Scribd
Upload
74 views

Lecture 5 Database Scurity PDF

Uploaded by

Ahmed adel
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
74 views

Lecture 5 Database Scurity PDF

Uploaded by

Ahmed adel
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 13

Database Security

Dr. Jihan A. Rasool

College of Science
Computer Science Department
Database Concepts
• Relationships between tables (relations) must be
in the form of other relations
 Base (‘real’) relations: named and autonomous
relations, not derived from other relations (have
stored data)
 Views: named derived relations (no stored data)
 Snapshots: like views are named, derived relations,
but they do have stored data
 Query results: result of a query - may or may not
have name, and no persistent existence
Database Concepts
• Within every relation, need to uniquely
identify every tuple
 Primary key of a relation is a unique and minimal
identifier for that relation, it can be a single
attribute - or may be a choice of attributes to use
 Foreign key when primary key of one relation
used as attribute in another relation it is a foreign
key in that relation
Database Concepts
• Structured Query Language (SQL)
– to manipulate relations and data in a relational
database
• Types of SQL Commands
– Data Dictionary Language (DDL)
• define, maintain, drop schema objects
– Data Manipulation Language (DML)
• SELECT, INSERT, UPDATE
– Data Control Language (DCL):
• control security (GRANT,REVOKE) and concurrent
access (COMMIT , ROLLBACK)
Security Requirements
1. Physical database integrity .
2. Logical database integrity.
3. Element integrity.
4. Access control .
5. User authentication.
6. Availability.
7. Auditability (Confidentiality)
Security Requirements
1. Physical database integrity
– immunity to physical catastrophe, such as power
failures, media failure
• physical securing hardware, UPS, regular backups

2. Logical database integrity


– reconstruction Ability
• maintain a log of transactions
• replay log to restore the systems to a stable point
Security Requirements
3. Element integrity
– integrity of specific database elements is their
correctness or accuracy
• field checks: allow only acceptable values
• access controls: allow only authorized users to update
elements
• change log : used to undo changes made in error
• referential Integrity (key integrity concerns)
Security Requirements
4. Access Control (similar to OS)
– logical separation by user access privileges
– more complicated than OS due to complexity of DB
(granularity/inference/aggregation)

5. User Authentication
– Need to confirm that users accessing the system are who they say they
are

6. Auditability
– log read/write to database
Security Requirements
7. Availability

– Data needs to be available at all necessary times


– Data needs to be available to only the appropriate users
– Need to be able to track who has access to and who has accessed what
data
SQL Security Model
• Access control through views
– many security policies better expressed by granting
privileges to views derived from base relations

– example
CREATE VIEW AVSAL(DEPT, AVG)
AS SELECT DEPT, AVG(SALARY)
FROM EMP GROUP BY DEPT
• access can be granted to this view for every dept mgr
SQL Security Model
– Example 2
CREATE VIEW MYACCOUNT AS
SELECT * FROM Account
WHERE Customer = current_user()
• view containing account info for current user
SQL Security Model
– Example 3

• Authentication & identification mechanisms


– CONNECT <user> USING<password>
– DBMS may chose OS authentication
Any Questions

You might also like