Uploaded byshanthishyam
PPTX, PDF190 views

Database concepts

This document discusses database concepts and security models. It covers relational database concepts like tables, relations, attributes, tuples, primary keys and foreign keys. It then discusses security requirements for databases like physical integrity, logical integrity, element integrity, auditability, access control and availability. It describes the SQL security model of users, actions, objects, privileges and views. It also covers weaknesses of the discretionary access control model and alternatives like mandatory access controls.

Embed presentation

Download to read offline
Mrs.R.Shanthi Prabha M.Sc., M.Phil., Assistant Professor, DEPARTMENT OF CS
Contents  Database concepts  Security requirements  SQL security model  Data sensitivity  Security vs. Precision  Inference & aggregation problem  Multilevel databases  Future direction
Database Concepts  Database  a collection of data & set of rules that organize the data  user works with a logical representation of the data  Relational database  in the relational model, data is organized as a collection of RELATIONS or tables  relations is a set of ATTRIBUTES or columns  each row (or record) of a relation is called a TUPLE  Database management system (DBMS)  maintains the DB and controls read write access  Database administrator (DBA)  sets the organization of and access rules to the DB
Database Concepts  Relationships between tables (relations) must be in the form of other relations  base (‘real’) relations: named and autonomous relations, not derived from other relations (have stored data)  views: named derived relations (no stored data)  snapshots: like views are named, derived relations, but they do have stored data  query results: result of a query - may or may not have name, and no persistent existence
Database Concepts  Within every relation, need to uniquely identify every tuple  a primary key of a relation is a unique and minimal identifier for that relation  can be a single attribute - or may be a choice of attributes to use  when primary key of one relation used as attribute in another relation it is a foreign key in that relation
Database Concepts  Structured Query Language (SQL)  to manipulate relations and data in a relational database  Types of SQL Commands  Data Dictionary Language (DDL)  define, maintain, drop schema objects  Data Manipulation Language (DML)  SELECT, INSERT, UPDATE  Data Control Language (DCL):  control security (GRANT,REVOKE) and concurrent access (COMMIT , ROLLBACK)
Security Requirements  Physical database integrity  Logical database integrity  Element integrity  Auditability  Access control  User authentication  Availability
Security Requirements  Physical database integrity  immunity to physical catastrophe, such as power failures, media failure  physical securing hardware, UPS  regular backups  Logical database integrity  reconstruction Ability  maintain a log of transactions  replay log to restore the systems to a stable point
Security Requirements  Element integrity  integrity of specific database elements is their correctness or accuracy  field checks – allow only acceptable values  access controls – allow only authorized users to update elements  change log – used to undo changes made in error  referential Integrity (key integrity concerns)  two phase locking process  Auditability  log read/write to database
Security Requirements  Access Control (similar to OS)  logical separation by user access privileges  more complicated than OS due to complexity of DB (granularity/inference/aggregation)  User Authentication  may be separate from OS  can be rigorous  Availability  concurrent users  granularity of locking  reliability
SQL Security Model  SQL security model implements DAC based on  users: users of database - user identity checked during login process;  actions: including SELECT, UPDATE, DELETE and INSERT;  objects: tables (base relations), views, and columns (attributes) of tables and views  Users can protect objects they own  when object created, a user is designated as ‘owner’ of object  owner may grant access to others  users other than owner have to be granted privileges to access object
SQL Security Model  Components of privilege are  grantor, grantee, object, action, grantable  privileges managed using GRANT and REVOKE operations  the right to grant privileges can be granted  Issues with privilege management  each grant of privileges is to an individual or to “Public”  makes security administration in large organizations difficult  individual with multiple roles may have too many privileges for one of the roles  SQL3 is moving more to role based privileges
SQL Security Model  Authentication & identification mechanisms  CONNECT <user> USING<password>  DBMS may chose OS authentication  or its own authentication mechanism  Kerberose  PAM
SQL Security Model  Access control through views  many security policies better expressed by granting privileges to views derived from base relations  example CREATE VIEW AVSAL(DEPT, AVG) AS SELECT DEPT, AVG(SALARY) FROM EMP GROUP BY DEPT  access can be granted to this view for every dept mgr  example CREATE VIEW MYACCOUNT AS SELECT * FROM Account WHERE Customer = current_user()  view containing account info for current user
SQL Security Model  Advantages of views  views are flexible, and allow access control to be defined at a description level appropriate to application  views can enforce context and data-dependent policies  data can easily be reclassified
SQL Security Model  Disadvantages of views  access checking may become complex  views need to be checked for correctness (do they properly capture policy?)  completeness and consistency not achieved automatically - views may overlap or miss parts of database  security-relevant part of DBMS may become very large
SQL Security Model  Inherent weakness of DAC  DAC allows subject to be written to any other object which can be written by that subject  trojan horses to copy information from one object to another
SQL Security Model  Mandatory access controls (MAC)  no read up, no write down  traditional MAC implementations in RDBMS have focused solely on MLS  there have been three commercial MLS RDBMS offerings  trusted Oracle ,Informix OnLine/Secure, Sybase Secure SQL Server

More Related Content

PPT
Sql ppt
byAnuja Lad
 
PPTX
Database Languages.pptx
byMuhammadFarhan858304
 
PPTX
introduction to NOSQL Database
bynehabsairam
 
PDF
Introduction to Data Science
byEdureka!
 
PPTX
Basic Concept of Database
byMarlon Jamera
 
PDF
Sql commands
byProf. Dr. K. Adisesha
 
PPT
6. Integrity and Security in DBMS
bykoolkampus
 
PPTX
SQL for interview
byAditya Kumar Tripathy
 
Sql ppt
byAnuja Lad
 
Database Languages.pptx
byMuhammadFarhan858304
 
introduction to NOSQL Database
bynehabsairam
 
Introduction to Data Science
byEdureka!
 
Basic Concept of Database
byMarlon Jamera
 
Sql commands
byProf. Dr. K. Adisesha
 
6. Integrity and Security in DBMS
bykoolkampus
 
SQL for interview
byAditya Kumar Tripathy
 

What's hot

PPT
Data models
byUsman Tariq
 
PPTX
Text Analysis with Machine Learning
byTuri, Inc.
 
PPT
Database Chapter 1
byshahadat hossain
 
PPTX
Exploratory Data Analysis
byUmair Shafique
 
PDF
Active Governance Across the Delta Lake with Alation
byDatabricks
 
PPTX
Relational model
byDabbal Singh Mahara
 
PPTX
Database
byBhandari Nawaraj
 
PPTX
SQL - Structured query language introduction
bySmriti Jain
 
PDF
Data mining
byKinza Razzaq
 
PPT
Lecture 01 introduction to database
byemailharmeet
 
PPTX
1.4 data independence
byBHARATH KUMAR
 
PPTX
Relational algebra ppt
byGirdharRatne
 
PPT
Files Vs DataBase
byDr. C.V. Suresh Babu
 
PPTX
Data Cleaning Techniques
byAmir Masoud Sefidian
 
PDF
Introduction to Database Management System
byAmiya9439793168
 
PPTX
DATA VISUALIZATION.pptx
byPraneethBhai1
 
PPT
Python List.ppt
byT PRIYA
 
PPTX
SQL Commands
bySachidananda M H
 
PPTX
Data science applications and usecases
bySreenatha Reddy K R
 
PPT
Semi-supervised Learning
bybutest
 
Data models
byUsman Tariq
 
Text Analysis with Machine Learning
byTuri, Inc.
 
Database Chapter 1
byshahadat hossain
 
Exploratory Data Analysis
byUmair Shafique
 
Active Governance Across the Delta Lake with Alation
byDatabricks
 
Relational model
byDabbal Singh Mahara
 
Database
byBhandari Nawaraj
 
SQL - Structured query language introduction
bySmriti Jain
 
Data mining
byKinza Razzaq
 
Lecture 01 introduction to database
byemailharmeet
 
1.4 data independence
byBHARATH KUMAR
 
Relational algebra ppt
byGirdharRatne
 
Files Vs DataBase
byDr. C.V. Suresh Babu
 
Data Cleaning Techniques
byAmir Masoud Sefidian
 
Introduction to Database Management System
byAmiya9439793168
 
DATA VISUALIZATION.pptx
byPraneethBhai1
 
Python List.ppt
byT PRIYA
 
SQL Commands
bySachidananda M H
 
Data science applications and usecases
bySreenatha Reddy K R
 
Semi-supervised Learning
bybutest
 

Similar to Database concepts

PPTX
Database security and security in networks
byPrachi Gulihar
 
PPTX
Database modeling and security
byNeeharika Nidadavolu
 
PPTX
Database Security Methods, DAC, MAC,View
byDr-Dipali Meher
 
PPT
Lecture 7 Database security managent such as backup, replication.ppt
byAnnKingori
 
PDF
UNIT 3- DATABASE INTEGRITY AND SECURITY CONCEPTS (1).pdf
byKavitaShinde26
 
PPTX
security and privacy in dbms and in sql database
bygourav kottawar
 
PPT
Security and Authorization introductory notes.ppt
bySubburamSivakumar1
 
PDF
Chapter 6 Database Security and Authorization (4).pdf
byabrehamcheru14
 
PDF
computer security .pdf
byFarazTariq18
 
PPTX
Database Security and Management Systems
byIsmaelKakaRealsoft
 
PPT
UNIT-1-Security.ppt
byDharaDarji5
 
PPTX
CH05-CompSec4e.pptx
byIkmal71
 
PPTX
Presentation on Database Security in DBMS
byGaurav977214
 
PPT
Data base security
bySara Nazir
 
PPTX
Database security
bySoftware Engineering
 
PDF
Data base Access Control a look at Fine grain Access method
byInternational Journal of Engineering Inventions www.ijeijournal.com
 
PPTX
Security of the database
byPratik Tamgadge
 
PPTX
Database Management System Security.pptx
byRoshni814224
 
PPTX
unit 5 in the database for master of Engineering
bypoonkodiraja2806
 
PPT
8034.ppt
byssuser77162c
 
Database security and security in networks
byPrachi Gulihar
 
Database modeling and security
byNeeharika Nidadavolu
 
Database Security Methods, DAC, MAC,View
byDr-Dipali Meher
 
Lecture 7 Database security managent such as backup, replication.ppt
byAnnKingori
 
UNIT 3- DATABASE INTEGRITY AND SECURITY CONCEPTS (1).pdf
byKavitaShinde26
 
security and privacy in dbms and in sql database
bygourav kottawar
 
Security and Authorization introductory notes.ppt
bySubburamSivakumar1
 
Chapter 6 Database Security and Authorization (4).pdf
byabrehamcheru14
 
computer security .pdf
byFarazTariq18
 
Database Security and Management Systems
byIsmaelKakaRealsoft
 
UNIT-1-Security.ppt
byDharaDarji5
 
CH05-CompSec4e.pptx
byIkmal71
 
Presentation on Database Security in DBMS
byGaurav977214
 
Data base security
bySara Nazir
 
Database security
bySoftware Engineering
 
Data base Access Control a look at Fine grain Access method
byInternational Journal of Engineering Inventions www.ijeijournal.com
 
Security of the database
byPratik Tamgadge
 
Database Management System Security.pptx
byRoshni814224
 
unit 5 in the database for master of Engineering
bypoonkodiraja2806
 
8034.ppt
byssuser77162c
 

More from shanthishyam

PDF
Aptitude question tricks_Shanthi prabha R.pdf
byshanthishyam
 
PPTX
Android Application Development PPT.pptx
byshanthishyam
 
PPT
C&NS_FIREWALLS.ppt
byshanthishyam
 
PPT
Cryptography and Network Security_Chapter 1.ppt
byshanthishyam
 
PPT
TOKEN BUS & TOKEN RING.ppt
byshanthishyam
 
PPT
SINGLE SOURCE SHORTEST PATH.ppt
byshanthishyam
 
PPT
FDS- Basic Concepts.ppt
byshanthishyam
 
PPTX
Three dimensional geometric transformations
byshanthishyam
 
PPTX
OSI reference model
byshanthishyam
 
PPTX
Curve modeling
byshanthishyam
 
PPTX
Cryptography and network security
byshanthishyam
 
PPTX
Computer networks
byshanthishyam
 
Aptitude question tricks_Shanthi prabha R.pdf
byshanthishyam
 
Android Application Development PPT.pptx
byshanthishyam
 
C&NS_FIREWALLS.ppt
byshanthishyam
 
Cryptography and Network Security_Chapter 1.ppt
byshanthishyam
 
TOKEN BUS & TOKEN RING.ppt
byshanthishyam
 
SINGLE SOURCE SHORTEST PATH.ppt
byshanthishyam
 
FDS- Basic Concepts.ppt
byshanthishyam
 
Three dimensional geometric transformations
byshanthishyam
 
OSI reference model
byshanthishyam
 
Curve modeling
byshanthishyam
 
Cryptography and network security
byshanthishyam
 
Computer networks
byshanthishyam
 

Recently uploaded

PDF
how to write your (written) research instruments
byThelma Villaflores
 
PPTX
SIZE REDUCTION Prepared By: Ms. Vaishnavi Ghormade
byvaishnavighormade199
 
PPTX
How to use sorted() method in Odoo 18
byCeline George
 
PPTX
Structure Editorial Grade 8 Lesson (Opinion Editorial)
byJessaMaeCabangon1
 
PDF
Application of ICT Lecture 2 Basic ICT Productivity Tools.pdf
byKhalil Khan Marwat
 
PPTX
LEARNING PART 2.SHILPA HOTAKAR PSYCHOLOGY NOTES pptx
bySHILPA HOTAKAR
 
PDF
Application of Information and Communication Technology Content.pdf
byKhalil Khan Marwat
 
PPTX
What is Epiphany? A Visual introduction to this amazing liturgical season
bySteve Thomason
 
PPTX
LEARNING PART 1. SHILPA HOTAKAR PSYCHOLOGY NOTES pptx
bySHILPA HOTAKAR
 
PPTX
Inter School Quiz Competition Final.pptx
bySourav Kr Podder
 
PPTX
Prepositions of Place : English Grammar Presentation
byPintoo Dhillon
 
PPTX
How to Manage Credit Limits in Odoo 18 Accounting
byCeline George
 
PPTX
English 8 Q3 Wk8.pptx opinion editorial article( Writing , Revising, Editing...
byjacquelyncastre03
 
PPTX
GRADE-1-Q3-MATH-WEEK-6.pptx_202633333333
byKennethGraceAngeles1
 
PPTX
How to Create a Search Panel in Odoo 18
byCeline George
 
PDF
Application of ICT Lecture 6 Digital Citizenship and Online Etiquette.pdf
byKhalil Khan Marwat
 
PDF
30 Ways Teachers Use AI in 2026 – Practical Classroom Workflows with Monsha f...
byMonsha.AI
 
PPTX
No Storage Needed! Odoo Cross-Docking
byCeline George
 
PPTX
Auto Plan Feature in Odoo 18 Planning Module
byCeline George
 
PDF
Profiling, Placement, Pathways, and Pedagogies.pdf
byRHEAMARIMLA2
 
how to write your (written) research instruments
byThelma Villaflores
 
SIZE REDUCTION Prepared By: Ms. Vaishnavi Ghormade
byvaishnavighormade199
 
How to use sorted() method in Odoo 18
byCeline George
 
Structure Editorial Grade 8 Lesson (Opinion Editorial)
byJessaMaeCabangon1
 
Application of ICT Lecture 2 Basic ICT Productivity Tools.pdf
byKhalil Khan Marwat
 
LEARNING PART 2.SHILPA HOTAKAR PSYCHOLOGY NOTES pptx
bySHILPA HOTAKAR
 
Application of Information and Communication Technology Content.pdf
byKhalil Khan Marwat
 
What is Epiphany? A Visual introduction to this amazing liturgical season
bySteve Thomason
 
LEARNING PART 1. SHILPA HOTAKAR PSYCHOLOGY NOTES pptx
bySHILPA HOTAKAR
 
Inter School Quiz Competition Final.pptx
bySourav Kr Podder
 
Prepositions of Place : English Grammar Presentation
byPintoo Dhillon
 
How to Manage Credit Limits in Odoo 18 Accounting
byCeline George
 
English 8 Q3 Wk8.pptx opinion editorial article( Writing , Revising, Editing...
byjacquelyncastre03
 
GRADE-1-Q3-MATH-WEEK-6.pptx_202633333333
byKennethGraceAngeles1
 
How to Create a Search Panel in Odoo 18
byCeline George
 
Application of ICT Lecture 6 Digital Citizenship and Online Etiquette.pdf
byKhalil Khan Marwat
 
30 Ways Teachers Use AI in 2026 – Practical Classroom Workflows with Monsha f...
byMonsha.AI
 
No Storage Needed! Odoo Cross-Docking
byCeline George
 
Auto Plan Feature in Odoo 18 Planning Module
byCeline George
 
Profiling, Placement, Pathways, and Pedagogies.pdf
byRHEAMARIMLA2
 

Database concepts

  • 1.
    Mrs.R.Shanthi Prabha M.Sc.,M.Phil., Assistant Professor, DEPARTMENT OF CS
  • 2.
    Contents  Database concepts Security requirements  SQL security model  Data sensitivity  Security vs. Precision  Inference & aggregation problem  Multilevel databases  Future direction
  • 3.
    Database Concepts  Database a collection of data & set of rules that organize the data  user works with a logical representation of the data  Relational database  in the relational model, data is organized as a collection of RELATIONS or tables  relations is a set of ATTRIBUTES or columns  each row (or record) of a relation is called a TUPLE  Database management system (DBMS)  maintains the DB and controls read write access  Database administrator (DBA)  sets the organization of and access rules to the DB
  • 4.
    Database Concepts  Relationshipsbetween tables (relations) must be in the form of other relations  base (‘real’) relations: named and autonomous relations, not derived from other relations (have stored data)  views: named derived relations (no stored data)  snapshots: like views are named, derived relations, but they do have stored data  query results: result of a query - may or may not have name, and no persistent existence
  • 5.
    Database Concepts  Withinevery relation, need to uniquely identify every tuple  a primary key of a relation is a unique and minimal identifier for that relation  can be a single attribute - or may be a choice of attributes to use  when primary key of one relation used as attribute in another relation it is a foreign key in that relation
  • 6.
    Database Concepts  StructuredQuery Language (SQL)  to manipulate relations and data in a relational database  Types of SQL Commands  Data Dictionary Language (DDL)  define, maintain, drop schema objects  Data Manipulation Language (DML)  SELECT, INSERT, UPDATE  Data Control Language (DCL):  control security (GRANT,REVOKE) and concurrent access (COMMIT , ROLLBACK)
  • 7.
    Security Requirements  Physicaldatabase integrity  Logical database integrity  Element integrity  Auditability  Access control  User authentication  Availability
  • 8.
    Security Requirements  Physicaldatabase integrity  immunity to physical catastrophe, such as power failures, media failure  physical securing hardware, UPS  regular backups  Logical database integrity  reconstruction Ability  maintain a log of transactions  replay log to restore the systems to a stable point
  • 9.
    Security Requirements  Elementintegrity  integrity of specific database elements is their correctness or accuracy  field checks – allow only acceptable values  access controls – allow only authorized users to update elements  change log – used to undo changes made in error  referential Integrity (key integrity concerns)  two phase locking process  Auditability  log read/write to database
  • 10.
    Security Requirements  AccessControl (similar to OS)  logical separation by user access privileges  more complicated than OS due to complexity of DB (granularity/inference/aggregation)  User Authentication  may be separate from OS  can be rigorous  Availability  concurrent users  granularity of locking  reliability
  • 11.
    SQL Security Model SQL security model implements DAC based on  users: users of database - user identity checked during login process;  actions: including SELECT, UPDATE, DELETE and INSERT;  objects: tables (base relations), views, and columns (attributes) of tables and views  Users can protect objects they own  when object created, a user is designated as ‘owner’ of object  owner may grant access to others  users other than owner have to be granted privileges to access object
  • 12.
    SQL Security Model Components of privilege are  grantor, grantee, object, action, grantable  privileges managed using GRANT and REVOKE operations  the right to grant privileges can be granted  Issues with privilege management  each grant of privileges is to an individual or to “Public”  makes security administration in large organizations difficult  individual with multiple roles may have too many privileges for one of the roles  SQL3 is moving more to role based privileges
  • 13.
    SQL Security Model Authentication & identification mechanisms  CONNECT <user> USING<password>  DBMS may chose OS authentication  or its own authentication mechanism  Kerberose  PAM
  • 14.
    SQL Security Model Access control through views  many security policies better expressed by granting privileges to views derived from base relations  example CREATE VIEW AVSAL(DEPT, AVG) AS SELECT DEPT, AVG(SALARY) FROM EMP GROUP BY DEPT  access can be granted to this view for every dept mgr  example CREATE VIEW MYACCOUNT AS SELECT * FROM Account WHERE Customer = current_user()  view containing account info for current user
  • 15.
    SQL Security Model Advantages of views  views are flexible, and allow access control to be defined at a description level appropriate to application  views can enforce context and data-dependent policies  data can easily be reclassified
  • 16.
    SQL Security Model Disadvantages of views  access checking may become complex  views need to be checked for correctness (do they properly capture policy?)  completeness and consistency not achieved automatically - views may overlap or miss parts of database  security-relevant part of DBMS may become very large
  • 17.
    SQL Security Model Inherent weakness of DAC  DAC allows subject to be written to any other object which can be written by that subject  trojan horses to copy information from one object to another
  • 18.
    SQL Security Model Mandatory access controls (MAC)  no read up, no write down  traditional MAC implementations in RDBMS have focused solely on MLS  there have been three commercial MLS RDBMS offerings  trusted Oracle ,Informix OnLine/Secure, Sybase Secure SQL Server