SlideShare a Scribd company logo

Application security models

Download as PPTX, PDF
E
ERSHUBHAM TIWARI

This document discusses 5 different application security models: database role based, application role based, application function based, application role and function based, and application table based. For each model, it describes the key tables used to implement the model, how privileges are assigned, and some characteristics of the model. The models aim to provide data security and access protection at the table level through different approaches to assigning privileges to users.

Engineering
1 of 55
Introduction  We examine five different application security models that are commonly used by the industry to provide data security and access protection at the table level.  Database role based.  Application role based.  Application function based.  Application role and function based.  Application table based.
Security Model Based on Database Roles  This model depend on the application to authentication the application users by maintain all end users in a table with their encryption password.  In this model, each end user is assigned a database role, which has specific database privilege for accessing application table.  The user can access whatever privileges are assigned to the role
Security Model Based on Database Roles  This model, proxy user is needed to activate assigned roles.  All roles are assigned to the proxy user.
Security Model Based on Database Roles
Security Model Based on Database Roles  APPLICATION_USERS:  This is used to store and maintain all end users of the application with their encrypted passwords.  APLLICATION_USERS_ROLES:  Contains all roles defined by application and for each role that privilege is assigned; privilege can be read, write, read/write.
Security Model Based on Database Roles  The architectural view of the model has common control columns prefixed with CTL.  These control columns contains information about manipulate record.
Security Model Based on Database Roles  CTL_INS_DTTM contains the date and time when the record was created.  CTL_UPD_DTTM contains the date and time when the record was last updated.  CTL_UPD_USER contains the date name that created the record or last updated the record.  CTL_REC_STAT can be used to indicate the status of the record. We can use this column for any purpose, we may set this column to “A” as an indicator that the record active and I as inactive
Security Model Based on Database Roles
Security Model Based on Database Roles  Implementing in Oracle  create a proxy user called APP_PROXY that will be assigned to all application role and will work on behalf of the application user APP_USER to gain access to all tables owned by the application owner called APP_OWNER.
Security Model Based on Database Roles
Security Model Based on Database Roles
Security Model Based on Database Roles
Security Model Based on Database Roles
Security Model Based on Application Roles  The concept of an application role security model are similar to the concept of database role security model in that they are both methods for organizing and administrating privileges.  Application roles are typically mapped specifically to real business roles
Security Model Based on Application Roles
Security Model Based on Application Roles  APPLICATION_USERS:  This is used to store and maintain all end users of the application with their encrypted passwords.  APPLICATION_ROLES  All roles defined by the application and for each role a privilege are assigned. The privilege can be read, write, or read/write
Security Model Based on Application Roles  The security model that is based on application roles depends on the application to authenticate the application users.  Authentication is accomplished by maintaining all end users in a table with their encrypted password.
Security Model Based on Application Roles  In this model, each end user is assigned an application role, and the application role is provided with application privileges to read/write specific modules of the application.
Security Model Based on Application Roles
Security Model Based on Application Roles  The point need to be considered during security Model  This model does not allow the flexibility required to make changes necessary for security.  For example a user called Scott who has a clerk role, and the clerk has privileges to read, add, and modify. This means that Scott can perform these operations on all modules of the application.
Security Model Based on Application Roles  Privileges are limited to any combination of the following.  read  add  delete  update  admin
Security Model Based on Application Roles  This model isolates the application security from the database, which make implementation of database independent.  Only one role is assigned to an application user.  Maintenance of the application security does not require specific database privilege. This lowers the risk of database violation.
Security Model Based on Application Roles  Passwords must be securely encrypted. preferably using private and public keys
Security Model based on Application Functions  The security model that is based on application function depends on the application to authenticate the application user by maintaining all end user in a table with their encrypted password.
Security Model based on Application Functions  In this model the application is divided into functions.  For instance, if you were using an inventory application we need to have a function name CUSTOMER that maintain customers and another function name PRODUCTS for maintain products, and so on
Security Model based on Application Functions
Security Model based on Application Functions  Tables used in this security model  APPLICATION_USERS:  This is used to store and maintain all end users of the application with their encrypted passwords  Application Functions:  This table contains all logical functions of the application
Security Model based on Application Functions  Tables used in this security model  Application_Functions_Privileges  This table stores all privileges for functions such as : read, write, read/write  Application_Users_Functions  This table contains all end users and their application function privileges.
Security Model based on Application Functions  The following list presents characteristics of this security model:  In this model the application security from the database, this makes implementation independent.  Maintenance of the application security does not require specific database privileges which lower the risk of database violations.
Security Model based on Application Functions  Password must be securely encrypted, preferably using private and public key. In this case we must modify the structure of the APPLICATION_USERS table by adding columns to store public and private keys.  The application must be designed in a granular fashion.  The more granular the privileges, the more effort are needed to implement them
Security Model based on Application Roles and Functions  This security model is a combination of both the role and function security models.  The application roles and functions security model depends on the application to authenticate the application users.
Security Model based on Application Roles and Functions  The application authenticates users by maintaining all end users in a table with their encrypted passwords.  In this model the application is divided into function and roles are assigned to function that are in turn assigned to users.
Security Model based on Application Roles and Functions
Security Model based on Application Roles and Functions  APPLICATION_USERS:  This is used to store and maintain all end users of the application with their encrypted passwords  APPLICATION_FUNCTIONS:  This table contains all logical functions of the application
Security Model based on Application Roles and Functions  APPLICATION_USER_ROLES  Contains all roles assigned to users  APPLICATION_ROLES  Contains all roles defined by the application and for each role assigned
Security Model based on Application Roles and Functions  APPLICATION_ROLE_FUNCTIONS  Contains all functions and privileges that are assigned to each role.  APPLICATION_FUNCTION_PRIVILEGES  Stores all privileges for function : read, write, read/write
Security Model based on Application Roles and Functions
Security Model based on Application Roles and Functions  The following list present characteristics of this security model:  This model provides flexibility for implementing application security.  This model isolates the application security from the database, which make implementation database independent
Security Model based on Application Roles and Functions  Maintenance of the application security does not require specific database privileges, which lower the risk of database violations.  Password must be securely encrypted, preferably using private and public keys. In this case the structure of the APPLICATION_USER table by adding columns to store public and private key
Security Model based on Application Roles and Functions  The application must use a real database user to log on and connect to the application database.  The user name and password must be encrypted and stored in a configuration file.
Security Model based on Application Roles and Functions  The application must be designed in a very granular fashion, which means that the function or modules of the application perform specific task and do not encompass a wide variety of tasks that are cross- functional.
Security Model based on Application Roles and Functions  The more granular the privileges, the more effort needed to implement them.
Security model based on Application Table  This application security model depends on the application to authenticate users by maintaining all end users in a table with their encrypted passwords.  The application provides privileges to the user based on tables, not on a role or a function.
Security model based on Application Table
Security model based on Application Table  APPLICATION_USERS:  This is used to store and maintain all end users of the application with their encrypted passwords.  APPLICATION_USER_TABLES  Contains all tables assigned to users.
Security model based on Application Table  APPLICATION_TABLES  Contains all tables owned by application.  APPLICATION_TABLE_PRIVILEGES  0- no access  1- read  2-read and add  3-read, add and modify  4- read, add, modify and delete  5- read, add, modify ,delete and admin
Security model based on Application Table  An application user many be granted a read privilege on an application bye adding an entry in APPLICATION_USER_TABLES.
Security model based on Application Table
Security model based on Application Table  The following list present characteristics of this security model:  This model isolates the application security from the database, which make implementation database independent.  Maintenance of the application security does not require specific database privileges, which lowers the risk of database violations.
Security model based on Application Table  Password must be securely encrypted, preferably using private and public keys.  The application must use a real database user to log on and connect to the application database.  Security is implemented easily by using table access privileges that are assigned to each end user.
Comparison
Comparison
54 Data Encryption  Passwords should be kept confidential and preferably encrypted  Passwords should be compared encrypted:  Never decrypt the data  Hash the passwords and compare the hashes
55 Data Encryption (continued)

Recommended

Cloud security ppt
Cloud security pptCloud security ppt
Cloud security ppt
Venkatesh Chary
 
Firewall
FirewallFirewall
Firewall
trilokchandra prakash
 
Security in the Software Development Life Cycle (SDLC)
Security in the Software Development Life Cycle (SDLC)Security in the Software Development Life Cycle (SDLC)
Security in the Software Development Life Cycle (SDLC)
Frances Coronel
 
Secure coding practices
Secure coding practicesSecure coding practices
Secure coding practices
Scott Hurrey
 
Security Model in .NET Framework
Security Model in .NET FrameworkSecurity Model in .NET Framework
Security Model in .NET Framework
Mikhail Shcherbakov
 
Security Architectures on AWS
Security Architectures on AWSSecurity Architectures on AWS
Security Architectures on AWS
Amazon Web Services
 
CISSP Prep: Ch 9. Software Development Security
CISSP Prep: Ch 9. Software Development SecurityCISSP Prep: Ch 9. Software Development Security
CISSP Prep: Ch 9. Software Development Security
Sam Bowne
 
Platform as a Service (PaaS) - A cloud service for Developers
Platform as a Service (PaaS) - A cloud service for Developers Platform as a Service (PaaS) - A cloud service for Developers
Platform as a Service (PaaS) - A cloud service for Developers
Ravindra Dastikop
 

Recommended

Cloud security ppt
Cloud security pptCloud security ppt
Cloud security ppt
Venkatesh Chary
 
Firewall
FirewallFirewall
Firewall
trilokchandra prakash
 
Security in the Software Development Life Cycle (SDLC)
Security in the Software Development Life Cycle (SDLC)Security in the Software Development Life Cycle (SDLC)
Security in the Software Development Life Cycle (SDLC)
Frances Coronel
 
Secure coding practices
Secure coding practicesSecure coding practices
Secure coding practices
Scott Hurrey
 
Security Model in .NET Framework
Security Model in .NET FrameworkSecurity Model in .NET Framework
Security Model in .NET Framework
Mikhail Shcherbakov
 
Security Architectures on AWS
Security Architectures on AWSSecurity Architectures on AWS
Security Architectures on AWS
Amazon Web Services
 
CISSP Prep: Ch 9. Software Development Security
CISSP Prep: Ch 9. Software Development SecurityCISSP Prep: Ch 9. Software Development Security
CISSP Prep: Ch 9. Software Development Security
Sam Bowne
 
Platform as a Service (PaaS) - A cloud service for Developers
Platform as a Service (PaaS) - A cloud service for Developers Platform as a Service (PaaS) - A cloud service for Developers
Platform as a Service (PaaS) - A cloud service for Developers
Ravindra Dastikop
 
Cloud Security Demystified
Cloud Security DemystifiedCloud Security Demystified
Cloud Security Demystified
Michael Torres
 
Multi cloud security architecture
Multi cloud security architecture Multi cloud security architecture
Multi cloud security architecture
Maganathin Veeraragaloo
 
Application Security
Application SecurityApplication Security
Application Security
Reggie Niccolo Santos
 
Cellular wireless network security
Cellular wireless network securityCellular wireless network security
Cellular wireless network security
Ankit Anand
 
Amazon Virtual Private Cloud (VPC): Networking Fundamentals and Connectivity ...
Amazon Virtual Private Cloud (VPC): Networking Fundamentals and Connectivity ...Amazon Virtual Private Cloud (VPC): Networking Fundamentals and Connectivity ...
Amazon Virtual Private Cloud (VPC): Networking Fundamentals and Connectivity ...
Amazon Web Services
 
Defence in Depth Architectural Decisions
Defence in Depth Architectural DecisionsDefence in Depth Architectural Decisions
Defence in Depth Architectural Decisions
Peter Rawsthorne
 
Cloud computing and data security
Cloud computing and data securityCloud computing and data security
Cloud computing and data security
Mohammed Fazuluddin
 
Scalable threat modelling with risk patterns
Scalable threat modelling with risk patternsScalable threat modelling with risk patterns
Scalable threat modelling with risk patterns
Stephen de Vries
 
CASB: Securing your cloud applications
CASB: Securing your cloud applicationsCASB: Securing your cloud applications
CASB: Securing your cloud applications
Forcepoint LLC
 
Threat Modelling
Threat ModellingThreat Modelling
Threat Modelling
n|u - The Open Security Community
 
API Gateway report
API Gateway reportAPI Gateway report
API Gateway report
Gleicon Moraes
 
Cloud Security Architecture.pptx
Cloud Security Architecture.pptxCloud Security Architecture.pptx
Cloud Security Architecture.pptx
Moshe Ferber
 
Enterprise Security Architecture for Cyber Security
Enterprise Security Architecture for Cyber SecurityEnterprise Security Architecture for Cyber Security
Enterprise Security Architecture for Cyber Security
The Open Group SA
 
Infrastructure as a Service ( IaaS)
Infrastructure as a Service ( IaaS)Infrastructure as a Service ( IaaS)
Infrastructure as a Service ( IaaS)
Ravindra Dastikop
 
Security Architecture
Security ArchitectureSecurity Architecture
Security Architecture
amiable_indian
 
Google App Engine ppt
Google App Engine pptGoogle App Engine ppt
Google App Engine ppt
OECLIB Odisha Electronics Control Library
 
Cloud Computing Architecture
Cloud Computing ArchitectureCloud Computing Architecture
Cloud Computing Architecture
Animesh Chaturvedi
 
Cloud security Presentation
Cloud security PresentationCloud security Presentation
Cloud security Presentation
Ajay p
 
SaaS Presentation at SCIT Conference
SaaS Presentation at SCIT ConferenceSaaS Presentation at SCIT Conference
SaaS Presentation at SCIT Conference
Suhas Kelkar
 
Image Steganography
Image SteganographyImage Steganography
Image Steganography
Hushen Savani
 
Database modeling and security
Database modeling and securityDatabase modeling and security
Database modeling and securityNeeharika Nidadavolu
 
Cellular network
Cellular networkCellular network
Cellular networkshreb
 

More Related Content

What's hot

Cloud Security Demystified
Cloud Security DemystifiedCloud Security Demystified
Cloud Security Demystified
Michael Torres
 
Multi cloud security architecture
Multi cloud security architecture Multi cloud security architecture
Multi cloud security architecture
Maganathin Veeraragaloo
 
Application Security
Application SecurityApplication Security
Application Security
Reggie Niccolo Santos
 
Cellular wireless network security
Cellular wireless network securityCellular wireless network security
Cellular wireless network security
Ankit Anand
 
Amazon Virtual Private Cloud (VPC): Networking Fundamentals and Connectivity ...
Amazon Virtual Private Cloud (VPC): Networking Fundamentals and Connectivity ...Amazon Virtual Private Cloud (VPC): Networking Fundamentals and Connectivity ...
Amazon Virtual Private Cloud (VPC): Networking Fundamentals and Connectivity ...
Amazon Web Services
 
Defence in Depth Architectural Decisions
Defence in Depth Architectural DecisionsDefence in Depth Architectural Decisions
Defence in Depth Architectural Decisions
Peter Rawsthorne
 
Cloud computing and data security
Cloud computing and data securityCloud computing and data security
Cloud computing and data security
Mohammed Fazuluddin
 
Scalable threat modelling with risk patterns
Scalable threat modelling with risk patternsScalable threat modelling with risk patterns
Scalable threat modelling with risk patterns
Stephen de Vries
 
CASB: Securing your cloud applications
CASB: Securing your cloud applicationsCASB: Securing your cloud applications
CASB: Securing your cloud applications
Forcepoint LLC
 
Threat Modelling
Threat ModellingThreat Modelling
Threat Modelling
n|u - The Open Security Community
 
API Gateway report
API Gateway reportAPI Gateway report
API Gateway report
Gleicon Moraes
 
Cloud Security Architecture.pptx
Cloud Security Architecture.pptxCloud Security Architecture.pptx
Cloud Security Architecture.pptx
Moshe Ferber
 
Enterprise Security Architecture for Cyber Security
Enterprise Security Architecture for Cyber SecurityEnterprise Security Architecture for Cyber Security
Enterprise Security Architecture for Cyber Security
The Open Group SA
 
Infrastructure as a Service ( IaaS)
Infrastructure as a Service ( IaaS)Infrastructure as a Service ( IaaS)
Infrastructure as a Service ( IaaS)
Ravindra Dastikop
 
Security Architecture
Security ArchitectureSecurity Architecture
Security Architecture
amiable_indian
 
Google App Engine ppt
Google App Engine pptGoogle App Engine ppt
Google App Engine ppt
OECLIB Odisha Electronics Control Library
 
Cloud Computing Architecture
Cloud Computing ArchitectureCloud Computing Architecture
Cloud Computing Architecture
Animesh Chaturvedi
 
Cloud security Presentation
Cloud security PresentationCloud security Presentation
Cloud security Presentation
Ajay p
 
SaaS Presentation at SCIT Conference
SaaS Presentation at SCIT ConferenceSaaS Presentation at SCIT Conference
SaaS Presentation at SCIT Conference
Suhas Kelkar
 
Image Steganography
Image SteganographyImage Steganography
Image Steganography
Hushen Savani
 

What's hot (20)

Cloud Security Demystified
Cloud Security DemystifiedCloud Security Demystified
Cloud Security Demystified
 
Multi cloud security architecture
Multi cloud security architecture Multi cloud security architecture
Multi cloud security architecture
 
Application Security
Application SecurityApplication Security
Application Security
 
Cellular wireless network security
Cellular wireless network securityCellular wireless network security
Cellular wireless network security
 
Amazon Virtual Private Cloud (VPC): Networking Fundamentals and Connectivity ...
Amazon Virtual Private Cloud (VPC): Networking Fundamentals and Connectivity ...Amazon Virtual Private Cloud (VPC): Networking Fundamentals and Connectivity ...
Amazon Virtual Private Cloud (VPC): Networking Fundamentals and Connectivity ...
 
Defence in Depth Architectural Decisions
Defence in Depth Architectural DecisionsDefence in Depth Architectural Decisions
Defence in Depth Architectural Decisions
 
Cloud computing and data security
Cloud computing and data securityCloud computing and data security
Cloud computing and data security
 
Scalable threat modelling with risk patterns
Scalable threat modelling with risk patternsScalable threat modelling with risk patterns
Scalable threat modelling with risk patterns
 
CASB: Securing your cloud applications
CASB: Securing your cloud applicationsCASB: Securing your cloud applications
CASB: Securing your cloud applications
 
Threat Modelling
Threat ModellingThreat Modelling
Threat Modelling
 
API Gateway report
API Gateway reportAPI Gateway report
API Gateway report
 
Cloud Security Architecture.pptx
Cloud Security Architecture.pptxCloud Security Architecture.pptx
Cloud Security Architecture.pptx
 
Enterprise Security Architecture for Cyber Security
Enterprise Security Architecture for Cyber SecurityEnterprise Security Architecture for Cyber Security
Enterprise Security Architecture for Cyber Security
 
Infrastructure as a Service ( IaaS)
Infrastructure as a Service ( IaaS)Infrastructure as a Service ( IaaS)
Infrastructure as a Service ( IaaS)
 
Security Architecture
Security ArchitectureSecurity Architecture
Security Architecture
 
Google App Engine ppt
Google App Engine pptGoogle App Engine ppt
Google App Engine ppt
 
Cloud Computing Architecture
Cloud Computing ArchitectureCloud Computing Architecture
Cloud Computing Architecture
 
Cloud security Presentation
Cloud security PresentationCloud security Presentation
Cloud security Presentation
 
SaaS Presentation at SCIT Conference
SaaS Presentation at SCIT ConferenceSaaS Presentation at SCIT Conference
SaaS Presentation at SCIT Conference
 
Image Steganography
Image SteganographyImage Steganography
Image Steganography
 

Viewers also liked

Cellular network
Cellular networkCellular network
Cellular networkshreb
 
Database & Technology 1 _ Barbara Rabinowicz _ Database Security Methoda and ...
Database & Technology 1 _ Barbara Rabinowicz _ Database Security Methoda and ...Database & Technology 1 _ Barbara Rabinowicz _ Database Security Methoda and ...
Database & Technology 1 _ Barbara Rabinowicz _ Database Security Methoda and ...InSync2011
 
Secure360 - Extracting Password from Windows
Secure360 - Extracting Password from WindowsSecure360 - Extracting Password from Windows
Secure360 - Extracting Password from Windows
Scott Sutherland
 
Cellular phones
Cellular phonesCellular phones
Cellular phones
Khurram Burjees
 
Drug Registration in GCC (Gulf Cooperation Council) - by Akshay Anand
Drug Registration in GCC (Gulf Cooperation Council) - by Akshay AnandDrug Registration in GCC (Gulf Cooperation Council) - by Akshay Anand
Drug Registration in GCC (Gulf Cooperation Council) - by Akshay Anand
Akshay Anand
 
D&C Act 1940 Schedule Y - A Presentation by Akshay Anand
D&C Act 1940 Schedule Y - A Presentation by Akshay AnandD&C Act 1940 Schedule Y - A Presentation by Akshay Anand
D&C Act 1940 Schedule Y - A Presentation by Akshay Anand
Akshay Anand
 
Mobile Medical Apps and FDA Regulatory Approach
Mobile Medical Apps and FDA Regulatory ApproachMobile Medical Apps and FDA Regulatory Approach
Mobile Medical Apps and FDA Regulatory Approach
Akshay Anand
 
SECURE AND EFFICIENT DATA TRANSMISSION FOR CLUSTER-BASED WIRELESS SENSOR NETW...
SECURE AND EFFICIENT DATA TRANSMISSION FOR CLUSTER-BASED WIRELESS SENSOR NETW...SECURE AND EFFICIENT DATA TRANSMISSION FOR CLUSTER-BASED WIRELESS SENSOR NETW...
SECURE AND EFFICIENT DATA TRANSMISSION FOR CLUSTER-BASED WIRELESS SENSOR NETW...
Roshith S Pai
 
Network Security‬ and Big ‪‎Data Analytics‬
Network Security‬ and Big ‪‎Data Analytics‬Network Security‬ and Big ‪‎Data Analytics‬
Network Security‬ and Big ‪‎Data Analytics‬
Allot Communications
 
Killed by code - mobile medical devices
Killed by code - mobile medical devicesKilled by code - mobile medical devices
Killed by code - mobile medical devices
Flaskdata.io
 
Drug Dependence & Abuse - Presentation by Akshay Anand
Drug Dependence & Abuse - Presentation by Akshay AnandDrug Dependence & Abuse - Presentation by Akshay Anand
Drug Dependence & Abuse - Presentation by Akshay Anand
Akshay Anand
 
Security Analytics and Big Data: What You Need to Know
Security Analytics and Big Data: What You Need to KnowSecurity Analytics and Big Data: What You Need to Know
Security Analytics and Big Data: What You Need to Know
MapR Technologies
 
Securing MQTT - BuildingIoT 2016 slides
Securing MQTT - BuildingIoT 2016 slidesSecuring MQTT - BuildingIoT 2016 slides
Securing MQTT - BuildingIoT 2016 slides
Dominik Obermaier
 
Object-Relational Database Systems(ORDBMSs)
Object-Relational Database Systems(ORDBMSs)Object-Relational Database Systems(ORDBMSs)
Object-Relational Database Systems(ORDBMSs)
Sahan Walpitagamage
 
AWS re:Invent 2016: IoT and Beyond: Building IoT Solutions for Exploring the ...
AWS re:Invent 2016: IoT and Beyond: Building IoT Solutions for Exploring the ...AWS re:Invent 2016: IoT and Beyond: Building IoT Solutions for Exploring the ...
AWS re:Invent 2016: IoT and Beyond: Building IoT Solutions for Exploring the ...
Amazon Web Services
 
ISO 22000 Food Safety Management Systems - A Presentation by Akshay Anand
ISO 22000 Food Safety Management Systems - A Presentation by Akshay AnandISO 22000 Food Safety Management Systems - A Presentation by Akshay Anand
ISO 22000 Food Safety Management Systems - A Presentation by Akshay Anand
Akshay Anand
 
Secure Data Transmission
Secure Data TransmissionSecure Data Transmission
Secure Data Transmission
bjp4642
 
Regulatory Approval Process for Medical Devices in EU - Presentation by Aksha...
Regulatory Approval Process for Medical Devices in EU - Presentation by Aksha...Regulatory Approval Process for Medical Devices in EU - Presentation by Aksha...
Regulatory Approval Process for Medical Devices in EU - Presentation by Aksha...
Akshay Anand
 

Viewers also liked (20)

Database modeling and security
Database modeling and securityDatabase modeling and security
Database modeling and security
 
Cellular network
Cellular networkCellular network
Cellular network
 
Database & Technology 1 _ Barbara Rabinowicz _ Database Security Methoda and ...
Database & Technology 1 _ Barbara Rabinowicz _ Database Security Methoda and ...Database & Technology 1 _ Barbara Rabinowicz _ Database Security Methoda and ...
Database & Technology 1 _ Barbara Rabinowicz _ Database Security Methoda and ...
 
Secure360 - Extracting Password from Windows
Secure360 - Extracting Password from WindowsSecure360 - Extracting Password from Windows
Secure360 - Extracting Password from Windows
 
Cellular phones
Cellular phonesCellular phones
Cellular phones
 
Drug Registration in GCC (Gulf Cooperation Council) - by Akshay Anand
Drug Registration in GCC (Gulf Cooperation Council) - by Akshay AnandDrug Registration in GCC (Gulf Cooperation Council) - by Akshay Anand
Drug Registration in GCC (Gulf Cooperation Council) - by Akshay Anand
 
D&C Act 1940 Schedule Y - A Presentation by Akshay Anand
D&C Act 1940 Schedule Y - A Presentation by Akshay AnandD&C Act 1940 Schedule Y - A Presentation by Akshay Anand
D&C Act 1940 Schedule Y - A Presentation by Akshay Anand
 
Mobile Medical Apps and FDA Regulatory Approach
Mobile Medical Apps and FDA Regulatory ApproachMobile Medical Apps and FDA Regulatory Approach
Mobile Medical Apps and FDA Regulatory Approach
 
Database security
Database securityDatabase security
Database security
 
SECURE AND EFFICIENT DATA TRANSMISSION FOR CLUSTER-BASED WIRELESS SENSOR NETW...
SECURE AND EFFICIENT DATA TRANSMISSION FOR CLUSTER-BASED WIRELESS SENSOR NETW...SECURE AND EFFICIENT DATA TRANSMISSION FOR CLUSTER-BASED WIRELESS SENSOR NETW...
SECURE AND EFFICIENT DATA TRANSMISSION FOR CLUSTER-BASED WIRELESS SENSOR NETW...
 
Network Security‬ and Big ‪‎Data Analytics‬
Network Security‬ and Big ‪‎Data Analytics‬Network Security‬ and Big ‪‎Data Analytics‬
Network Security‬ and Big ‪‎Data Analytics‬
 
Killed by code - mobile medical devices
Killed by code - mobile medical devicesKilled by code - mobile medical devices
Killed by code - mobile medical devices
 
Drug Dependence & Abuse - Presentation by Akshay Anand
Drug Dependence & Abuse - Presentation by Akshay AnandDrug Dependence & Abuse - Presentation by Akshay Anand
Drug Dependence & Abuse - Presentation by Akshay Anand
 
Security Analytics and Big Data: What You Need to Know
Security Analytics and Big Data: What You Need to KnowSecurity Analytics and Big Data: What You Need to Know
Security Analytics and Big Data: What You Need to Know
 
Securing MQTT - BuildingIoT 2016 slides
Securing MQTT - BuildingIoT 2016 slidesSecuring MQTT - BuildingIoT 2016 slides
Securing MQTT - BuildingIoT 2016 slides
 
Object-Relational Database Systems(ORDBMSs)
Object-Relational Database Systems(ORDBMSs)Object-Relational Database Systems(ORDBMSs)
Object-Relational Database Systems(ORDBMSs)
 
AWS re:Invent 2016: IoT and Beyond: Building IoT Solutions for Exploring the ...
AWS re:Invent 2016: IoT and Beyond: Building IoT Solutions for Exploring the ...AWS re:Invent 2016: IoT and Beyond: Building IoT Solutions for Exploring the ...
AWS re:Invent 2016: IoT and Beyond: Building IoT Solutions for Exploring the ...
 
ISO 22000 Food Safety Management Systems - A Presentation by Akshay Anand
ISO 22000 Food Safety Management Systems - A Presentation by Akshay AnandISO 22000 Food Safety Management Systems - A Presentation by Akshay Anand
ISO 22000 Food Safety Management Systems - A Presentation by Akshay Anand
 
Secure Data Transmission
Secure Data TransmissionSecure Data Transmission
Secure Data Transmission
 
Regulatory Approval Process for Medical Devices in EU - Presentation by Aksha...
Regulatory Approval Process for Medical Devices in EU - Presentation by Aksha...Regulatory Approval Process for Medical Devices in EU - Presentation by Aksha...
Regulatory Approval Process for Medical Devices in EU - Presentation by Aksha...
 

Similar to Application security models

oracle
oracleoracle
oracle
tarunamoria
 
Integrigy oracle apps_password_issue
Integrigy oracle apps_password_issueIntegrigy oracle apps_password_issue
Integrigy oracle apps_password_issuemahmoudezz
 
Mvp pattern
Mvp patternMvp pattern
Mvp pattern
Khuong Vo
 
IRJET- Application Backup and Restore across Multiple Devices
IRJET- Application Backup and Restore across Multiple DevicesIRJET- Application Backup and Restore across Multiple Devices
IRJET- Application Backup and Restore across Multiple Devices
IRJET Journal
 
Abstraction and Automation: A Software Design Approach for Developing Secure ...
Abstraction and Automation: A Software Design Approach for Developing Secure ...Abstraction and Automation: A Software Design Approach for Developing Secure ...
Abstraction and Automation: A Software Design Approach for Developing Secure ...
iosrjce
 
J017325660
J017325660J017325660
J017325660
IOSR Journals
 
Wireless Information Security System via Role based Access Control Pattern Us...
Wireless Information Security System via Role based Access Control Pattern Us...Wireless Information Security System via Role based Access Control Pattern Us...
Wireless Information Security System via Role based Access Control Pattern Us...
ijcnes
 
College information management system.doc
College information management system.docCollege information management system.doc
College information management system.doc
Kamal Acharya
 
Exploring Selenium_Appium Frameworks for Seamless Integration with HeadSpin.pdf
Exploring Selenium_Appium Frameworks for Seamless Integration with HeadSpin.pdfExploring Selenium_Appium Frameworks for Seamless Integration with HeadSpin.pdf
Exploring Selenium_Appium Frameworks for Seamless Integration with HeadSpin.pdf
kalichargn70th171
 
Kalp Corporate Angular Js Tutorials
Kalp Corporate Angular Js TutorialsKalp Corporate Angular Js Tutorials
Kalp Corporate Angular Js Tutorials
Kalp Corporate
 
Oracle E Business Suite Security Made Easy - Menus, Functions, Responsibiliti...
Oracle E Business Suite Security Made Easy - Menus, Functions, Responsibiliti...Oracle E Business Suite Security Made Easy - Menus, Functions, Responsibiliti...
Oracle E Business Suite Security Made Easy - Menus, Functions, Responsibiliti...
Louise Abdulkader
 
Android DesignArchitectures.pptx
Android DesignArchitectures.pptxAndroid DesignArchitectures.pptx
Android DesignArchitectures.pptx
SafnaSaff1
 
Manage security in Model-app Power App with Common data service
Manage security in Model-app Power App with Common data serviceManage security in Model-app Power App with Common data service
Manage security in Model-app Power App with Common data service
Learning SharePoint
 
Software_Engineering_Presentation (1).pptx
Software_Engineering_Presentation (1).pptxSoftware_Engineering_Presentation (1).pptx
Software_Engineering_Presentation (1).pptx
ArifaMehreen1
 
Defensive coding practices is one of the most critical proactive s
Defensive coding practices is one of the most critical proactive sDefensive coding practices is one of the most critical proactive s
Defensive coding practices is one of the most critical proactive s
LinaCovington707
 
TECHNIQUES FOR COMPONENT REUSABLE APPROACH
TECHNIQUES FOR COMPONENT REUSABLE APPROACHTECHNIQUES FOR COMPONENT REUSABLE APPROACH
TECHNIQUES FOR COMPONENT REUSABLE APPROACH
cscpconf
 
APPLICATION SPECIFIC USAGE CONTROL IMPLEMENTATION VERIFICATION
APPLICATION SPECIFIC USAGE CONTROL IMPLEMENTATION VERIFICATIONAPPLICATION SPECIFIC USAGE CONTROL IMPLEMENTATION VERIFICATION
APPLICATION SPECIFIC USAGE CONTROL IMPLEMENTATION VERIFICATION
IJNSA Journal
 
IRJET- Enabling Identity-Based Integrity Auditing and Data Sharing with Sensi...
IRJET- Enabling Identity-Based Integrity Auditing and Data Sharing with Sensi...IRJET- Enabling Identity-Based Integrity Auditing and Data Sharing with Sensi...
IRJET- Enabling Identity-Based Integrity Auditing and Data Sharing with Sensi...
IRJET Journal
 
A review of slicing techniques in software engineering
A review of slicing techniques in software engineeringA review of slicing techniques in software engineering
A review of slicing techniques in software engineering
Salam Shah
 
Asp net whitepaper
Asp net whitepaperAsp net whitepaper
Asp net whitepaperZayar Shwe
 

Similar to Application security models (20)

oracle
oracleoracle
oracle
 
Integrigy oracle apps_password_issue
Integrigy oracle apps_password_issueIntegrigy oracle apps_password_issue
Integrigy oracle apps_password_issue
 
Mvp pattern
Mvp patternMvp pattern
Mvp pattern
 
IRJET- Application Backup and Restore across Multiple Devices
IRJET- Application Backup and Restore across Multiple DevicesIRJET- Application Backup and Restore across Multiple Devices
IRJET- Application Backup and Restore across Multiple Devices
 
Abstraction and Automation: A Software Design Approach for Developing Secure ...
Abstraction and Automation: A Software Design Approach for Developing Secure ...Abstraction and Automation: A Software Design Approach for Developing Secure ...
Abstraction and Automation: A Software Design Approach for Developing Secure ...
 
J017325660
J017325660J017325660
J017325660
 
Wireless Information Security System via Role based Access Control Pattern Us...
Wireless Information Security System via Role based Access Control Pattern Us...Wireless Information Security System via Role based Access Control Pattern Us...
Wireless Information Security System via Role based Access Control Pattern Us...
 
College information management system.doc
College information management system.docCollege information management system.doc
College information management system.doc
 
Exploring Selenium_Appium Frameworks for Seamless Integration with HeadSpin.pdf
Exploring Selenium_Appium Frameworks for Seamless Integration with HeadSpin.pdfExploring Selenium_Appium Frameworks for Seamless Integration with HeadSpin.pdf
Exploring Selenium_Appium Frameworks for Seamless Integration with HeadSpin.pdf
 
Kalp Corporate Angular Js Tutorials
Kalp Corporate Angular Js TutorialsKalp Corporate Angular Js Tutorials
Kalp Corporate Angular Js Tutorials
 
Oracle E Business Suite Security Made Easy - Menus, Functions, Responsibiliti...
Oracle E Business Suite Security Made Easy - Menus, Functions, Responsibiliti...Oracle E Business Suite Security Made Easy - Menus, Functions, Responsibiliti...
Oracle E Business Suite Security Made Easy - Menus, Functions, Responsibiliti...
 
Android DesignArchitectures.pptx
Android DesignArchitectures.pptxAndroid DesignArchitectures.pptx
Android DesignArchitectures.pptx
 
Manage security in Model-app Power App with Common data service
Manage security in Model-app Power App with Common data serviceManage security in Model-app Power App with Common data service
Manage security in Model-app Power App with Common data service
 
Software_Engineering_Presentation (1).pptx
Software_Engineering_Presentation (1).pptxSoftware_Engineering_Presentation (1).pptx
Software_Engineering_Presentation (1).pptx
 
Defensive coding practices is one of the most critical proactive s
Defensive coding practices is one of the most critical proactive sDefensive coding practices is one of the most critical proactive s
Defensive coding practices is one of the most critical proactive s
 
TECHNIQUES FOR COMPONENT REUSABLE APPROACH
TECHNIQUES FOR COMPONENT REUSABLE APPROACHTECHNIQUES FOR COMPONENT REUSABLE APPROACH
TECHNIQUES FOR COMPONENT REUSABLE APPROACH
 
APPLICATION SPECIFIC USAGE CONTROL IMPLEMENTATION VERIFICATION
APPLICATION SPECIFIC USAGE CONTROL IMPLEMENTATION VERIFICATIONAPPLICATION SPECIFIC USAGE CONTROL IMPLEMENTATION VERIFICATION
APPLICATION SPECIFIC USAGE CONTROL IMPLEMENTATION VERIFICATION
 
IRJET- Enabling Identity-Based Integrity Auditing and Data Sharing with Sensi...
IRJET- Enabling Identity-Based Integrity Auditing and Data Sharing with Sensi...IRJET- Enabling Identity-Based Integrity Auditing and Data Sharing with Sensi...
IRJET- Enabling Identity-Based Integrity Auditing and Data Sharing with Sensi...
 
A review of slicing techniques in software engineering
A review of slicing techniques in software engineeringA review of slicing techniques in software engineering
A review of slicing techniques in software engineering
 
Asp net whitepaper
Asp net whitepaperAsp net whitepaper
Asp net whitepaper
 

Recently uploaded

Tutorial for 16S rRNA Gene Analysis with QIIME2.pdf
Tutorial for 16S rRNA Gene Analysis with QIIME2.pdfTutorial for 16S rRNA Gene Analysis with QIIME2.pdf
Tutorial for 16S rRNA Gene Analysis with QIIME2.pdf
aqil azizi
 
[JPP-1] - (JEE 3.0) - Kinematics 1D - 14th May..pdf
[JPP-1] - (JEE 3.0) - Kinematics 1D - 14th May..pdf[JPP-1] - (JEE 3.0) - Kinematics 1D - 14th May..pdf
[JPP-1] - (JEE 3.0) - Kinematics 1D - 14th May..pdf
awadeshbabu
 
6th International Conference on Machine Learning & Applications (CMLA 2024)
6th International Conference on Machine Learning & Applications (CMLA 2024)6th International Conference on Machine Learning & Applications (CMLA 2024)
6th International Conference on Machine Learning & Applications (CMLA 2024)
ClaraZara1
 
Heap Sort (SS).ppt FOR ENGINEERING GRADUATES, BCA, MCA, MTECH, BSC STUDENTS
Heap Sort (SS).ppt FOR ENGINEERING GRADUATES, BCA, MCA, MTECH, BSC STUDENTSHeap Sort (SS).ppt FOR ENGINEERING GRADUATES, BCA, MCA, MTECH, BSC STUDENTS
Heap Sort (SS).ppt FOR ENGINEERING GRADUATES, BCA, MCA, MTECH, BSC STUDENTS
Soumen Santra
 
Harnessing WebAssembly for Real-time Stateless Streaming Pipelines
Harnessing WebAssembly for Real-time Stateless Streaming PipelinesHarnessing WebAssembly for Real-time Stateless Streaming Pipelines
Harnessing WebAssembly for Real-time Stateless Streaming Pipelines
Christina Lin
 
Nuclear Power Economics and Structuring 2024
Nuclear Power Economics and Structuring 2024Nuclear Power Economics and Structuring 2024
Nuclear Power Economics and Structuring 2024
Massimo Talia
 
Understanding Inductive Bias in Machine Learning
Understanding Inductive Bias in Machine LearningUnderstanding Inductive Bias in Machine Learning
Understanding Inductive Bias in Machine Learning
SUTEJAS
 
Building Electrical System Design & Installation
Building Electrical System Design & InstallationBuilding Electrical System Design & Installation
Building Electrical System Design & Installation
symbo111
 
Fundamentals of Induction Motor Drives.pptx
Fundamentals of Induction Motor Drives.pptxFundamentals of Induction Motor Drives.pptx
Fundamentals of Induction Motor Drives.pptx
manasideore6
 
Recycled Concrete Aggregate in Construction Part III
Recycled Concrete Aggregate in Construction Part IIIRecycled Concrete Aggregate in Construction Part III
Recycled Concrete Aggregate in Construction Part III
Aditya Rajan Patra
 
Hierarchical Digital Twin of a Naval Power System
Hierarchical Digital Twin of a Naval Power SystemHierarchical Digital Twin of a Naval Power System
Hierarchical Digital Twin of a Naval Power System
Kerry Sado
 
NO1 Uk best vashikaran specialist in delhi vashikaran baba near me online vas...
NO1 Uk best vashikaran specialist in delhi vashikaran baba near me online vas...NO1 Uk best vashikaran specialist in delhi vashikaran baba near me online vas...
NO1 Uk best vashikaran specialist in delhi vashikaran baba near me online vas...
Amil Baba Dawood bangali
 
ACEP Magazine edition 4th launched on 05.06.2024
ACEP Magazine edition 4th launched on 05.06.2024ACEP Magazine edition 4th launched on 05.06.2024
ACEP Magazine edition 4th launched on 05.06.2024
Rahul
 
哪里办理(csu毕业证书)查尔斯特大学毕业证硕士学历原版一模一样
哪里办理(csu毕业证书)查尔斯特大学毕业证硕士学历原版一模一样哪里办理(csu毕业证书)查尔斯特大学毕业证硕士学历原版一模一样
哪里办理(csu毕业证书)查尔斯特大学毕业证硕士学历原版一模一样
insn4465
 
Modelagem de um CSTR com reação endotermica.pdf
Modelagem de um CSTR com reação endotermica.pdfModelagem de um CSTR com reação endotermica.pdf
Modelagem de um CSTR com reação endotermica.pdf
camseq
 
一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理
一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理
一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理
bakpo1
 
Design and Analysis of Algorithms-DP,Backtracking,Graphs,B&B
Design and Analysis of Algorithms-DP,Backtracking,Graphs,B&BDesign and Analysis of Algorithms-DP,Backtracking,Graphs,B&B
Design and Analysis of Algorithms-DP,Backtracking,Graphs,B&B
Sreedhar Chowdam
 
basic-wireline-operations-course-mahmoud-f-radwan.pdf
basic-wireline-operations-course-mahmoud-f-radwan.pdfbasic-wireline-operations-course-mahmoud-f-radwan.pdf
basic-wireline-operations-course-mahmoud-f-radwan.pdf
NidhalKahouli2
 
14 Template Contractual Notice - EOT Application
14 Template Contractual Notice - EOT Application14 Template Contractual Notice - EOT Application
14 Template Contractual Notice - EOT Application
SyedAbiiAzazi1
 
NUMERICAL SIMULATIONS OF HEAT AND MASS TRANSFER IN CONDENSING HEAT EXCHANGERS...
NUMERICAL SIMULATIONS OF HEAT AND MASS TRANSFER IN CONDENSING HEAT EXCHANGERS...NUMERICAL SIMULATIONS OF HEAT AND MASS TRANSFER IN CONDENSING HEAT EXCHANGERS...
NUMERICAL SIMULATIONS OF HEAT AND MASS TRANSFER IN CONDENSING HEAT EXCHANGERS...
ssuser7dcef0
 

Recently uploaded (20)

Tutorial for 16S rRNA Gene Analysis with QIIME2.pdf
Tutorial for 16S rRNA Gene Analysis with QIIME2.pdfTutorial for 16S rRNA Gene Analysis with QIIME2.pdf
Tutorial for 16S rRNA Gene Analysis with QIIME2.pdf
 
[JPP-1] - (JEE 3.0) - Kinematics 1D - 14th May..pdf
[JPP-1] - (JEE 3.0) - Kinematics 1D - 14th May..pdf[JPP-1] - (JEE 3.0) - Kinematics 1D - 14th May..pdf
[JPP-1] - (JEE 3.0) - Kinematics 1D - 14th May..pdf
 
6th International Conference on Machine Learning & Applications (CMLA 2024)
6th International Conference on Machine Learning & Applications (CMLA 2024)6th International Conference on Machine Learning & Applications (CMLA 2024)
6th International Conference on Machine Learning & Applications (CMLA 2024)
 
Heap Sort (SS).ppt FOR ENGINEERING GRADUATES, BCA, MCA, MTECH, BSC STUDENTS
Heap Sort (SS).ppt FOR ENGINEERING GRADUATES, BCA, MCA, MTECH, BSC STUDENTSHeap Sort (SS).ppt FOR ENGINEERING GRADUATES, BCA, MCA, MTECH, BSC STUDENTS
Heap Sort (SS).ppt FOR ENGINEERING GRADUATES, BCA, MCA, MTECH, BSC STUDENTS
 
Harnessing WebAssembly for Real-time Stateless Streaming Pipelines
Harnessing WebAssembly for Real-time Stateless Streaming PipelinesHarnessing WebAssembly for Real-time Stateless Streaming Pipelines
Harnessing WebAssembly for Real-time Stateless Streaming Pipelines
 
Nuclear Power Economics and Structuring 2024
Nuclear Power Economics and Structuring 2024Nuclear Power Economics and Structuring 2024
Nuclear Power Economics and Structuring 2024
 
Understanding Inductive Bias in Machine Learning
Understanding Inductive Bias in Machine LearningUnderstanding Inductive Bias in Machine Learning
Understanding Inductive Bias in Machine Learning
 
Building Electrical System Design & Installation
Building Electrical System Design & InstallationBuilding Electrical System Design & Installation
Building Electrical System Design & Installation
 
Fundamentals of Induction Motor Drives.pptx
Fundamentals of Induction Motor Drives.pptxFundamentals of Induction Motor Drives.pptx
Fundamentals of Induction Motor Drives.pptx
 
Recycled Concrete Aggregate in Construction Part III
Recycled Concrete Aggregate in Construction Part IIIRecycled Concrete Aggregate in Construction Part III
Recycled Concrete Aggregate in Construction Part III
 
Hierarchical Digital Twin of a Naval Power System
Hierarchical Digital Twin of a Naval Power SystemHierarchical Digital Twin of a Naval Power System
Hierarchical Digital Twin of a Naval Power System
 
NO1 Uk best vashikaran specialist in delhi vashikaran baba near me online vas...
NO1 Uk best vashikaran specialist in delhi vashikaran baba near me online vas...NO1 Uk best vashikaran specialist in delhi vashikaran baba near me online vas...
NO1 Uk best vashikaran specialist in delhi vashikaran baba near me online vas...
 
ACEP Magazine edition 4th launched on 05.06.2024
ACEP Magazine edition 4th launched on 05.06.2024ACEP Magazine edition 4th launched on 05.06.2024
ACEP Magazine edition 4th launched on 05.06.2024
 
哪里办理(csu毕业证书)查尔斯特大学毕业证硕士学历原版一模一样
哪里办理(csu毕业证书)查尔斯特大学毕业证硕士学历原版一模一样哪里办理(csu毕业证书)查尔斯特大学毕业证硕士学历原版一模一样
哪里办理(csu毕业证书)查尔斯特大学毕业证硕士学历原版一模一样
 
Modelagem de um CSTR com reação endotermica.pdf
Modelagem de um CSTR com reação endotermica.pdfModelagem de um CSTR com reação endotermica.pdf
Modelagem de um CSTR com reação endotermica.pdf
 
一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理
一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理
一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理
 
Design and Analysis of Algorithms-DP,Backtracking,Graphs,B&B
Design and Analysis of Algorithms-DP,Backtracking,Graphs,B&BDesign and Analysis of Algorithms-DP,Backtracking,Graphs,B&B
Design and Analysis of Algorithms-DP,Backtracking,Graphs,B&B
 
basic-wireline-operations-course-mahmoud-f-radwan.pdf
basic-wireline-operations-course-mahmoud-f-radwan.pdfbasic-wireline-operations-course-mahmoud-f-radwan.pdf
basic-wireline-operations-course-mahmoud-f-radwan.pdf
 
14 Template Contractual Notice - EOT Application
14 Template Contractual Notice - EOT Application14 Template Contractual Notice - EOT Application
14 Template Contractual Notice - EOT Application
 
NUMERICAL SIMULATIONS OF HEAT AND MASS TRANSFER IN CONDENSING HEAT EXCHANGERS...
NUMERICAL SIMULATIONS OF HEAT AND MASS TRANSFER IN CONDENSING HEAT EXCHANGERS...NUMERICAL SIMULATIONS OF HEAT AND MASS TRANSFER IN CONDENSING HEAT EXCHANGERS...
NUMERICAL SIMULATIONS OF HEAT AND MASS TRANSFER IN CONDENSING HEAT EXCHANGERS...
 

Application security models

  • 1.
  • 2. Introduction  We examine five different application security models that are commonly used by the industry to provide data security and access protection at the table level.  Database role based.  Application role based.  Application function based.  Application role and function based.  Application table based.
  • 3. Security Model Based on Database Roles  This model depend on the application to authentication the application users by maintain all end users in a table with their encryption password.  In this model, each end user is assigned a database role, which has specific database privilege for accessing application table.  The user can access whatever privileges are assigned to the role
  • 4. Security Model Based on Database Roles  This model, proxy user is needed to activate assigned roles.  All roles are assigned to the proxy user.
  • 5. Security Model Based on Database Roles
  • 6. Security Model Based on Database Roles  APPLICATION_USERS:  This is used to store and maintain all end users of the application with their encrypted passwords.  APLLICATION_USERS_ROLES:  Contains all roles defined by application and for each role that privilege is assigned; privilege can be read, write, read/write.
  • 7. Security Model Based on Database Roles  The architectural view of the model has common control columns prefixed with CTL.  These control columns contains information about manipulate record.
  • 8. Security Model Based on Database Roles  CTL_INS_DTTM contains the date and time when the record was created.  CTL_UPD_DTTM contains the date and time when the record was last updated.  CTL_UPD_USER contains the date name that created the record or last updated the record.  CTL_REC_STAT can be used to indicate the status of the record. We can use this column for any purpose, we may set this column to “A” as an indicator that the record active and I as inactive
  • 9. Security Model Based on Database Roles
  • 10. Security Model Based on Database Roles  Implementing in Oracle  create a proxy user called APP_PROXY that will be assigned to all application role and will work on behalf of the application user APP_USER to gain access to all tables owned by the application owner called APP_OWNER.
  • 11. Security Model Based on Database Roles
  • 12. Security Model Based on Database Roles
  • 13. Security Model Based on Database Roles
  • 14. Security Model Based on Database Roles
  • 15. Security Model Based on Application Roles  The concept of an application role security model are similar to the concept of database role security model in that they are both methods for organizing and administrating privileges.  Application roles are typically mapped specifically to real business roles
  • 16. Security Model Based on Application Roles
  • 17. Security Model Based on Application Roles  APPLICATION_USERS:  This is used to store and maintain all end users of the application with their encrypted passwords.  APPLICATION_ROLES  All roles defined by the application and for each role a privilege are assigned. The privilege can be read, write, or read/write
  • 18. Security Model Based on Application Roles  The security model that is based on application roles depends on the application to authenticate the application users.  Authentication is accomplished by maintaining all end users in a table with their encrypted password.
  • 19. Security Model Based on Application Roles  In this model, each end user is assigned an application role, and the application role is provided with application privileges to read/write specific modules of the application.
  • 20. Security Model Based on Application Roles
  • 21. Security Model Based on Application Roles  The point need to be considered during security Model  This model does not allow the flexibility required to make changes necessary for security.  For example a user called Scott who has a clerk role, and the clerk has privileges to read, add, and modify. This means that Scott can perform these operations on all modules of the application.
  • 22. Security Model Based on Application Roles  Privileges are limited to any combination of the following.  read  add  delete  update  admin
  • 23. Security Model Based on Application Roles  This model isolates the application security from the database, which make implementation of database independent.  Only one role is assigned to an application user.  Maintenance of the application security does not require specific database privilege. This lowers the risk of database violation.
  • 24. Security Model Based on Application Roles  Passwords must be securely encrypted. preferably using private and public keys
  • 25. Security Model based on Application Functions  The security model that is based on application function depends on the application to authenticate the application user by maintaining all end user in a table with their encrypted password.
  • 26. Security Model based on Application Functions  In this model the application is divided into functions.  For instance, if you were using an inventory application we need to have a function name CUSTOMER that maintain customers and another function name PRODUCTS for maintain products, and so on
  • 27. Security Model based on Application Functions
  • 28. Security Model based on Application Functions  Tables used in this security model  APPLICATION_USERS:  This is used to store and maintain all end users of the application with their encrypted passwords  Application Functions:  This table contains all logical functions of the application
  • 29. Security Model based on Application Functions  Tables used in this security model  Application_Functions_Privileges  This table stores all privileges for functions such as : read, write, read/write  Application_Users_Functions  This table contains all end users and their application function privileges.
  • 30. Security Model based on Application Functions  The following list presents characteristics of this security model:  In this model the application security from the database, this makes implementation independent.  Maintenance of the application security does not require specific database privileges which lower the risk of database violations.
  • 31. Security Model based on Application Functions  Password must be securely encrypted, preferably using private and public key. In this case we must modify the structure of the APPLICATION_USERS table by adding columns to store public and private keys.  The application must be designed in a granular fashion.  The more granular the privileges, the more effort are needed to implement them
  • 32. Security Model based on Application Roles and Functions  This security model is a combination of both the role and function security models.  The application roles and functions security model depends on the application to authenticate the application users.
  • 33. Security Model based on Application Roles and Functions  The application authenticates users by maintaining all end users in a table with their encrypted passwords.  In this model the application is divided into function and roles are assigned to function that are in turn assigned to users.
  • 34. Security Model based on Application Roles and Functions
  • 35. Security Model based on Application Roles and Functions  APPLICATION_USERS:  This is used to store and maintain all end users of the application with their encrypted passwords  APPLICATION_FUNCTIONS:  This table contains all logical functions of the application
  • 36. Security Model based on Application Roles and Functions  APPLICATION_USER_ROLES  Contains all roles assigned to users  APPLICATION_ROLES  Contains all roles defined by the application and for each role assigned
  • 37. Security Model based on Application Roles and Functions  APPLICATION_ROLE_FUNCTIONS  Contains all functions and privileges that are assigned to each role.  APPLICATION_FUNCTION_PRIVILEGES  Stores all privileges for function : read, write, read/write
  • 38. Security Model based on Application Roles and Functions
  • 39. Security Model based on Application Roles and Functions  The following list present characteristics of this security model:  This model provides flexibility for implementing application security.  This model isolates the application security from the database, which make implementation database independent
  • 40. Security Model based on Application Roles and Functions  Maintenance of the application security does not require specific database privileges, which lower the risk of database violations.  Password must be securely encrypted, preferably using private and public keys. In this case the structure of the APPLICATION_USER table by adding columns to store public and private key
  • 41. Security Model based on Application Roles and Functions  The application must use a real database user to log on and connect to the application database.  The user name and password must be encrypted and stored in a configuration file.
  • 42. Security Model based on Application Roles and Functions  The application must be designed in a very granular fashion, which means that the function or modules of the application perform specific task and do not encompass a wide variety of tasks that are cross- functional.
  • 43. Security Model based on Application Roles and Functions  The more granular the privileges, the more effort needed to implement them.
  • 44. Security model based on Application Table  This application security model depends on the application to authenticate users by maintaining all end users in a table with their encrypted passwords.  The application provides privileges to the user based on tables, not on a role or a function.
  • 45. Security model based on Application Table
  • 46. Security model based on Application Table  APPLICATION_USERS:  This is used to store and maintain all end users of the application with their encrypted passwords.  APPLICATION_USER_TABLES  Contains all tables assigned to users.
  • 47. Security model based on Application Table  APPLICATION_TABLES  Contains all tables owned by application.  APPLICATION_TABLE_PRIVILEGES  0- no access  1- read  2-read and add  3-read, add and modify  4- read, add, modify and delete  5- read, add, modify ,delete and admin
  • 48. Security model based on Application Table  An application user many be granted a read privilege on an application bye adding an entry in APPLICATION_USER_TABLES.
  • 49. Security model based on Application Table
  • 50. Security model based on Application Table  The following list present characteristics of this security model:  This model isolates the application security from the database, which make implementation database independent.  Maintenance of the application security does not require specific database privileges, which lowers the risk of database violations.
  • 51. Security model based on Application Table  Password must be securely encrypted, preferably using private and public keys.  The application must use a real database user to log on and connect to the application database.  Security is implemented easily by using table access privileges that are assigned to each end user.
  • 54. 54 Data Encryption  Passwords should be kept confidential and preferably encrypted  Passwords should be compared encrypted:  Never decrypt the data  Hash the passwords and compare the hashes