SlideShare a Scribd company logo

Database security

P
pusp220

The document discusses database security. It introduces the concepts of secrecy, integrity, and availability as the three main security objectives. It describes two main mechanisms for enforcing security: discretionary access control based on user privileges, and mandatory access control based on security classes. Views and roles can help implement access controls. Statistical databases aim to protect individual data while allowing aggregates, but individual information may still be inferable through queries.

1 of 3
Download to read offline
Database Management Systems, 2nd Edition, R. Ramakrishnan and J. Gehrke 1 Security Lecture 21 Database Management Systems, 2nd Edition, R. Ramakrishnan and J. Gehrke 2 Introduction to DB Security Secrecy: Users should not be able to see things they are not supposed to. – E.g., A student can’t see other students’ grades. Integrity: Users should not be able to modify things they are not supposed to. – E.g., Only instructors can assign grades. Availability: Users should be able to see and modify things they are allowed to. Database Management Systems, 2nd Edition, R. Ramakrishnan and J. Gehrke 3 Access Controls A security policy specifies who is authorized to do what. A security mechanism allows us to enforce a chosen security policy. Two main mechanisms at the DBMS level: – Discretionary access control – Mandatory access control Database Management Systems, 2nd Edition, R. Ramakrishnan and J. Gehrke 4 Discretionary Access Control Based on the concept of access rights or privileges for objects (tables and views), and mechanisms for giving users privileges (and revoking privileges). Creator of a table or a view automatically gets all privileges on it. – DMBS keeps track of who subsequently gains and loses privileges, and ensures that only requests from users who have the necessary privileges (at the time the request is issued) are allowed. Database Management Systems, 2nd Edition, R. Ramakrishnan and J. Gehrke 5 GRANT Command The following privileges can be specified: SELECT: Can read all columns (including those added later via ALTER TABLE command). INSERT(col-name): Can insert tuples with non-null or non- default values in this column. INSERT means same right with respect to all columns. DELETE: Can delete tuples. REFERENCES (col-name): Can define foreign keys (in other tables) that refer to this column. If a user has a privilege with the GRANT OPTION, can pass privilege on to other users (with or without passing on the GRANT OPTION). Only owner can execute CREATE, ALTER, and DROP. GRANT privileges ON object TO users [WITH GRANT OPTION] Database Management Systems, 2nd Edition, R. Ramakrishnan and J. Gehrke 6 GRANT and REVOKE of Privileges GRANT INSERT, SELECT ON Sailors TO Horatio – Horatio can query Sailors or insert tuples into it. GRANT DELETE ON Sailors TO Yuppy WITH GRANT OPTION – Yuppy can delete tuples, and also authorize others to do so. GRANT UPDATE (rating) ON Sailors TO Dustin – Dustin can update (only) the rating field of Sailors tuples. GRANT SELECT ON ActiveSailors TO Guppy, Yuppy – This does NOT allow the ‘uppies to query Sailors directly! REVOKE: When a privilege is revoked from X, it is also revoked from all users who got it solely from X.
Database Management Systems, 2nd Edition, R. Ramakrishnan and J. Gehrke 7 GRANT/REVOKE on Views If the creator of a view loses the SELECT privilege on an underlying table, the view is dropped! If the creator of a view loses a privilege held with the grant option on an underlying table, (s)he loses the privilege on the view as well; so do users who were granted that privilege on the view! Database Management Systems, 2nd Edition, R. Ramakrishnan and J. Gehrke 8 Views and Security Views can be used to present necessary information (or a summary), while hiding details in underlying relation(s). – Given ActiveSailors, but not Sailors or Reserves, we can find sailors who have a reservation, but not the bid’s of boats that have been reserved. Creator of view has a privilege on the view if (s)he has the privilege on all underlying tables. Together with GRANT/REVOKE commands, views are a very powerful access control tool. Database Management Systems, 2nd Edition, R. Ramakrishnan and J. Gehrke 9 Role-Based Authorization In SQL-92, privileges are actually assigned to authorization ids, which can denote a single user or a group of users. In SQL:1999 (and in many current systems), privileges are assigned to roles. – Roles can then be granted to users and to other roles. – Reflects how real organizations work. – Illustrates how standards often catch up with “de facto” standards embodied in popular systems. Database Management Systems, 2nd Edition, R. Ramakrishnan and J. Gehrke 10 Security to the Level of a Field! Can create a view that only returns one field of one tuple. (How?) Then grant access to that view accordingly. Allows for arbitrary granularity of control – A bit clumsy to specify. – Can be hidden under a good UI. Database Management Systems, 2nd Edition, R. Ramakrishnan and J. Gehrke 11 Mandatory Access Control Based on system-wide policies that cannot be changed by individual users. – Each DB object is assigned a security class. – Each subject (user or user program) is assigned a clearance for a security class. – Rules based on security classes and clearances govern who can read/write which objects. Most commercial systems do not support mandatory access control. Versions of some DBMSs do support it; used for specialized (e.g., military) applications. Database Management Systems, 2nd Edition, R. Ramakrishnan and J. Gehrke 12 Why Mandatory Control? Discretionary control has some flaws, e.g., the Trojan horse problem: – Dick creates Horsie and gives INSERT privileges to Justin (who doesn’t know about this). – Dick modifes the code of an application program used by Justin to additionally write some secret data to table Horsie. – Now, Justin can see the secret info. The modification of the code is beyond the DBMSs control, but it can try and prevent the use of the database as a channel for secret information.
Database Management Systems, 2nd Edition, R. Ramakrishnan and J. Gehrke 13 Bell-LaPadula Model Objects (e.g., tables, views, tuples) Subjects (e.g., users, user programs) Security classes: – Top secret (TS), secret (S), confidential (C), unclassified (U): TS > S> C > U Each object and subject is assigned a class. – Subject S can read object O only if class(S) >= class(O) (Simple Security Property) – Subject S can write object O only if class(S) <= class(O) (*-Property) Database Management Systems, 2nd Edition, R. Ramakrishnan and J. Gehrke 14 Intuition Idea is to ensure that information can never flow from a higher to a lower security level. E.g., If Dick has security class C, Justin has class S, and the secret table has class S: – Dick’s table, Horsie, has Dick’s clearance, C. – Justin’s application has his clearance, S. – So, the program cannot write into table Horsie. The mandatory access control rules are applied in addition to any discretionary controls that are in effect. Database Management Systems, 2nd Edition, R. Ramakrishnan and J. Gehrke 15 Multilevel Relations Users with S and TS clearance will see both rows; a user with C will only see the 2nd row; a user with U will see no rows. If user with C tries to insert <101,Pasta,Blue,C>: – Allowing insertion violates key constraint – Disallowing insertion tells user that there is another object with key 101 that has a class > C! – Problem resolved by treating class field as part of key. CBrownPinto102 SRedSalsa101 classcolorbnamebid Database Management Systems, 2nd Edition, R. Ramakrishnan and J. Gehrke 16 Statistical DB Security Statistical DB: Contains information about individuals, but allows only aggregate queries (e.g., average age, rather than Joe’s age). New problem: It may be possible to infer some secret information! – E.g., If I know Joe is the oldest sailor, I can ask “How many sailors are older than X?” for different values of X until I get the answer 1; this allows me to infer Joe’s age. Idea: Insist that each query must involve at least N rows, for some N. Will this work? (No!) Database Management Systems, 2nd Edition, R. Ramakrishnan and J. Gehrke 17 Why Minimum N is Not Enough By asking “How many sailors older than X?” until the system rejects the query, can identify a set of N sailors, including Joe, that are older than X; let X=55 at this point. Next, ask “What is the sum of ages of sailors older than X?” Let result be S1. Next, ask “What is sum of ages of sailors other than Joe who are older than X, plus my age?” Let result be S2. S1-S2 is Joe’s age! Database Management Systems, 2nd Edition, R. Ramakrishnan and J. Gehrke 18 Summary Three main security objectives: secrecy, integrity, availability. DB admin is responsible for overall security. – Designs security policy, maintains an audit trail, or history of users’ accesses to DB. Two main approaches to DBMS security: discretionary and mandatory access control. – Discretionary control based on notion of privileges. – Mandatory control based on notion of security classes. Statistical DBs try to protect individual data by supporting only aggregate queries, but often, individual information can be inferred.

Recommended

OER- Unit 3 Authorization-DB security
OER- Unit 3 Authorization-DB securityOER- Unit 3 Authorization-DB security
OER- Unit 3 Authorization-DB security
Girija Muscut
 
Database security copy
Database security copyDatabase security copy
Database security copy
fika sweety
 
security and privacy in dbms and in sql database
security and privacy in dbms and in sql databasesecurity and privacy in dbms and in sql database
security and privacy in dbms and in sql database
gourav kottawar
 
Adaptive filter
Adaptive filterAdaptive filter
Adaptive filter
A. Shamel
 
Security of the database
Security of the databaseSecurity of the database
Security of the database
Pratik Tamgadge
 
Database Security
Database SecurityDatabase Security
Database Security
ShingalaKrupa
 
Database Security
Database SecurityDatabase Security
Database Security
alraee
 
Database Security Methods, DAC, MAC,View
Database Security Methods, DAC, MAC,ViewDatabase Security Methods, DAC, MAC,View
Database Security Methods, DAC, MAC,View
Dr-Dipali Meher
 

Recommended

OER- Unit 3 Authorization-DB security
OER- Unit 3 Authorization-DB securityOER- Unit 3 Authorization-DB security
OER- Unit 3 Authorization-DB security
Girija Muscut
 
Database security copy
Database security copyDatabase security copy
Database security copy
fika sweety
 
security and privacy in dbms and in sql database
security and privacy in dbms and in sql databasesecurity and privacy in dbms and in sql database
security and privacy in dbms and in sql database
gourav kottawar
 
Adaptive filter
Adaptive filterAdaptive filter
Adaptive filter
A. Shamel
 
Security of the database
Security of the databaseSecurity of the database
Security of the database
Pratik Tamgadge
 
Database Security
Database SecurityDatabase Security
Database Security
ShingalaKrupa
 
Database Security
Database SecurityDatabase Security
Database Security
alraee
 
Database Security Methods, DAC, MAC,View
Database Security Methods, DAC, MAC,ViewDatabase Security Methods, DAC, MAC,View
Database Security Methods, DAC, MAC,View
Dr-Dipali Meher
 
Chapter23
Chapter23Chapter23
Chapter23
gourab87
 
Sql grant, revoke, privileges and roles
Sql grant, revoke, privileges and rolesSql grant, revoke, privileges and roles
Sql grant, revoke, privileges and roles
Vivek Singh
 
Database Management System Security.pptx
Database Management System Security.pptxDatabase Management System Security.pptx
Database Management System Security.pptx
Roshni814224
 
MS SQL server audit
MS SQL server auditMS SQL server audit
MS SQL server audit
Portcullis Computer Security
 
UNIT 3- DATABASE INTEGRITY AND SECURITY CONCEPTS (1).pdf
UNIT 3- DATABASE INTEGRITY AND SECURITY CONCEPTS (1).pdfUNIT 3- DATABASE INTEGRITY AND SECURITY CONCEPTS (1).pdf
UNIT 3- DATABASE INTEGRITY AND SECURITY CONCEPTS (1).pdf
KavitaShinde26
 
Week No 13 Access Control Part 1.pptx
Week No 13 Access Control Part 1.pptxWeek No 13 Access Control Part 1.pptx
Week No 13 Access Control Part 1.pptx
XhamiiiCH
 
Data base Access Control a look at Fine grain Access method
Data base Access Control a look at Fine grain Access methodData base Access Control a look at Fine grain Access method
Data base Access Control a look at Fine grain Access method
International Journal of Engineering Inventions www.ijeijournal.com
 
Distributed database security with discretionary access control
Distributed database security with discretionary access controlDistributed database security with discretionary access control
Distributed database security with discretionary access control
Jyotishkar Dey
 
Database modeling and security
Database modeling and securityDatabase modeling and security
Database modeling and security
Neeharika Nidadavolu
 
Access Control Facilities in Oracle Database 11g r2
Access Control Facilities in Oracle Database 11g r2Access Control Facilities in Oracle Database 11g r2
Access Control Facilities in Oracle Database 11g r2
Amin Saqi
 
Sql ch 15 - sql security
Sql ch 15 - sql securitySql ch 15 - sql security
Sql ch 15 - sql security
Mukesh Tekwani
 
Les14[1]Controlling User Access
Les14[1]Controlling User AccessLes14[1]Controlling User Access
Les14[1]Controlling User Access
siavosh kaviani
 
AccessControl.ppt
AccessControl.pptAccessControl.ppt
AccessControl.ppt
DAKSHATAPANCHAL2
 
Ch1 intro
Ch1 introCh1 intro
Ch1 intro
Subramanyam Neelam
 
Aos v unit protection and access control
Aos v unit protection and access controlAos v unit protection and access control
Aos v unit protection and access control
vanamali_vanu
 
Implementing role based access control on Web Application (sample case)
Implementing role based access control on Web Application (sample case)Implementing role based access control on Web Application (sample case)
Implementing role based access control on Web Application (sample case)
Deny Prasetia
 
Ch1_Intro-95.ppt
Ch1_Intro-95.pptCh1_Intro-95.ppt
Ch1_Intro-95.ppt
Pulkit Mehndiratta
 
Chapter 14 - Protection
Chapter 14 - ProtectionChapter 14 - Protection
Chapter 14 - Protection
Wayne Jones Jnr
 
Users66666666666666666666666666666666666666
Users66666666666666666666666666666666666666Users66666666666666666666666666666666666666
Users66666666666666666666666666666666666666
227567
 
In Proceedings of the 7th Annual Security Conference, June.docx
In Proceedings of the 7th Annual Security Conference, June.docxIn Proceedings of the 7th Annual Security Conference, June.docx
In Proceedings of the 7th Annual Security Conference, June.docx
bradburgess22840
 
WeTestAthens: Postman's AI & Automation Techniques
WeTestAthens: Postman's AI & Automation TechniquesWeTestAthens: Postman's AI & Automation Techniques
WeTestAthens: Postman's AI & Automation Techniques
Postman
 
Building Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and MilvusBuilding Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and Milvus
Zilliz
 

More Related Content

Similar to Database security

Chapter23
Chapter23Chapter23
Chapter23
gourab87
 
Sql grant, revoke, privileges and roles
Sql grant, revoke, privileges and rolesSql grant, revoke, privileges and roles
Sql grant, revoke, privileges and roles
Vivek Singh
 
Database Management System Security.pptx
Database Management System Security.pptxDatabase Management System Security.pptx
Database Management System Security.pptx
Roshni814224
 
MS SQL server audit
MS SQL server auditMS SQL server audit
MS SQL server audit
Portcullis Computer Security
 
UNIT 3- DATABASE INTEGRITY AND SECURITY CONCEPTS (1).pdf
UNIT 3- DATABASE INTEGRITY AND SECURITY CONCEPTS (1).pdfUNIT 3- DATABASE INTEGRITY AND SECURITY CONCEPTS (1).pdf
UNIT 3- DATABASE INTEGRITY AND SECURITY CONCEPTS (1).pdf
KavitaShinde26
 
Week No 13 Access Control Part 1.pptx
Week No 13 Access Control Part 1.pptxWeek No 13 Access Control Part 1.pptx
Week No 13 Access Control Part 1.pptx
XhamiiiCH
 
Data base Access Control a look at Fine grain Access method
Data base Access Control a look at Fine grain Access methodData base Access Control a look at Fine grain Access method
Data base Access Control a look at Fine grain Access method
International Journal of Engineering Inventions www.ijeijournal.com
 
Distributed database security with discretionary access control
Distributed database security with discretionary access controlDistributed database security with discretionary access control
Distributed database security with discretionary access control
Jyotishkar Dey
 
Database modeling and security
Database modeling and securityDatabase modeling and security
Database modeling and security
Neeharika Nidadavolu
 
Access Control Facilities in Oracle Database 11g r2
Access Control Facilities in Oracle Database 11g r2Access Control Facilities in Oracle Database 11g r2
Access Control Facilities in Oracle Database 11g r2
Amin Saqi
 
Sql ch 15 - sql security
Sql ch 15 - sql securitySql ch 15 - sql security
Sql ch 15 - sql security
Mukesh Tekwani
 
Les14[1]Controlling User Access
Les14[1]Controlling User AccessLes14[1]Controlling User Access
Les14[1]Controlling User Access
siavosh kaviani
 
AccessControl.ppt
AccessControl.pptAccessControl.ppt
AccessControl.ppt
DAKSHATAPANCHAL2
 
Ch1 intro
Ch1 introCh1 intro
Ch1 intro
Subramanyam Neelam
 
Aos v unit protection and access control
Aos v unit protection and access controlAos v unit protection and access control
Aos v unit protection and access control
vanamali_vanu
 
Implementing role based access control on Web Application (sample case)
Implementing role based access control on Web Application (sample case)Implementing role based access control on Web Application (sample case)
Implementing role based access control on Web Application (sample case)
Deny Prasetia
 
Ch1_Intro-95.ppt
Ch1_Intro-95.pptCh1_Intro-95.ppt
Ch1_Intro-95.ppt
Pulkit Mehndiratta
 
Chapter 14 - Protection
Chapter 14 - ProtectionChapter 14 - Protection
Chapter 14 - Protection
Wayne Jones Jnr
 
Users66666666666666666666666666666666666666
Users66666666666666666666666666666666666666Users66666666666666666666666666666666666666
Users66666666666666666666666666666666666666
227567
 
In Proceedings of the 7th Annual Security Conference, June.docx
In Proceedings of the 7th Annual Security Conference, June.docxIn Proceedings of the 7th Annual Security Conference, June.docx
In Proceedings of the 7th Annual Security Conference, June.docx
bradburgess22840
 

Similar to Database security (20)

Chapter23
Chapter23Chapter23
Chapter23
 
Sql grant, revoke, privileges and roles
Sql grant, revoke, privileges and rolesSql grant, revoke, privileges and roles
Sql grant, revoke, privileges and roles
 
Database Management System Security.pptx
Database Management System Security.pptxDatabase Management System Security.pptx
Database Management System Security.pptx
 
MS SQL server audit
MS SQL server auditMS SQL server audit
MS SQL server audit
 
UNIT 3- DATABASE INTEGRITY AND SECURITY CONCEPTS (1).pdf
UNIT 3- DATABASE INTEGRITY AND SECURITY CONCEPTS (1).pdfUNIT 3- DATABASE INTEGRITY AND SECURITY CONCEPTS (1).pdf
UNIT 3- DATABASE INTEGRITY AND SECURITY CONCEPTS (1).pdf
 
Week No 13 Access Control Part 1.pptx
Week No 13 Access Control Part 1.pptxWeek No 13 Access Control Part 1.pptx
Week No 13 Access Control Part 1.pptx
 
Data base Access Control a look at Fine grain Access method
Data base Access Control a look at Fine grain Access methodData base Access Control a look at Fine grain Access method
Data base Access Control a look at Fine grain Access method
 
Distributed database security with discretionary access control
Distributed database security with discretionary access controlDistributed database security with discretionary access control
Distributed database security with discretionary access control
 
Database modeling and security
Database modeling and securityDatabase modeling and security
Database modeling and security
 
Access Control Facilities in Oracle Database 11g r2
Access Control Facilities in Oracle Database 11g r2Access Control Facilities in Oracle Database 11g r2
Access Control Facilities in Oracle Database 11g r2
 
Sql ch 15 - sql security
Sql ch 15 - sql securitySql ch 15 - sql security
Sql ch 15 - sql security
 
Les14[1]Controlling User Access
Les14[1]Controlling User AccessLes14[1]Controlling User Access
Les14[1]Controlling User Access
 
AccessControl.ppt
AccessControl.pptAccessControl.ppt
AccessControl.ppt
 
Ch1 intro
Ch1 introCh1 intro
Ch1 intro
 
Aos v unit protection and access control
Aos v unit protection and access controlAos v unit protection and access control
Aos v unit protection and access control
 
Implementing role based access control on Web Application (sample case)
Implementing role based access control on Web Application (sample case)Implementing role based access control on Web Application (sample case)
Implementing role based access control on Web Application (sample case)
 
Ch1_Intro-95.ppt
Ch1_Intro-95.pptCh1_Intro-95.ppt
Ch1_Intro-95.ppt
 
Chapter 14 - Protection
Chapter 14 - ProtectionChapter 14 - Protection
Chapter 14 - Protection
 
Users66666666666666666666666666666666666666
Users66666666666666666666666666666666666666Users66666666666666666666666666666666666666
Users66666666666666666666666666666666666666
 
In Proceedings of the 7th Annual Security Conference, June.docx
In Proceedings of the 7th Annual Security Conference, June.docxIn Proceedings of the 7th Annual Security Conference, June.docx
In Proceedings of the 7th Annual Security Conference, June.docx
 

Recently uploaded

WeTestAthens: Postman's AI & Automation Techniques
WeTestAthens: Postman's AI & Automation TechniquesWeTestAthens: Postman's AI & Automation Techniques
WeTestAthens: Postman's AI & Automation Techniques
Postman
 
Building Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and MilvusBuilding Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and Milvus
Zilliz
 
Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...
Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...
Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...
Tatiana Kojar
 
A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024
Intelisync
 
Deep Dive: Getting Funded with Jason Jason Lemkin Founder & CEO @ SaaStr
Deep Dive: Getting Funded with Jason Jason Lemkin Founder & CEO @ SaaStrDeep Dive: Getting Funded with Jason Jason Lemkin Founder & CEO @ SaaStr
Deep Dive: Getting Funded with Jason Jason Lemkin Founder & CEO @ SaaStr
saastr
 
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
saastr
 
Fueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte WebinarFueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte Webinar
Zilliz
 
Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)
Jakub Marek
 
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdfMonitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Tosin Akinosho
 
Finale of the Year: Apply for Next One!
Finale of the Year: Apply for Next One!Finale of the Year: Apply for Next One!
Finale of the Year: Apply for Next One!
GDSC PJATK
 
Nordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptxNordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptx
MichaelKnudsen27
 
dbms calicut university B. sc Cs 4th sem.pdf
dbms calicut university B. sc Cs 4th sem.pdfdbms calicut university B. sc Cs 4th sem.pdf
dbms calicut university B. sc Cs 4th sem.pdf
Shinana2
 
Ocean lotus Threat actors project by John Sitima 2024 (1).pptx
Ocean lotus Threat actors project by John Sitima 2024 (1).pptxOcean lotus Threat actors project by John Sitima 2024 (1).pptx
Ocean lotus Threat actors project by John Sitima 2024 (1).pptx
SitimaJohn
 
Digital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying AheadDigital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying Ahead
Wask
 
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdfHow to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
Chart Kalyan
 
Choosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptxChoosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptx
Brandon Minnick, MBA
 
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...
alexjohnson7307
 
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUHCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
panagenda
 
Taking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdfTaking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdf
ssuserfac0301
 
Azure API Management to expose backend services securely
Azure API Management to expose backend services securelyAzure API Management to expose backend services securely
Azure API Management to expose backend services securely
Dinusha Kumarasiri
 

Recently uploaded (20)

WeTestAthens: Postman's AI & Automation Techniques
WeTestAthens: Postman's AI & Automation TechniquesWeTestAthens: Postman's AI & Automation Techniques
WeTestAthens: Postman's AI & Automation Techniques
 
Building Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and MilvusBuilding Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and Milvus
 
Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...
Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...
Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...
 
A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024
 
Deep Dive: Getting Funded with Jason Jason Lemkin Founder & CEO @ SaaStr
Deep Dive: Getting Funded with Jason Jason Lemkin Founder & CEO @ SaaStrDeep Dive: Getting Funded with Jason Jason Lemkin Founder & CEO @ SaaStr
Deep Dive: Getting Funded with Jason Jason Lemkin Founder & CEO @ SaaStr
 
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
 
Fueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte WebinarFueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte Webinar
 
Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)
 
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdfMonitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdf
 
Finale of the Year: Apply for Next One!
Finale of the Year: Apply for Next One!Finale of the Year: Apply for Next One!
Finale of the Year: Apply for Next One!
 
Nordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptxNordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptx
 
dbms calicut university B. sc Cs 4th sem.pdf
dbms calicut university B. sc Cs 4th sem.pdfdbms calicut university B. sc Cs 4th sem.pdf
dbms calicut university B. sc Cs 4th sem.pdf
 
Ocean lotus Threat actors project by John Sitima 2024 (1).pptx
Ocean lotus Threat actors project by John Sitima 2024 (1).pptxOcean lotus Threat actors project by John Sitima 2024 (1).pptx
Ocean lotus Threat actors project by John Sitima 2024 (1).pptx
 
Digital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying AheadDigital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying Ahead
 
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdfHow to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
 
Choosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptxChoosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptx
 
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...
 
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUHCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
 
Taking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdfTaking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdf
 
Azure API Management to expose backend services securely
Azure API Management to expose backend services securelyAzure API Management to expose backend services securely
Azure API Management to expose backend services securely
 

Database security

  • 1. Database Management Systems, 2nd Edition, R. Ramakrishnan and J. Gehrke 1 Security Lecture 21 Database Management Systems, 2nd Edition, R. Ramakrishnan and J. Gehrke 2 Introduction to DB Security Secrecy: Users should not be able to see things they are not supposed to. – E.g., A student can’t see other students’ grades. Integrity: Users should not be able to modify things they are not supposed to. – E.g., Only instructors can assign grades. Availability: Users should be able to see and modify things they are allowed to. Database Management Systems, 2nd Edition, R. Ramakrishnan and J. Gehrke 3 Access Controls A security policy specifies who is authorized to do what. A security mechanism allows us to enforce a chosen security policy. Two main mechanisms at the DBMS level: – Discretionary access control – Mandatory access control Database Management Systems, 2nd Edition, R. Ramakrishnan and J. Gehrke 4 Discretionary Access Control Based on the concept of access rights or privileges for objects (tables and views), and mechanisms for giving users privileges (and revoking privileges). Creator of a table or a view automatically gets all privileges on it. – DMBS keeps track of who subsequently gains and loses privileges, and ensures that only requests from users who have the necessary privileges (at the time the request is issued) are allowed. Database Management Systems, 2nd Edition, R. Ramakrishnan and J. Gehrke 5 GRANT Command The following privileges can be specified: SELECT: Can read all columns (including those added later via ALTER TABLE command). INSERT(col-name): Can insert tuples with non-null or non- default values in this column. INSERT means same right with respect to all columns. DELETE: Can delete tuples. REFERENCES (col-name): Can define foreign keys (in other tables) that refer to this column. If a user has a privilege with the GRANT OPTION, can pass privilege on to other users (with or without passing on the GRANT OPTION). Only owner can execute CREATE, ALTER, and DROP. GRANT privileges ON object TO users [WITH GRANT OPTION] Database Management Systems, 2nd Edition, R. Ramakrishnan and J. Gehrke 6 GRANT and REVOKE of Privileges GRANT INSERT, SELECT ON Sailors TO Horatio – Horatio can query Sailors or insert tuples into it. GRANT DELETE ON Sailors TO Yuppy WITH GRANT OPTION – Yuppy can delete tuples, and also authorize others to do so. GRANT UPDATE (rating) ON Sailors TO Dustin – Dustin can update (only) the rating field of Sailors tuples. GRANT SELECT ON ActiveSailors TO Guppy, Yuppy – This does NOT allow the ‘uppies to query Sailors directly! REVOKE: When a privilege is revoked from X, it is also revoked from all users who got it solely from X.
  • 2. Database Management Systems, 2nd Edition, R. Ramakrishnan and J. Gehrke 7 GRANT/REVOKE on Views If the creator of a view loses the SELECT privilege on an underlying table, the view is dropped! If the creator of a view loses a privilege held with the grant option on an underlying table, (s)he loses the privilege on the view as well; so do users who were granted that privilege on the view! Database Management Systems, 2nd Edition, R. Ramakrishnan and J. Gehrke 8 Views and Security Views can be used to present necessary information (or a summary), while hiding details in underlying relation(s). – Given ActiveSailors, but not Sailors or Reserves, we can find sailors who have a reservation, but not the bid’s of boats that have been reserved. Creator of view has a privilege on the view if (s)he has the privilege on all underlying tables. Together with GRANT/REVOKE commands, views are a very powerful access control tool. Database Management Systems, 2nd Edition, R. Ramakrishnan and J. Gehrke 9 Role-Based Authorization In SQL-92, privileges are actually assigned to authorization ids, which can denote a single user or a group of users. In SQL:1999 (and in many current systems), privileges are assigned to roles. – Roles can then be granted to users and to other roles. – Reflects how real organizations work. – Illustrates how standards often catch up with “de facto” standards embodied in popular systems. Database Management Systems, 2nd Edition, R. Ramakrishnan and J. Gehrke 10 Security to the Level of a Field! Can create a view that only returns one field of one tuple. (How?) Then grant access to that view accordingly. Allows for arbitrary granularity of control – A bit clumsy to specify. – Can be hidden under a good UI. Database Management Systems, 2nd Edition, R. Ramakrishnan and J. Gehrke 11 Mandatory Access Control Based on system-wide policies that cannot be changed by individual users. – Each DB object is assigned a security class. – Each subject (user or user program) is assigned a clearance for a security class. – Rules based on security classes and clearances govern who can read/write which objects. Most commercial systems do not support mandatory access control. Versions of some DBMSs do support it; used for specialized (e.g., military) applications. Database Management Systems, 2nd Edition, R. Ramakrishnan and J. Gehrke 12 Why Mandatory Control? Discretionary control has some flaws, e.g., the Trojan horse problem: – Dick creates Horsie and gives INSERT privileges to Justin (who doesn’t know about this). – Dick modifes the code of an application program used by Justin to additionally write some secret data to table Horsie. – Now, Justin can see the secret info. The modification of the code is beyond the DBMSs control, but it can try and prevent the use of the database as a channel for secret information.
  • 3. Database Management Systems, 2nd Edition, R. Ramakrishnan and J. Gehrke 13 Bell-LaPadula Model Objects (e.g., tables, views, tuples) Subjects (e.g., users, user programs) Security classes: – Top secret (TS), secret (S), confidential (C), unclassified (U): TS > S> C > U Each object and subject is assigned a class. – Subject S can read object O only if class(S) >= class(O) (Simple Security Property) – Subject S can write object O only if class(S) <= class(O) (*-Property) Database Management Systems, 2nd Edition, R. Ramakrishnan and J. Gehrke 14 Intuition Idea is to ensure that information can never flow from a higher to a lower security level. E.g., If Dick has security class C, Justin has class S, and the secret table has class S: – Dick’s table, Horsie, has Dick’s clearance, C. – Justin’s application has his clearance, S. – So, the program cannot write into table Horsie. The mandatory access control rules are applied in addition to any discretionary controls that are in effect. Database Management Systems, 2nd Edition, R. Ramakrishnan and J. Gehrke 15 Multilevel Relations Users with S and TS clearance will see both rows; a user with C will only see the 2nd row; a user with U will see no rows. If user with C tries to insert <101,Pasta,Blue,C>: – Allowing insertion violates key constraint – Disallowing insertion tells user that there is another object with key 101 that has a class > C! – Problem resolved by treating class field as part of key. CBrownPinto102 SRedSalsa101 classcolorbnamebid Database Management Systems, 2nd Edition, R. Ramakrishnan and J. Gehrke 16 Statistical DB Security Statistical DB: Contains information about individuals, but allows only aggregate queries (e.g., average age, rather than Joe’s age). New problem: It may be possible to infer some secret information! – E.g., If I know Joe is the oldest sailor, I can ask “How many sailors are older than X?” for different values of X until I get the answer 1; this allows me to infer Joe’s age. Idea: Insist that each query must involve at least N rows, for some N. Will this work? (No!) Database Management Systems, 2nd Edition, R. Ramakrishnan and J. Gehrke 17 Why Minimum N is Not Enough By asking “How many sailors older than X?” until the system rejects the query, can identify a set of N sailors, including Joe, that are older than X; let X=55 at this point. Next, ask “What is the sum of ages of sailors older than X?” Let result be S1. Next, ask “What is sum of ages of sailors other than Joe who are older than X, plus my age?” Let result be S2. S1-S2 is Joe’s age! Database Management Systems, 2nd Edition, R. Ramakrishnan and J. Gehrke 18 Summary Three main security objectives: secrecy, integrity, availability. DB admin is responsible for overall security. – Designs security policy, maintains an audit trail, or history of users’ accesses to DB. Two main approaches to DBMS security: discretionary and mandatory access control. – Discretionary control based on notion of privileges. – Mandatory control based on notion of security classes. Statistical DBs try to protect individual data by supporting only aggregate queries, but often, individual information can be inferred.