Download presentation
Presentation is loading. Please wait.
Published byAileen Lang Modified over 9 years ago
1
CSCI 3140 Module 6 – Database Security Theodore Chiasson Dalhousie University
2
Database Security Threats to database security include: –Theft and fraud –Loss of confidentiality –Loss of privacy –Loss of integrity –Loss of availability Computer-based controls to mitigate threats include: –Authorization –Views –Backup and recovery –Integrity –Encryption –RAID technology
3
Database Security Authorization –Access control –Involves authentication of subjects requesting access to objects –SQL commands GRANT and REVOKE select/update/insert/delete Views (Subschemas) –The dynamic result of one or more relational operations operating on base relations to produce another relation –A virtual relation that does not actually exist in the database but is produced upon request –Used to hide parts of the database from certain users
4
Database Security Backup and Recovery –Backup is the process of periodically taking a copy of the database and log file on to offline storage media –Journaling is the process of keeping and maintaining a log file or journal of all changes made to the database to enable recovery in the event of a failure –Journaling allows the database to be recovered after a failure to its last known consistent state using a backup of the database together with the log file –Without a log file, any changes to the database after the most recent backup are lost in the event of a failure Integrity –Applying integrity constraints prevents the database from entering an inconsistent state during normal operation
5
Database Security Encryption –The encoding of data by a special algorithm that renders the data unreadable by any program without the decryption key –Cryptosystem Encryption key Encryption algorithm Decryption key Decryption algorithm –Symmetric encryption Same key and algorithm for encryption and decryption –Asymmetric encryption Different keys for encryption and decryption Public key cryptography RAID (Redundant Array of Independent Disks) –Increased performance through data striping –Parity or error-correcting scheme improves reliability
6
Database Security Security in Oracle DBMS –Privileges A right to execute a particular type of SQL statement or to access another user’s objects Connect to a database Create a table Select rows from another user’s tables –System privileges The right to perform a particular action or to perform an action on any schema object of a particular type –Object privileges The right to perform a particular action on a specific table, view, sequence, procedure, function or package –ALTER, DELETE, INDEX, INSERT, REFERENCES, SELECT, UPDATE –Roles Privileges can be granted to a role, and then the role can be granted to a user
7
Database Security DBMSs and Web Security –Proxy servers Improve performance Filter requests –Firewalls Prevents unauthorized access to or from a private network Packet filter Application gateway Circuit-level gateway Proxy server –Message Digest Algorithms and Digital Signatures –Digital Certificates –SSL –SET –Java Security –ActiveX
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.