Your SlideShare is downloading. ×
  • Like
Views and security
Upcoming SlideShare
Loading in...5

Thanks for flagging this SlideShare!

Oops! An error has occurred.


Now you can save presentations on your phone or tablet

Available for both IPhone and Android

Text the download link to your phone

Standard text messaging rates apply

Views and security



Published in Education
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads


Total Views
On SlideShare
From Embeds
Number of Embeds



Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

    No notes for slide


  • 1. Security and Integrity Database Systems Lecture 11
  • 2. In This Lecture• Today database Security and Integrity: • Aspects of security • Access to databases • Making sure the correct data goes in.1) Privileges2) Views3) Integrity constraints• For more information • Connolly and Begg chapters 6 and 19Security and Integrity
  • 3. Database Security• Database security is • Many aspects to about controlling access consider for security: to information • Some information • Legal issues should be available • Physical security freely • OS/Network security • Security policies and • Other information should protocols only be available to certain people or groups • Encryption and passwords • DBMS securitySecurity and Integrity
  • 4. Now then, now then…• DBMS can provide some security: • The DBMS verifies password and checks a user’s permissions • Each user has an account, username when they try to and password either: • These are used to • Retrieve data identify a user and • Modify data control their access to • Modify the database information structureSecurity and Integrity
  • 5. Permissions and Privilege• SQL uses privileges • The owner (creator) to control access to of a database has all privileges on all tables and other objects in the database objects: database, and can grant these to others • SELECT privilege • INSERT privilege • The owner (creator) of an object has all • UPDATE privilege privileges on that • DELETE privilege object and can pass them on to othersSecurity and Integrity
  • 6. Privileges in SQLGRANT <privileges> • <users> is a list of user names or PUBLIC ON <object> TO <users> • <object> is the name of[WITH GRANT OPTION] a table or view (later)• <privileges> is a list of • WITH GRANT OPTION SELECT <columns>, means that the users can INSERT <columns>, pass their privileges on to others DELETE, and UPDATE <columns>, or simply ALLSecurity and Integrity
  • 7. Privileges ExamplesGRANT ALL ON Employee GRANT SELECT, TO Scooby UPDATE(Salary) ON WITH GRANT OPTION Employee TO ShaggyThe user ‘Scooby’ can do The user ‘Shaggy’ cananything to the Employee view the entire Employeetable, and can allow other table, and can changeusers to do the same (by Salary values, but cannotusing GRANT statements) change other values or pass on their privilegeSecurity and Integrity
  • 8. Removing Privileges• If you want to • If a user has been remove a privilege given the same you have granted privilege from other you use: users then they keep it. Everyone has to revoke them. REVOKE <privileges> ON <object> • However all FROM <users> privileges dependent on the revoked one are also revokedSecurity and Integrity
  • 9. An example. … •‘Waqas’ grants ALL Waqas privileges to ‘Saleem’, and SELECT to ‘Sajid’ with the SELECT ALL grant option •‘Sajid’ grants SELECT to Sajid Saleem ‘Saqib’ SELECT ALL •‘Saleem’ grants ALL to ‘Saqib’ SaqibSecurity and Integrity
  • 10. Removing Privileges. Rut-ro…•Saqib quickly begins toannoy everyone so Saleem Waqasrevokes ALL from him… SELECT ALL•N.b. Saqib still has SELECTprivileges from ‘Sajid’… Sajid Saleem•Waqas revokes SELECT from SELECT ALLSajid…•And as a consequence Saqib Saqibloses SELECT also Security and Integrity
  • 11. Views• Now Privileges work • But Views provide at the level of ‘derived’ tables: tables: • You can restrict • A view is the result of access by column a SELECT statement which is treated like a • You cannot restrict table access by row • You can SELECT from• Views, along with (and sometimes privileges, allow for UPDATE, etc) views just like tables customised access.Security and Integrity
  • 12. Creating ViewsCREATE VIEW <name> • Example: AS <select stmt> • We want each user to• <name> is the name be able to view the names and phone of the new view. numbers (only) of• <select stmt> is a those employees that are in their own query that returns department the rows and columns of the viewSecurity and Integrity
  • 13. View Example • Say we want each user to be able to view the names and phone numbers (only) of those employees in their own department. • In Oracle, you can refer to the current user as USER Employee ID Name Phone Department Salary E158 Mark x6387 Accounts £15,000 E159 Mary x6387 Marketing £15,000 E160 Jane x6387 Marketing £15,000Security and Integrity
  • 14. View Example CREATE VIEW OwnDept AS SELECT Name, Phone FROM Employee WHERE Department = (SELECT Department FROM Employee WHERE name = USER) GRANT SELECT ON OwnDept TO PUBLICSecurity and Integrity
  • 15. Using Views and Privileges• Views and privileges are used together to control User 1 User 2 User 3 access • A view is made which contains the information External External needed View 1 View 2 • Privileges are granted to that view, rather than Conceptual the underlying tables DBA ViewSecurity and Integrity
  • 16. View Updating• Views are like virtual tables: • Their value depends on the ‘base’ tables that they are defined from • You can select from views just like a tableSo what the dickens happensto the updates, inserts, anddeletes?Security and Integrity
  • 17. View Updating • Updates to the base tables change the views and vice-versa • But it is often not clear how to change the base tables to make the desired change to the view. • This also affects stuff like Java’s ResultSet. • Are there any rules to make it clear when updates, inserts and deletes are possible and when they are not?Security and Integrity
  • 18. View Updating• In general it is • In general it is not possible to update possible to update views which: views which • Are defined on a • Are defined on more single table than one base table by a join operation • Contain at least one primary or candidate • Contain aggregate key for that relation functions and group by clausesSecurity and Integrity
  • 19. Example: Module Enrolment Student Code Dept ID Code ID Name DBS CSIT 123 DBS 123 John RDB CSIT 123 ALG 124 Mary ALG Math 124 DBS 125 Chris 124 RDB 125 ALGCREATE VIEW CSIT AS SELECT S.ID, S.Name, Count(*) AS Num FROM Student AS S, Enrolment AS E, Module AS M WHERE S.ID = E.ID ID Name Num AND E.Code = M.Code AND M.Dept = ‘CSIT’ 123 John 1 GROUP BY S.ID, S.Name 124 Mary 2 Security and Integrity
  • 20. View Updating Example CSIT ID Name Num 123 Saqib 1 124 Mahd 2 UPDATE CSIT SET Num = 1 cannot update the result of the WHERE Name= ‘Saqib’ aggregate function COUNT()… DELETE FROM CSIT cannot delete because we have joined several tables to create WHERE Name = ‘Saqib’ this view… INSERT INTO CSIT cannot insert because we have joined several tables and none VALUES (126, ‘Asif’, 1) have Num in anyway!Security and Integrity
  • 21. Combining Views and PrivilegesTo restrict someones access Employeeto a table: ID Name Salary Department • Create a view of that table that shows only the information they need to see. • Say we want to let the user John read • Grant them privileges on the view . the department and name, and be able to • Revoke any privileges update the they have on the original table department (only) Security and Integrity
  • 22. Using Views and PrivilegesCreate a view: Set the privileges:CREATE VIEW forSaqib GRANT SELECT,AS SELECT Name, UPDATE (Department) Department ON forSaqib FROM Employee TO John REVOKE ALL ON forSaqib FROM SaqibSecurity and Integrity
  • 23. Database Integrity• Security vs Integrity • Integrity constraints • Domain constraints • Database security apply to data types makes sure that the user is authorised to access information • Attribute constraints apply to columns • Database integrity • Relation constraints makes sure that apply to rows in a single (authorised) users table manipulate that information correctly • Database constraints apply between tablesSecurity and Integrity
  • 24. 1 Example CHECK• A check statement allows you to constrain what can be entered into the database.• I.e. you can define what makes it consistent.CREATE TABLE Poker_players( name VARCHAR(32), age INTEGER CHECK (age > 18) CHECK that we) only have legal poker playersSecurity and Integrity