topics (11 topics) Then I will assign the topics. You’ll get time to study and prepare presentations You send the slides to me, and incorporate comments 3

4 Topics 1.Access control Getting access Access control mechanisms 2.Safety & integrity Redundancy Data integrity 3.Intrusion DB specific Software specific 4

5 Topics 4.Cryptography Symmetric Asymmetric Quantum (optional) 4.Privacy & Security Statistical DB Privacy preservation 5

6 6 Data Security Dorothy Denning, 1982: Data Security is the science and study of methods of protecting data (...) from unauthorized disclosure and modification Data Security = Confidentiality + Integrity

7 7 Data Security Distinct from systems and network security –Assumes these are already secure Tools: –Cryptography, information theory, statistics, … Applications: –Everywhere

8 Topic 1 Access methods: “Getting in” It is all about passwords and authentication -How are passwords used for authentication in DBMS? -What kind of password control mechanisms do DBMS have? (e.g., Oracle,…) -What makes a password good or bad? -Techniques to check this -Techniques to generate one -Alternatives to passwords (e.g., captcha) 8

9 Captcha CAPTCHA stands for Completely Automated Public Turing test to tell Computers and Humans Apart A.K.A. Reverse Turing Test, Human Interaction Proof The challenge: develop a software program that can create and grade challenges most humans can pass but computers cannot 9

10 Topic 2: Access methods: control mechanisms How do DBMS control access to different users? How do DBMS assure that users can only change/query data to which they have access? As an example 10

11 11 Discretionary Access Control (DAC) in SQL GRANT privileges ON object TO users [WITH GRANT OPTIONS] GRANT privileges ON object TO users [WITH GRANT OPTIONS] privileges = SELECT | INSERT(column-name) | UPDATE(column-name) | DELETE | REFERENCES(column-name) object = table | attribute

12 12 Examples GRANT INSERT, DELETE ON Customers TO Yuppy WITH GRANT OPTIONS GRANT INSERT, DELETE ON Customers TO Yuppy WITH GRANT OPTIONS Queries allowed to Yuppy: Queries denied to Yuppy: INSERT INTO Customers(cid, name, address) VALUES(32940, ‘ Joe Blow ’, ‘ Seattle ’ ) DELETE Customers WHERE LastPurchaseDate < 1995 INSERT INTO Customers(cid, name, address) VALUES(32940, ‘ Joe Blow ’, ‘ Seattle ’ ) DELETE Customers WHERE LastPurchaseDate < 1995 SELECT Customer.address FROM Customer WHERE name = ‘ Joe Blow ’ SELECT Customer.address FROM Customer WHERE name = ‘ Joe Blow ’

13 13 Examples GRANT SELECT ON Customers TO Michael Now Michael can SELECT, but not INSERT or DELETE

14 14 Examples GRANT SELECT ON Customers TO Michael WITH GRANT OPTIONS Michael can say this: GRANT SELECT ON Customers TO Yuppi Now Yuppi can SELECT on Customers

15 15 Examples GRANT UPDATE (price) ON Product TO Leah Leah can update, but only Product.price, but not Product.name

16 16 Examples GRANT REFERENCES (cid) ON Customer TO Bill Customer(cid, name, address, balance) Orders(oid, cid, amount) cid= foreign key Now Bill can INSERT tuples into Orders Bill has INSERT/UPDATE rights to Orders. BUT HE CAN ’ T INSERT ! (why ?)

17 17 Views and Security CREATE VIEW PublicCustomers SELECT Name, Address FROM Customers GRANT SELECT ON PublicCustomers TO Fred CREATE VIEW PublicCustomers SELECT Name, Address FROM Customers GRANT SELECT ON PublicCustomers TO Fred David says NameAddressBalance MaryHuston450.99 SueSeattle-240 JoanSeattle333.25 AnnPortland-520 David owns Customers: Fred is not allowed to see this

18 18 Views and Security NameAddressBalance MaryHuston450.99 SueSeattle-240 JoanSeattle333.25 AnnPortland-520 CREATE VIEW BadCreditCustomers SELECT * FROM Customers WHERE Balance > 0 GRANT SELECT ON BadCreditCustomers TO John CREATE VIEW BadCreditCustomers SELECT * FROM Customers WHERE Balance > 0 GRANT SELECT ON BadCreditCustomers TO John David says David owns Customers: John is allowed to see only >0 balances

19 19 Revocation REVOKE [GRANT OPTION FOR] privileges ON object FROM users { RESTRICT | CASCADE } Administrator says: REVOKE SELECT ON Customers FROM David CASCADE John loses SELECT privileges on BadCreditCustomers

20 20 Revocation Joe: GRANT [….] TO Art … Art: GRANT [….] TO Bob … Bob: GRANT [….] TO Art … Joe: GRANT [….] TO Cal … Cal: GRANT [….] TO Bob … Joe: REVOKE [….] FROM Art CASCADE Same privilege, same object, GRANT OPTION What happens ??

21 21 Revocation Admin JoeArt CalBob 0 1 2 3 4 5 Revoke According to SQL everyone keeps the privilege

22 22 Other approaches Discretionary Access Control (DAC) Label-based Access Control (LBAC) Role-based Access Control (RBAC) Mandatory Access Control (MAC) Pro’s and con’s of these control mechanisms?

23 Topic: Safety & Integrity 23 It is about keeping our precious bits safe from harm. Disk failure which mostly goes together with data loss System failure which can cause data inconsistency. (For example a Denial-Of-Service attack can result in system failures because of the exhaustion of system resources.

24 Topic 3: Recovery Mostly solved by redundancy: – having and organizing redundant information so that the data stored can be recovered in case there is a disk failure. –Where and how to store? Secondary storage, RAIDs –How to assure that all the data has a copy somewhere 24

25 Topic 4: Integrity How to assure that all data is consistent –The same data in all copies How to assure that nothing gets corrupted during transmission –Error correcting codes How to keep track of changes and possible unauthorized access –Transaction log/data auditing 25

26 Topic 5: DB intrusion Intrusion prevention –detecting ongoing attacks in real time in order to prevent damage to the database. Intrusion detection –Use of database auditing Example: SQL injection 26

27 27 Search claims by: SQL Injection Your health insurance company lets you see the claims online: Now search through the claims : Dr. Lee First login: User: Password: fred ******** SELECT…FROM…WHERE doctor= ‘ Dr. Lee ’ and patientID= ‘ fred ’

28 28 SQL Injection Now try this: Search claims by: Dr. Lee ’ OR patientID = ‘ suciu ’ ; -- Better: Search claims by: Dr. Lee ’ OR 1 = 1; -- …..WHERE doctor= ‘ Dr. Lee ’ OR patientID= ‘ suciu ’ ; -- ’ and patientID= ‘ fred ’

29 29 SQL Injection When you ’ re done, do this: Search claims by: Dr. Lee ’ ; DROP TABLE Patients; --

30 30 SQL Injection The DBMS works perfectly. So why is SQL injection possible so often ?

31 Topic 6: Software intrusion Leveraging Stack and Buffer overflow in programs How to prevent/detect such intrusions? 31

32 Topic 7: Cryptography - symmetric 32 Commonly used techniques Same encryption and decryption key DES, AES

33 Topic 8: Cryptography – asymmetric Different encoding and decoding keys Public key RSA 33

34 Topic 9: Cryptography - Quantum Newest methods based on quantum computing You need to ask if you want this – it is a bit math heavy. 34

35 35 Topic 10: Security in Statistical DBs Goal: Allow arbitrary aggregate SQL queries Hide confidential data Inference SELECT count(*) FROM Patients WHERE age=42 and sex= ‘ M ’ and diagnostic= ‘ schizophrenia ’ SELECT count(*) FROM Patients WHERE age=42 and sex= ‘ M ’ and diagnostic= ‘ schizophrenia ’ OK SELECT name FROM Patient WHERE age=42 and sex= ‘ M ’ and diagnostic= ‘ schizophrenia ’ SELECT name FROM Patient WHERE age=42 and sex= ‘ M ’ and diagnostic= ‘ schizophrenia ’ Not OK

36 36 FirstLastAgeRace HarryStone34Afr-Am JohnReyser36Cauc BeatriceStone47Afr-am JohnRamos22Hisp FirstLastAgeRace *Stone30-50Afr-Am JohnR*20-40* *Stone30-50Afr-am JohnR*20-40* Topic 11: Privacy preservation k-Anonymity/Randomization Definition: each tuple is equal to at least k-1 others Anonymizing:

Download ppt "1 Database Security Floris Geerts. Course organization One introductory lecture (this one) Then, a range of db security topics presented by you You will."

Similar presentations

Chapter 23 Database Security and Authorization Copyright © 2004 Pearson Education, Inc.

Chapter 23 Database Security and Authorization Copyright © 2004 Pearson Education, Inc.
II.I Selected Database Issues: 1 - SecuritySlide 1/20 II. Selected Database Issues Part 1: Security Lecture 2 Lecturer: Chris Clack 3C13/D6.

II.I Selected Database Issues: 1 - SecuritySlide 1/20 II. Selected Database Issues Part 1: Security Lecture 2 Lecturer: Chris Clack 3C13/D6.
Database Management Systems, 3ed, R. Ramakrishnan and J. Gehrke1 Security and Authorization Chapter 21.

Database Management Systems, 3ed, R. Ramakrishnan and J. Gehrke1 Security and Authorization Chapter 21.
Database Security CS461/ECE422 Spring 2012. Overview Database model – Relational Databases Access Control Inference and Statistical Databases Database.

Database Security CS461/ECE422 Spring Overview Database model – Relational Databases Access Control Inference and Statistical Databases Database.
Ragib Hasan University of Alabama at Birmingham CS 491/691/791 Fall 2011 Lecture 10 09/15/2011 Security and Privacy in Cloud Computing.

Ragib Hasan University of Alabama at Birmingham CS 491/691/791 Fall 2011 Lecture 10 09/15/2011 Security and Privacy in Cloud Computing.
Security and Authorization. Introduction to DB Security Secrecy: Users shouldn’t be able to see things they are not supposed to. –E.g., A student can’t.

Security and Authorization. Introduction to DB Security Secrecy: Users shouldn’t be able to see things they are not supposed to. –E.g., A student can’t.
Database Query Security

Database Query Security
Database Security by Muhammad Waheed Aslam SIS Project Leader ITC/KFUPM.

Database Security by Muhammad Waheed Aslam SIS Project Leader ITC/KFUPM.
Chapter 11 Database Security: An Introduction Copyright © 2004 Pearson Education, Inc.

Chapter 11 Database Security: An Introduction Copyright © 2004 Pearson Education, Inc.
Security and Integrity

Security and Integrity
Database Management System

Database Management System
Data security 1. 2 Overview  generalities  discretionary access control  mandatory access control  data encryption.

Data security 1. 2 Overview  generalities  discretionary access control  mandatory access control  data encryption.
Security and Authorization. Introduction to DB Security Secrecy: Users shouldn’t be able to see things they are not supposed to. –E.g., A student can’t.

Security and Authorization. Introduction to DB Security Secrecy: Users shouldn’t be able to see things they are not supposed to. –E.g., A student can’t.
ICS 421 Spring 2010 Security & Authorization Asst. Prof. Lipyeow Lim Information & Computer Science Department University of Hawaii at Manoa 4/20/20101Lipyeow.

ICS 421 Spring 2010 Security & Authorization Asst. Prof. Lipyeow Lim Information & Computer Science Department University of Hawaii at Manoa 4/20/20101Lipyeow.
Monday, 08 June 2015Dr. Mohamed Osman1 What is Database Administration A high level function (technical Function) that is responsible for ► physical DB.

Monday, 08 June 2015Dr. Mohamed Osman1 What is Database Administration A high level function (technical Function) that is responsible for ► physical DB.
1 Current Trends in Data Security Dan Suciu Joint work with Gerome Miklau.

1 Current Trends in Data Security Dan Suciu Joint work with Gerome Miklau.
1 Lecture 13: Security Wednesday, October 26, 2006.

1 Lecture 13: Security Wednesday, October 26, 2006.
Security in Databases. 2 Srini & Nandita (CSE2500)DB Security Outline review of databases reliability & integrity protection of sensitive data protection.

Security in Databases. 2 Srini & Nandita (CSE2500)DB Security Outline review of databases reliability & integrity protection of sensitive data protection.
DBSYSTEMS 1 of 13 Chapter 10 DB System Administration (Part II) 1 Based on G. Post, DBMS: Designing & Building Business Applications University of Manitoba.

DBSYSTEMS 1 of 13 Chapter 10 DB System Administration (Part II) 1 Based on G. Post, DBMS: Designing & Building Business Applications University of Manitoba.
Security and Authorization. Introduction to DB Security Secrecy: Users shouldn’t be able to see things they are not supposed to. –E.g., A student can’t.

Security and Authorization. Introduction to DB Security Secrecy: Users shouldn’t be able to see things they are not supposed to. –E.g., A student can’t.

Similar presentations

Ads by Google