Download presentation
1
Database Security
2
Reading assignments Required: Pfleeger: Chapter 6 (except 6.3)
Multilevel Secure Relational Data Model (S. Jajodia, R. S. Sandhu. Toward a Multilevel Secure Relational Data Model. Proc ACM Int'l. Conf. on Management of Data (SIGMOD), ) Recommended: Polyinstantiation (Sushil Jajodia, Ravi S. Sandhu, and Barbara T. Blaustein, Solutions to the Polyinstantiation Problem, MLS/RDMS Architectures (LouAnna Notargiacomo, Architectures for MLS Database Management Systems CSCE Farkas
3
Database Management System (DBMS)
Collection of interrelated data and set of programs to access the data Convenient and efficient processing of data Database Application Software CSCE Farkas
4
Data Models A collection of tools for describing Data
Relationships among data items Semantics of stored data Database constraints CSCE Farkas
5
Relational Data Model Works Person-name Company-name Salary Smith BB&C
$43,982 Dell Bell $97,900 Black $35,652 CSCE Farkas
6
Relational Data Model Set of relation names: R
Set of attribute names: A Relation schema: S=(r,{a1, …,an}) r relation name in R {a1, …,an} subset of A e.g., (Works,{person-name,company-name,salary}) CSCE Farkas
7
Tuple (Record) e.g., t(person-name)=Smith
Tuple over a relation scheme S is a mapping t: {a1, …,an} dom(a1 … an) e.g., t(person-name)=Smith t(company-name)=BB&C t(salary)= $43,982 CSCE Farkas
8
Relation Relation over schema S is a set of tuples over the scheme
e.g., t(person-name)=Smith, t(company-name)=BB&C, t(salary)=$43,982 t’(person-name)=Dell, t’(company-name)=Bell, t’(salary)= $97,900 t”(person-name)=Black, t”(company-name)=BB&C, t”(salary)= $35,652 CSCE Farkas
9
Database Database: set of relations e.g., EMPLOYEE database:
Lives(person-name,street,city) Works(person-name,company-name,salary) Located-in(company-name,city) Manages(person-name,manager-name) CSCE Farkas
10
Query Languages Relational Algebra SQL Set operations Bag operations
CSCE Farkas
11
Relational Algebra Select () Project () Set difference (-) Union ()
Rename (Px(r)) Set intersection () Natural join () CSCE Farkas
12
Structured Query Language SQL
Typical SQL query form: SELECT A1, A2, ..., An FROM r1, r2, ..., rm WHERE C Ais represent attributes to be returned ris represent relations C is a condition CSCE Farkas
13
Constraints Relationship among data elements
DBMS should enforce the constraints Types Keys Foreign-key (referential integrity) Value-based constraints Integrity constraints Database dependencies (e.g., functional dependencies) CSCE Farkas
14
Database Security Requirements
Physical database integrity Logical database integrity Element integrity Auditability Access control User authentication Availability CSCE Farkas
15
Sensitive data Inherently sensitive From a sensitive source
Declared sensitive Part of a sensitive attribute or record In relation to previously disclosed information CSCE Farkas
16
Types of disclosures Exact data Range of data Negative results
Existence Probable values CSCE Farkas
17
Access control Operating system Database Management System
Granularity! CSCE Farkas
18
Granularity Database Relation Record Attribute Element
Advantages vs. disadvantages of supporting different granularity levels CSCE Farkas
19
Relation-Level Granularity
(Works)= Secret Person-name Company-name Salary Smith BB&C $43,982 Dell Bell $97,900 Black $35,652 CSCE Farkas
20
Tuple-level Granularity
Works Person-name Company-name Salary Smith BB&C $43, P Dell Bell $97, S Black $35, P CSCE Farkas
21
Attribute-Level Granularity
Works Person- name =P Company-name =P Salary =S Smith BB&C $43,982 Dell Bell $97,900 Black $35,652 CSCE Farkas
22
Cell-Level Granularity
Works Person-name Company-name Salary Smith P BB&C P $43, S Dell S Bell S $97, S Black P BB&C S $35, S CSCE Farkas
23
Access Control Mechanisms
Security through Views Stored Procedures Grant and Revoke Query modification CSCE Farkas
24
Security Through Views
Assign rights to access predefined views CREATE VIEW Outstanding-Student AS SELECT NAME, COURSE, GRADE FROM Student WHERE GRADE > B Problem: Difficult to maintain updates. CSCE Farkas
25
Security Through Views
Student relation NAME COURSE GRADE SEMESTER White CSCE 122 C+ Fall 2000 Black CSCE 313 A Brown CSCE 580 Spring 2000 Green CSCE 850 B+ Blue B CSCE Farkas
26
Security Through Views
CREATE VIEW Outstanding-Student AS SELECT NAME, COURSE, GRADE FROM Student WHERE GRADE > B Outstanding-Student NAME COURSE GRADE Black CSCE 313 A Brown CSCE 580 Green CSCE 850 B+ CSCE Farkas
27
Security Through Views
CREATE VIEW Fall-Student AS SELECT NAME, COURSE FROM Student WHERE SEMESTER=“Fall 2000” NAME COURSE White CSCE 122 Black CSCE 313 Green CSCE 850 Blue Fall-Student CSCE Farkas
28
Stored Procedures Assign rights to execute compiled programs
GRANT RUN ON <program> TO <user> Problem: Programs may access resources for which the user who runs the program does not have permission. CSCE Farkas
29
Grant and Revoke GRANT <privilege> ON <relation>
To <user> [WITH GRANT OPTION] GRANT SELECT * ON Student TO Matthews GRANT SELECT *, UPDATE(GRADE) ON Student TO FARKAS GRANT SELECT(NAME) ON Student TO Brown GRANT command applies to base relations as well as views CSCE Farkas
30
Grant and Revoke REVOKE <privileges> [ON <relation>]
FROM <user> REVOKE SELECT* ON Student FROM Blue REVOKE UPDATE ON Student FROM Black REVOKE SELECT(NAME) ON Student FROM Brown CSCE Farkas
31
Non-cascading Revoke A B C D E F A revokes D’s privileges E B A F C
Lecture 17 CSCE Farkas
32
Cascading Revoke A B C D E F A revokes D’s privileges B A C Lecture 17
CSCE Farkas
33
Positive and Negative Authorization
B C E D + - Problem: Contradictory authorizations GRANT <privilege> ON X TO <user> DENY <privilege> ON X TO <user> Lecture 17 CSCE Farkas
34
Negative Authorization
B C E D + - - Positive authorization granted By A to D becomes blocked but NOT deleted. Lecture 17 CSCE Farkas
35
Negative Authorization
B C E D + - - + F What should happen with the privilege given by D To F? (Blocked but not deleted) Lecture 17 CSCE Farkas
36
Query Modification GRANT SELECT(NAME) ON Student TO Blue WHERE COURSE=“CSCE 590” Blue’s query: SELECT * FROM Student Modified query: SELECT NAME WHERE COURSE=“CSCE 580” CSCE Farkas
37
Next Class: Inference Problem Lecture 17 CSCE Farkas
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.