Presentation is loading. Please wait.

Presentation is loading. Please wait.

Database security Diego Abella. Database security Global connection increase database security problems. Database security is the system, processes, and.

Similar presentations


Presentation on theme: "Database security Diego Abella. Database security Global connection increase database security problems. Database security is the system, processes, and."— Presentation transcript:

1 Database security Diego Abella

2 Database security Global connection increase database security problems. Database security is the system, processes, and procedures that protect a database from unintended activity. Unintended activities: Authenticated misuse Malicious attacks Inadvertent mistakes made by authorized individuals or processes

3 Database security Databases were connected to the internet, but the problems started. Firewalls and routers Your company Database Internet Firewall

4 DB security types – Access control Is the ability to permit or deny the use of a particular resource by a particular entity. Logical resources (a bank account, with a limited number of people authorized to make a withdrawal) Digital resources (a private text document on a computer, which only certain users should be able to read).

5 DB security types – Access control Risks: Tailgating and piggybacking : practice of an unauthorized person following an authorized person through an opened door. An intruder could open a door by accessing exit button wiring. The intruder could also open a door by shorting the door contact wires and cutting the wires going to the electric lock.

6 DB security types – Auditing Is the evaluation process to the Database. Audits are performed to ascertain the validity and reliability of information, and also provide an assessment of a system's internal control. The goal of an DB audit is to express an opinion on the database under evaluation based on work done on a test basis. There are two types of DB auditors: Internal auditors External auditors

7 DB security types – Authentication Authentication is the process to verify if a person or a process are authorized to execute a database activity. Examples: Logging in to a computer. ATM E-mail Some web pages Single sign on

8 DB security types – Encryption Encryption is the process of transforming information (referred to as plaintext) using an algorithm to make it unreadable to anyone except for those who are authorized. Decryption (inverse process). Critical type of security when information is out of LAN It can protect the confidentiality of messages, but other techniques are still needed to protect the integrity and authenticity of a message; for example, verification of a message authentication code or a digital signature.

9 DB security types – Data integrity Is the process of ensuring that a database has a close correspondence between the facts stored in the database and the real world it models. Three types of integrity constraints are an inherent to databases: Entity integrity: concept of primary key Referential integrity: concept of foreign key Domain integrity: set of values of the same type

10 Can begin with the process of creation of security protocols. DBA perform vulnerability scans Database security


Download ppt "Database security Diego Abella. Database security Global connection increase database security problems. Database security is the system, processes, and."

Similar presentations


Ads by Google