Presentation is loading. Please wait.

Presentation is loading. Please wait.

L o g o Modern DBMSs security problems Nguyen Chi Thanh Nguyen Thanh Toan Group:

Published byAngela Anthony Modified over 9 years ago

Similar presentations

Presentation on theme: "L o g o Modern DBMSs security problems Nguyen Chi Thanh Nguyen Thanh Toan Group:"— Presentation transcript:

1 L o g o Modern DBMSs security problems Nguyen Chi Thanh Nguyen Thanh Toan Group:

2 www.themegallery.com L O G O 1 2 3 4 Role-Based Access Control(RBAC) Statistical Database Security Flow Control Contents Encryption & Public Key Infrastructures

3 www.themegallery.com L O G O Role-Based Access Control(RBAC) Permissions are associated with roles and users are assigned to appropriate roles. CREATE ROLE & DESTROY ROLE. GRANT & REVOKE.

4 www.themegallery.com L O G O Role-Based Access Control Alternative to DAC & MAC. Only authorized users are give access to certain data and resources. Many DBMSs have allowed roles and privileges can be assigned to roles.

5 www.themegallery.com L O G O Role-Based Access Control

6 www.themegallery.com L O G O Role-Based Access Control Users are not assigned permissions directly. Management of individual user rights becomes simply. Highly desirable goal for addressing the key security requirements of Web- based applications.

7 www.themegallery.com L O G O E-Commerce and the Web E-Commerce environments require elaborate policies that go beyond traditional DBMSs: –The resources to be protected are not only traditional data but also knowledge and experience. –The access control mechanism should be flexible enough to support a wide spectrum of heterogeneous protection objects. A related requirement is the support for content-based access-control.

8 www.themegallery.com L O G O E-Commerce and the Web Heterogeneity of subjects-access control policies based on user characteristics and qualification. – A possible solution, to better take into account user profiles in the formulation of access control policies, is to support the notion of credentials. – XML language can play a key role in access control for e-commerce applications.

9 www.themegallery.com L O G O Statistical Database Security Used mainly to produce statistics on various populations. Contain confidential data on individuals, which should be protected. Permitted to retrieve statistical info: averages, sums, counts, maximums, minimums, and standard deviations.

10 www.themegallery.com L O G O Statistical Database Security COUNT, SUM, MIN, MAX, AVERAGE, and STANDARD DEVIATION. INDIVIDUAL DATA QUERY(NOT ALLOWED).

11 www.themegallery.com L O G O Flow Control Regulates the distribution or flow of information among accessible objects. Check information contained in some objects does not flow explicitly or implicitly into less protected objects. A flow policy specifies the channels along which information is allowed to move.

12 www.themegallery.com L O G O Covert Channels A covert channel allows a transfer of information that violates the security or the policy. Allows information to pass from a higher classification level to a lower classification level.

13 www.themegallery.com L O G O Covert Channels Covert channels can be classified into two broad categories: Storage channels :do not require any temporal synchronization Timing channel :the information is conveyed by the timing of events or processes.

14 www.themegallery.com L O G O Encryption & Public Key Infrastructures Encryption is a means of maintaining secure data in an insecure environment. Encryption consists of applying an encryption algorithm to data using some prespecified encryption key.

15 www.themegallery.com L O G O The Data & Advanced Encryption Standards The Data Encryption Standard (DES) is a system developed by the U.S. government. DES provide end-to-end encryption on the channel between the sender A and receiver B. The National Institute of Standards (NIST) introduced the Advanced Encryption Standards (AES).

16 www.themegallery.com L O G O Public Key Encryption Based on mathematical functions rather than operations on bit patterns. The two keys used for public key encryption are referred to as the public key and the private key.

17 www.themegallery.com L O G O A public key encryption scheme, or infrastructure, has six ingredients: 1. Plaintext. 2. Encryption algorithm. 3&4. Public and private keys. 5. Ciphertext. 6. Decryption algorithm. Public Key Encryption

18 www.themegallery.com L O G O The essential steps of algorithm are: Each user generates a pair of keys to be used for the encryption and decryption of messages. Each user places one of the two keys in a public register or other accessible file. Sender encrypts the message using the receiver’s public key. Receiver decrypts it using the receiver’s private key. Public Key Encryption

19 www.themegallery.com L O G O A digital signature is a means of associating a mark unique to an individual with a body of text. A digital signature consists of a string of symbols. Digital Signatures

20 L o g o

Download ppt "L o g o Modern DBMSs security problems Nguyen Chi Thanh Nguyen Thanh Toan Group:"

Similar presentations

7- Sicurezza delle basi di dati

7- Sicurezza delle basi di dati
Asymmetric Digital Signatures And Key Exchange Prof. Ravi Sandhu.

Asymmetric Digital Signatures And Key Exchange Prof. Ravi Sandhu.
4/6/2017.

4/6/2017.
Chapter 23 Database Security and Authorization Copyright © 2004 Pearson Education, Inc.

Chapter 23 Database Security and Authorization Copyright © 2004 Pearson Education, Inc.
II.I Selected Database Issues: 1 - SecuritySlide 1/20 II. Selected Database Issues Part 1: Security Lecture 2 Lecturer: Chris Clack 3C13/D6.

II.I Selected Database Issues: 1 - SecuritySlide 1/20 II. Selected Database Issues Part 1: Security Lecture 2 Lecturer: Chris Clack 3C13/D6.
Topic 7: Using cryptography in mobile computing. Cryptography basics: symmetric, public-key, hash function and digital signature Cryptography, describing.

Topic 7: Using cryptography in mobile computing. Cryptography basics: symmetric, public-key, hash function and digital signature Cryptography, describing.
Karen Gilmer Kyle Thompson

Karen Gilmer Kyle Thompson
Cryptography. 2 Objectives Explain common terms used in the field of cryptography Outline what mechanisms constitute a strong cryptosystem Demonstrate.

Cryptography. 2 Objectives Explain common terms used in the field of cryptography Outline what mechanisms constitute a strong cryptosystem Demonstrate.
Lecture 5: Email security: PGP Anish Arora CIS694K Introduction to Network Security.

Lecture 5: security: PGP Anish Arora CIS694K Introduction to Network Security.
Copyright © 2004 Pearson Education, Inc.. Chapter 23 Database Security and Authorization.

Copyright © 2004 Pearson Education, Inc.. Chapter 23 Database Security and Authorization.
Chapter 23 Database Security and Authorization Copyright © 2004 Pearson Education, Inc.

Chapter 23 Database Security and Authorization Copyright © 2004 Pearson Education, Inc.
Security and Integrity

Security and Integrity
Database Management System

Database Management System
Principles of Information Security, 2nd edition1 Cryptography.

Principles of Information Security, 2nd edition1 Cryptography.
Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.

Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.
1 Digital certificates One concern with the public key approach: must ensure that you are encrypting to the correct person’s public key  Otherwise, you.

1 Digital certificates One concern with the public key approach: must ensure that you are encrypting to the correct person’s public key  Otherwise, you.
Monday, 08 June 2015Dr. Mohamed Osman1 What is Database Administration A high level function (technical Function) that is responsible for ► physical DB.

Monday, 08 June 2015Dr. Mohamed Osman1 What is Database Administration A high level function (technical Function) that is responsible for ► physical DB.
First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown and edited by Archana Chidanandan Cryptographic Tools.

First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown and edited by Archana Chidanandan Cryptographic Tools.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Wireless Encryption By: Kara Dolansky Network Management Spring 2009.

Wireless Encryption By: Kara Dolansky Network Management Spring 2009.

Similar presentations

Ads by Google