David M. Kroenke’s Chapter Nine: Managing Multiuser Databases Database Processing: Fundamentals, Design, and Implementation
Database Administration <ul><li>All databases need some form of  database administration </li></ul><ul><ul><li>Data admini...
DBA Tasks <ul><li>Managing database structure </li></ul><ul><li>Controlling concurrent processing </li></ul><ul><li>Develo...
Managing Database Structure <ul><li>DBA’s tasks: </li></ul><ul><ul><li>Participate in database and application development...
Concurrency Control <ul><li>This ensures that one user’s actions do not inappropriately affect another user’s work </li></...
Privacy and Security <ul><li>Privacy </li></ul><ul><ul><li>the right of individuals to have some control over information ...
Databases as tools of privacy abuse <ul><li>Why are databases so vulnerable for use as instruments of privacy abuse? </li>...
They’re used in ways  they weren’t intended… <ul><li>Accidental uses </li></ul><ul><li>Unauthorized uses </li></ul><ul><ul...
Accidental Security Threats <ul><li>User errors </li></ul><ul><ul><li>User unintentionally requests object or operation fo...
Deliberate Security Threats <ul><li>User intentionally gains unauthorized access to data in the database  </li></ul><ul><u...
Deliberate Security Threats <ul><li>Wiretapping/electronic eavesdropping  </li></ul><ul><li>Reading unsupervised display s...
SQL Injection Attack <ul><li>This occurs when data from the user is used to modify a SQL statement </li></ul><ul><li>User ...
Treatment of sensitive data <ul><li>Don’t collect if you don’t need it </li></ul><ul><li>If you do need it… </li></ul><ul>...
Don’t collect if you don’t need it <ul><li>How do you know it is sensitive? </li></ul><ul><ul><li>Stakeholder analysis </l...
If you do need it… <ul><li>Identify sensitive attributes at the conceptual (ER) level </li></ul><ul><li>Flag or mark sensi...
DBMS Security Guidelines - 1 <ul><li>Run DBMS behind firewall; plan as if firewall has been breached </li></ul><ul><li>App...
DBMS Security Guidelines - 2 <ul><li>Manage accounts and passwords </li></ul><ul><ul><li>Use a low privilege user account ...
Application Security <ul><li>Provide additional security code for application programs </li></ul><ul><ul><li>Internet appl...
Security Plan <ul><li>Includes physical security measures for the building-physical barriers, control access, require badg...
Authentication <ul><li>User  authentication </li></ul><ul><ul><li>verifying the identity of users </li></ul></ul><ul><li>O...
Authentication Issues <ul><li>Limitations of password security  </li></ul><ul><ul><li>users write them down </li></ul></ul...
Authorization <ul><li>Multiple user DBMS’s have  security subsystems  to provide for  authorization </li></ul><ul><ul><li>...
Security Mechanisms <ul><li>Views  - simple method for access control </li></ul><ul><li>Security log  - journal for storin...
Encryption <ul><li>Uses a system that consists of   </li></ul><ul><ul><li>Encryption algorithm  that converts  plaintext  ...
SQL Authorization Language <ul><li>GRANT  statement used for authorization </li></ul><ul><li>REVOKE  statement used de-aut...
DBMS Security Model
Examples of Grant <ul><li>Granting privileges to a  user U101 : </li></ul><ul><ul><li>GRANT SELECT ON Student TO U101 WITH...
Statistical Databases <ul><li>Support statistical analysis on populations </li></ul><ul><ul><li>Used for data mining opera...
Statistical DB Security <ul><li>Requires special precautions so that users are not able to deduce data about individuals <...
Privacy impact study <ul><li>Once the database is deployed, whose privacy will be at risk? </li></ul><ul><li>Analyze priva...
Database Recovery <ul><li>In the event of system failure, the database must be restored to a usable state as soon as possi...
Maintaining the DBMS <ul><li>DBA’s Responsibilities </li></ul><ul><ul><li>Generate database application performance report...
Upcoming SlideShare
Loading in...5
×

31984-dbp10_ch09_0102andf06.ppt

240

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
240
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
3
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

31984-dbp10_ch09_0102andf06.ppt

  1. 1. David M. Kroenke’s Chapter Nine: Managing Multiuser Databases Database Processing: Fundamentals, Design, and Implementation
  2. 2. Database Administration <ul><li>All databases need some form of database administration </li></ul><ul><ul><li>Data administration refers to a function concerning all of an organization’s data assets </li></ul></ul><ul><ul><li>Data base administration (DBA) refers to a person or office specific to a single database and its applications </li></ul></ul>
  3. 3. DBA Tasks <ul><li>Managing database structure </li></ul><ul><li>Controlling concurrent processing </li></ul><ul><li>Developing database security </li></ul><ul><ul><li>Managing processing rights and responsibilities </li></ul></ul><ul><li>Providing for database recovery </li></ul><ul><li>Maintaining the DBMS </li></ul><ul><li>Maintaining the data repository </li></ul>
  4. 4. Managing Database Structure <ul><li>DBA’s tasks: </li></ul><ul><ul><li>Participate in database and application development </li></ul></ul><ul><ul><ul><li>Assist in requirements stage and data model creation </li></ul></ul></ul><ul><ul><ul><li>Play an active role in database design and creation </li></ul></ul></ul><ul><ul><li>Facilitate changes to database structure </li></ul></ul><ul><ul><ul><li>Seek community-wide solutions </li></ul></ul></ul><ul><ul><ul><ul><li>Assess impact on all users </li></ul></ul></ul></ul><ul><ul><ul><li>Maintenance </li></ul></ul></ul><ul><ul><ul><li>Maintain documentation </li></ul></ul></ul>
  5. 5. Concurrency Control <ul><li>This ensures that one user’s actions do not inappropriately affect another user’s work </li></ul><ul><ul><li>No single concurrency control technique is ideal for all circumstances </li></ul></ul><ul><ul><li>Trade-offs need to be made between level of protection and throughput </li></ul></ul><ul><li>Resource locking prevents multiple users or applications from obtaining copies of the same record when that record is about to be changed </li></ul>
  6. 6. Privacy and Security <ul><li>Privacy </li></ul><ul><ul><li>the right of individuals to have some control over information about themselves </li></ul></ul><ul><ul><li>protected by law in many countries </li></ul></ul><ul><li>Security </li></ul><ul><ul><li>protecting the database from unauthorized access, modification, or destruction </li></ul></ul><ul><li>The right to privacy can be protected by good database security </li></ul>
  7. 7. Databases as tools of privacy abuse <ul><li>Why are databases so vulnerable for use as instruments of privacy abuse? </li></ul>
  8. 8. They’re used in ways they weren’t intended… <ul><li>Accidental uses </li></ul><ul><li>Unauthorized uses </li></ul><ul><ul><li>Accidental </li></ul></ul><ul><ul><li>Deliberate </li></ul></ul><ul><li>Unanticipated uses </li></ul><ul><ul><li>What design practices facilitate unanticipated uses of the database? </li></ul></ul>
  9. 9. Accidental Security Threats <ul><li>User errors </li></ul><ul><ul><li>User unintentionally requests object or operation for which he/she should not be authorized </li></ul></ul><ul><li>Communications system errors </li></ul><ul><ul><li>User sent a message that should be sent to another user </li></ul></ul><ul><ul><li>System connects a user to a session that belongs to another user with different access privileges </li></ul></ul><ul><li>OS errors </li></ul><ul><ul><li>Accidentally overwrites files and destroys part of database </li></ul></ul><ul><ul><li>Fetches the wrong files and sends them to the user </li></ul></ul><ul><ul><li>Fails to erase files that should be erased </li></ul></ul>
  10. 10. Deliberate Security Threats <ul><li>User intentionally gains unauthorized access to data in the database </li></ul><ul><ul><li>Disgruntled employee familiar with the organization's computer system seeks revenge </li></ul></ul><ul><ul><li>Industrial spies seek information for competitors </li></ul></ul><ul><ul><li>Criminals exploit lax security practices </li></ul></ul>
  11. 11. Deliberate Security Threats <ul><li>Wiretapping/electronic eavesdropping </li></ul><ul><li>Reading unsupervised display screens or printouts </li></ul><ul><li>Impersonating authorized users </li></ul><ul><li>Writing programs to bypass the DBMS and access database data directly </li></ul><ul><li>Writing applications programs to perform unauthorized operations </li></ul><ul><li>Deriving information about hidden data by clever querying </li></ul><ul><li>Removing physical storage devices from the computer facility </li></ul><ul><li>Making copies of stored files without going through the DBMS </li></ul><ul><li>Bribing, blackmailing or influencing authorized users to obtain information or damage the database </li></ul>
  12. 12. SQL Injection Attack <ul><li>This occurs when data from the user is used to modify a SQL statement </li></ul><ul><li>User input can modify a SQL statement </li></ul><ul><ul><li>It must be carefully edited to ensure that only valid input has been received </li></ul></ul><ul><li>Ex: users prompted to enter their names into a form textbox </li></ul><ul><ul><li>User input: Benjamin Franklin ' OR TRUE ' </li></ul></ul><ul><ul><ul><li>SELECT * FROM EMPLOYEE </li></ul></ul></ul><ul><ul><ul><li>WHERE EMPLOYEE.Name = 'Benjamin Franklin' OR TRUE ; </li></ul></ul></ul><ul><ul><li>What’s the result here? </li></ul></ul>
  13. 13. Treatment of sensitive data <ul><li>Don’t collect if you don’t need it </li></ul><ul><li>If you do need it… </li></ul><ul><ul><li>Be proactive in your protection of privacy! </li></ul></ul>
  14. 14. Don’t collect if you don’t need it <ul><li>How do you know it is sensitive? </li></ul><ul><ul><li>Stakeholder analysis </li></ul></ul><ul><li>How do you know if you need it or not? </li></ul><ul><ul><li>Review client specifications / ask the client again (…and again) </li></ul></ul><ul><ul><li>Consider unanticipated uses enabled by the data being collected </li></ul></ul>
  15. 15. If you do need it… <ul><li>Identify sensitive attributes at the conceptual (ER) level </li></ul><ul><li>Flag or mark sensitive attributes for future protection </li></ul><ul><li>Consider privacy protection issues during the normalization process </li></ul><ul><li>Test the accessibility of privacy-sensitive data during the query-testing phase </li></ul><ul><li>Create views/encrypt/restrict or log access </li></ul><ul><li>Apply other privacy protections… </li></ul><ul><li>Be proactive in your protection of privacy! </li></ul><ul><ul><li>Have a security plan! </li></ul></ul>
  16. 16. DBMS Security Guidelines - 1 <ul><li>Run DBMS behind firewall; plan as if firewall has been breached </li></ul><ul><li>Apply latest operating system and DBMS patches </li></ul><ul><li>Use the least functionality possible </li></ul><ul><ul><li>Support the fewest network protocols possible </li></ul></ul><ul><ul><li>Delete unnecessary or unused stored procedures </li></ul></ul><ul><ul><li>Disable default logins and guest users </li></ul></ul><ul><ul><li>Limit allowing users to log on to the DBMS interactively </li></ul></ul><ul><li>Protect the computer that runs the DBMS </li></ul><ul><ul><li>Keep it physically secured behind locked doors </li></ul></ul><ul><ul><li>All users work remotely </li></ul></ul><ul><ul><li>Log all access to the room containing the DBMS computer </li></ul></ul>
  17. 17. DBMS Security Guidelines - 2 <ul><li>Manage accounts and passwords </li></ul><ul><ul><li>Use a low privilege user account for the DBMS service </li></ul></ul><ul><ul><li>Protect database accounts with strong passwords </li></ul></ul><ul><ul><li>Monitor failed login attempts </li></ul></ul><ul><ul><li>Frequently check group and role memberships </li></ul></ul><ul><ul><li>Audit accounts with null passwords </li></ul></ul><ul><ul><li>Assign accounts the lowest privileges possible </li></ul></ul><ul><ul><li>Limit DBA account privileges </li></ul></ul><ul><li>Planning </li></ul><ul><ul><li>Develop a security plan for preventing and detecting security problems </li></ul></ul><ul><ul><li>Create procedures for security emergencies and practice them </li></ul></ul>
  18. 18. Application Security <ul><li>Provide additional security code for application programs </li></ul><ul><ul><li>Internet application security is often provided on the Web server computer </li></ul></ul><ul><li>However, use the DBMS security features first </li></ul><ul><ul><li>The closer the security enforcement is to the data, the less chance there is for infiltration </li></ul></ul><ul><ul><li>DBMS security features are faster, cheaper, and probably result in higher quality than homegrown ones </li></ul></ul>
  19. 19. Security Plan <ul><li>Includes physical security measures for the building-physical barriers, control access, require badges, sign-in etc. </li></ul><ul><li>Then more physical security for the computer facilities - e.g. locked door </li></ul><ul><li>Additional security control for database </li></ul><ul><li>Authentication </li></ul><ul><li>Authorization </li></ul>
  20. 20. Authentication <ul><li>User authentication </li></ul><ul><ul><li>verifying the identity of users </li></ul></ul><ul><li>Operating system uses </li></ul><ul><ul><li>user profiles, user ids, passwords, authentication procedures, badges, keys, physical characteristics of the user </li></ul></ul><ul><li>Additional authentication can be required to access the database </li></ul><ul><ul><li>additional user ids, passwords </li></ul></ul>
  21. 21. Authentication Issues <ul><li>Limitations of password security </li></ul><ul><ul><li>users write them down </li></ul></ul><ul><ul><li>choose words that are easy to guess </li></ul></ul><ul><ul><li>share them </li></ul></ul><ul><li>Physical security </li></ul><ul><ul><li>Can require users to insert badges or keys to log on to a workstation </li></ul></ul><ul><ul><li>Voice, fingerprints, retina scans, or other biometric measures </li></ul></ul><ul><li>Series of questions </li></ul><ul><ul><li>Takes longer but is more difficult to reproduce than password </li></ul></ul><ul><ul><li>Authentication can be required for workstation access and again for database access </li></ul></ul><ul><ul><li>User may be required to produce an additional password to access the database </li></ul></ul>
  22. 22. Authorization <ul><li>Multiple user DBMS’s have security subsystems to provide for authorization </li></ul><ul><ul><li>users are assigned rights to use particular database objects </li></ul></ul><ul><li>Authorization rules </li></ul><ul><ul><li>An authorization language allows the DBA to write rules specifying the kind of access given users have to specified database objects </li></ul></ul>
  23. 23. Security Mechanisms <ul><li>Views - simple method for access control </li></ul><ul><li>Security log - journal for storing records of attempted security violations </li></ul><ul><li>Audit trail - records all access to the database -requestor, operation performed, workstation used, time, data items and values involved </li></ul><ul><li>Triggers can be used to set up an audit trail </li></ul><ul><li>Encryption of database data also protects it </li></ul>
  24. 24. Encryption <ul><li>Uses a system that consists of </li></ul><ul><ul><li>Encryption algorithm that converts plaintext into ciphertext through the use of an encrypting key </li></ul></ul><ul><ul><li>Decryption algorithm uses decryption key reproduces plaintext from ciphertext </li></ul></ul>
  25. 25. SQL Authorization Language <ul><li>GRANT statement used for authorization </li></ul><ul><li>REVOKE statement used de-authorization </li></ul><ul><li>Privileges can be given to </li></ul><ul><ul><li>users directly </li></ul></ul><ul><ul><li>a role (classification of users) </li></ul></ul><ul><ul><ul><li>The role is given to users </li></ul></ul></ul><ul><li>System keeps track of authorizations using a grant diagram, or authorization graph </li></ul>
  26. 26. DBMS Security Model
  27. 27. Examples of Grant <ul><li>Granting privileges to a user U101 : </li></ul><ul><ul><li>GRANT SELECT ON Student TO U101 WITH GRANT OPTION; </li></ul></ul><ul><li>Creating and granting privileges to a role </li></ul><ul><ul><li>Creating the role: </li></ul></ul><ul><ul><li>CREATE ROLE AdvisorRole; </li></ul></ul><ul><ul><li>Granting privileges to the role </li></ul></ul><ul><ul><ul><li>GRANT SELECT ON Student TO AdvisorRole; </li></ul></ul></ul><ul><ul><li>Assign a role to a user </li></ul></ul><ul><ul><ul><li>GRANT AdvisorRole to U999; </li></ul></ul></ul><ul><ul><li>To assign a role to another role </li></ul></ul><ul><ul><ul><li>GRANT FacultyRole TO AdvisorRole; </li></ul></ul></ul><ul><ul><ul><ul><li>Allows inheritance of role privileges </li></ul></ul></ul></ul>
  28. 28. Statistical Databases <ul><li>Support statistical analysis on populations </li></ul><ul><ul><li>Used for data mining operations </li></ul></ul><ul><li>Data itself may contain facts about individuals, but is not meant to be retrieved on an individual basis </li></ul><ul><li>Users are permitted to access statistical information - totals, counts, or averages - but not information about individuals </li></ul>
  29. 29. Statistical DB Security <ul><li>Requires special precautions so that users are not able to deduce data about individuals </li></ul><ul><li>Even if all queries must involve count, sum or average, a user might get away with using WHERE clauses to narrow the population down to one individual </li></ul><ul><ul><li>The system can refuse any query for which only one record satisfies the predicate </li></ul></ul><ul><li>Can restrict queries </li></ul><ul><ul><li>Require that the number of records satisfying the query is above some threshold </li></ul></ul><ul><ul><li>Require that the number of records satisfying a pair of queries simultaneously cannot exceed some limit </li></ul></ul><ul><ul><li>Can disallow sets of queries that repeatedly involve the same records </li></ul></ul>
  30. 30. Privacy impact study <ul><li>Once the database is deployed, whose privacy will be at risk? </li></ul><ul><li>Analyze privacy/security mechanisms </li></ul><ul><ul><li>Are they adequate? </li></ul></ul><ul><li>Full disclosure </li></ul><ul><ul><li>Be honest & clear about </li></ul></ul><ul><ul><ul><li>which populations are most vulnerable </li></ul></ul></ul><ul><ul><ul><li>possible additional uses of the database (not in the original plan) </li></ul></ul></ul>
  31. 31. Database Recovery <ul><li>In the event of system failure, the database must be restored to a usable state as soon as possible </li></ul>
  32. 32. Maintaining the DBMS <ul><li>DBA’s Responsibilities </li></ul><ul><ul><li>Generate database application performance reports </li></ul></ul><ul><ul><li>Investigate user performance complaints </li></ul></ul><ul><ul><li>Assess need for changes in database structure or application design </li></ul></ul><ul><ul><li>Modify database structure </li></ul></ul><ul><ul><li>Evaluate and implement new DBMS features </li></ul></ul><ul><ul><li>Tune the DBMS </li></ul></ul>
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×