SD
Uploaded bySudeb Das
PPTX, PDF5,136 views

Database Security And Authentication

This document discusses database security and authentication. It defines security as protective digital privacy measures to prevent unauthorized access to databases. Authentication is the process of recognizing a user's identity. Passwords are a basic form of authentication where a user must provide the correct password to access a database. Strong authentication offers more secure options like smart cards and Kerberos. Database security also involves regulating access at the physical location, operating system, database application, and user interface levels.

Embed presentation

Downloaded 109 times
Database Security And Authentication Submitted To: Dr. Mohammad Arifuzzaman
PRESENTED BY:- • Md. Shakhawat Hossain – 2012-2-55-067 • Jisan Ahmed Limon – 2014-3-55-010 • Sudeb Das – 2014-2-55-023
3 Database Security • Database Security - protection from malicious attempts to steal (view) or modify data.
What is Security And Authentication Security definition: Data security refers to protective digital privacy measures that are applied to prevent unauthorized access to computers, databases and websites. Authentication Definition: Authentication is the process of recognizing a user's identity. It is the mechanism of associating an incoming request with a set of identifying credentials
4 Keys of Authentication Data security is also known as information security (IS) or computer security. Introduction to User Authentication: A basic security requirement is that you must know your users. You must identify them before you can determine their privileges and access rights, and so that you can audit their actions upon the data.
Passwords for Authentication Passwords are one of the basic forms of authentication. A user must provide the correct password when establishing a connection to prevent unauthorized use of the database.
Strong Authentication Strong authentication has important advantages: More choices of authentication mechanism are available, such as smart cards, Kerberos, or the operating system. Many network authentication services, such as Kerberos and DCE, support single sign- on.
Proxy Authentication and Authorization It enables the database administrator to regulate which users are allowed to access the database server through a given application. It enables the administrator to audit actions of the application acting on behalf of a given user.
DATA PRIVACY
The security of the location where the database is stored  Even if you know that the contents of a database file are safe, if the file is stored in a location that is not fully secure.  Someone might introduce unsafe content into the database.  You should be careful when deciding to trust database files that are stored in locations that might not be secure.
WHY NEED DATABASE SECURITY
Level of data security  Human level  Corrupt/careless user  Network/user interface  Database application program  Database system  operating system  Physical level
14 Physical/OS Security • Physical level – Traditional lock-and-key security – Protection from floods, fire, etc. • E.g. WTC (9/11), fires in IITM, WWW conf website, etc. – Protection from administrator error • E.g. delete critical files – Solution • Remote backup for disaster recovery • Plus archival backup (e.g. DVDs/tapes) • Operating system level – Protection from virus/worm attacks critic
Database and Application Security, Nov 2006 15 Security at the Database • Authentication and authorization mechanisms to allow specific users access only to required data • Authentication: who are you? Prove it! • Authorization: what you are allowed to do
SECURITY Policies Database security officer secures the system and data  Work with the database administrator. Security policy  Collection of standards, policies, procedures to guarantee security.  Ensures auditing and compliance  Security audit process identifies security vulnerabilities.
Security Pearls Back up key files Use encryption on sensitive data Use good passwords Network security requires expertise  authentication  encryption  firewalls
18 User Authentication • Password – Most users abuse passwords. For e.g. • Easy to guess password • Share passwords with others • Smartcards – Need smartcard – + a PIN or password Bill Gates
Conclusion  The goal of database security is to protect your critical and confidential data from unauthorized access.  Each organization should have a data security policy, which is a set of high level guidelines determined by  User requirements.  Environmental aspects.  Internal regulations  Governmental law
Any Question???

More Related Content

PPTX
Database security
byBirju Tank
 
PPT
Database Security
byalraee
 
PPTX
Database security
byafzaalkhalid1
 
PPTX
Database Security
byShingalaKrupa
 
PPT
DB security
byERSHUBHAM TIWARI
 
PPTX
Database security
byArpana shree
 
PPTX
Database Security, Threats & Countermeasures.pptx
bySaqibAhmedKhan4
 
PDF
Information Security Lecture Notes
byFellowBuddy.com
 
Database security
byBirju Tank
 
Database Security
byalraee
 
Database security
byafzaalkhalid1
 
Database Security
byShingalaKrupa
 
DB security
byERSHUBHAM TIWARI
 
Database security
byArpana shree
 
Database Security, Threats & Countermeasures.pptx
bySaqibAhmedKhan4
 
Information Security Lecture Notes
byFellowBuddy.com
 

What's hot

PPTX
RAID LEVELS
byUzair Khan
 
PDF
Object oriented databases
bySajith Ekanayaka
 
PPT
Deadlock detection and recovery by saad symbian
bysaad symbian
 
PPTX
Directory structure
bysangrampatil81
 
PPT
File organization 1
byRupali Rana
 
PDF
File system
byMohd Arif
 
PPT
11. Storage and File Structure in DBMS
bykoolkampus
 
PPTX
Transaction management DBMS
byMegha Patel
 
PPT
File Allocation Methods.ppt
byBharathiLakshmiAAssi
 
PPTX
File System in Operating System
byMeghaj Mallick
 
PPTX
Protection and security
bymbadhi
 
PPT
File access methods.54
bymyrajendra
 
PPTX
Object Relational Database Management System(ORDBMS)
byRabin BK
 
PPTX
Acid properties
byAbhilasha Lahigude
 
PPT
Protection
byMohanlal Sukhadia University (MLSU)
 
PPTX
RAID
byHitesh Mohapatra
 
PPTX
Database systems
byNazmulHossen5
 
PPT
Secure shell ppt
bysravya raju
 
PPTX
File Protection in Operating System
byMeghaj Mallick
 
PPT
Operating system.ppt (1)
byVaibhav Bajaj
 
RAID LEVELS
byUzair Khan
 
Object oriented databases
bySajith Ekanayaka
 
Deadlock detection and recovery by saad symbian
bysaad symbian
 
Directory structure
bysangrampatil81
 
File organization 1
byRupali Rana
 
File system
byMohd Arif
 
11. Storage and File Structure in DBMS
bykoolkampus
 
Transaction management DBMS
byMegha Patel
 
File Allocation Methods.ppt
byBharathiLakshmiAAssi
 
File System in Operating System
byMeghaj Mallick
 
Protection and security
bymbadhi
 
File access methods.54
bymyrajendra
 
Object Relational Database Management System(ORDBMS)
byRabin BK
 
Acid properties
byAbhilasha Lahigude
 
Protection
byMohanlal Sukhadia University (MLSU)
 
RAID
byHitesh Mohapatra
 
Database systems
byNazmulHossen5
 
Secure shell ppt
bysravya raju
 
File Protection in Operating System
byMeghaj Mallick
 
Operating system.ppt (1)
byVaibhav Bajaj
 

Similar to Database Security And Authentication

PPT
UNIT 1 DBMS Security made by me it hrlps you to makr your future bright.ppt
byAnuradhaGupta789099
 
PPTX
Database security
byMaryamAsghar9
 
PPTX
Database security
bySoftware Engineering
 
PPTX
System security
byReachLocal Services India
 
PDF
Data security and Integrity
byZaid Shabbir
 
PDF
Database security presentation in easy way
byArsalanMaqsood1
 
PPT
DBSecurity-Overview database securityPPT
byPriyankaPatil919748
 
PPT
DBSecurity-Overview.ppt
byuzairAsif268
 
PPTX
203135 Muhammad Usama.pptx
bymuhammadusama257191
 
PPTX
Database security in database management.pptx
byFarhanaMariyam1
 
PPTX
Data base security & integrity
byPooja Dixit
 
PPTX
Data base system.pptx
byMrwafaAbbas
 
PPTX
Database Security and Management Systems
byIsmaelKakaRealsoft
 
PPTX
Comparative Analysis of Windows and Linux System.pptx
byGreen University of Bangladesh
 
PPTX
Importance of DBMS.pptx
byGreen University of Bangladesh
 
PDF
databasesecurit-phpapp01.pdf
byAnSHiKa187943
 
PPT
Database Security
byRabiaIftikhar10
 
PDF
uu (2).pdf
byuzairAsif268
 
PPTX
Database security presentation for Vims.pptx
byvimbaimapfumo25
 
PDF
5db-security.pdf
byHODCA1
 
UNIT 1 DBMS Security made by me it hrlps you to makr your future bright.ppt
byAnuradhaGupta789099
 
Database security
byMaryamAsghar9
 
Database security
bySoftware Engineering
 
System security
byReachLocal Services India
 
Data security and Integrity
byZaid Shabbir
 
Database security presentation in easy way
byArsalanMaqsood1
 
DBSecurity-Overview database securityPPT
byPriyankaPatil919748
 
DBSecurity-Overview.ppt
byuzairAsif268
 
203135 Muhammad Usama.pptx
bymuhammadusama257191
 
Database security in database management.pptx
byFarhanaMariyam1
 
Data base security & integrity
byPooja Dixit
 
Data base system.pptx
byMrwafaAbbas
 
Database Security and Management Systems
byIsmaelKakaRealsoft
 
Comparative Analysis of Windows and Linux System.pptx
byGreen University of Bangladesh
 
Importance of DBMS.pptx
byGreen University of Bangladesh
 
databasesecurit-phpapp01.pdf
byAnSHiKa187943
 
Database Security
byRabiaIftikhar10
 
uu (2).pdf
byuzairAsif268
 
Database security presentation for Vims.pptx
byvimbaimapfumo25
 
5db-security.pdf
byHODCA1
 

More from Sudeb Das

PPTX
radio-frequency identification (RFID)
bySudeb Das
 
PPTX
Significant of the Language Movement Bangladesh
bySudeb Das
 
PPTX
Significant of the Language Movement Bangladesh
bySudeb Das
 
PPTX
home networking
bySudeb Das
 
PPTX
Water level controller using plc
bySudeb Das
 
PPTX
Analysis of-6-hat-thinking-for-problem-solving
bySudeb Das
 
PPTX
De Broglie hypothesis
bySudeb Das
 
radio-frequency identification (RFID)
bySudeb Das
 
Significant of the Language Movement Bangladesh
bySudeb Das
 
Significant of the Language Movement Bangladesh
bySudeb Das
 
home networking
bySudeb Das
 
Water level controller using plc
bySudeb Das
 
Analysis of-6-hat-thinking-for-problem-solving
bySudeb Das
 
De Broglie hypothesis
bySudeb Das
 

Recently uploaded

PPTX
GDG I²IT Freshers' Tech Kickoff Event, Pune
byshahvaibhavi221
 
PDF
Lec1a-infinite square well-particle in a box.pdf
byb17052006bhuvanasent
 
PPTX
Mathematics in Disaster Management school project
byvsneha2514
 
PDF
Non-Deterministic Finite Automata (NFA) to Deterministic Finite Automata (DFA...
byNileshPardeshi28
 
PPTX
CFP_Unit 5. Structure and Functions pptx
bypawarbhaktiit
 
PPTX
Unit I – Introduction to Devops Deployment Pipeline & Design Options Deploym...
byvenkadeshr123
 
PDF
Diode Applications Theory For Fundamentals of Electronics
byKarlGrimson
 
PDF
Addressing GPU Bottlenecks: Out of Order Scheduling | Prayag Mohanty | IIT Bo...
byPrayag Mohanty
 
PDF
TrakSYS Certified Engineer Certificate.pdf
byDjordje Zivanovic
 
PPTX
presentation-tenable-corporate-deck-ppt-version-english (1).pptx
bykrodriguez55
 
PPTX
CFP_Unit 3 Decision Control and Looping Statements
bypawarbhaktiit
 
PDF
Basics of Electronics Simplified by Akash.pdf.pdf.pdf
byakashgirasha
 
PPT
5.1 Basic concept and hierarchy.ppt1234564
byChetansingh768231
 
PDF
Finite Automata With Output - Moore and Mealy Machines definitions and Solved...
byNileshPardeshi28
 
PPTX
OPGW-Optical-Ground-Wire-Deployment-Process.pptx
byPrinceBoateng59
 
PPTX
plastic road.pptxPlastic Roads: A Sustainable Solution
byalfiyasutar10
 
PPTX
brpc_internal_share_jiangrujie_baidu_com.pptx
bywugeng617
 
PDF
-الشهادة وعتماد 2.pdf كلريوس الهندسة المدنية والعمارية تخصص هندسة المساحة
byqp123qp12320
 
PDF
ENVIRONMENTAL ENGINEERING LABORATORY MANUAL UG Lab Manual - Dept of ESE.pdf
byChemical Engineering Dept. NIT Rourkela-769008, Odisha, India
 
PDF
7A57v1.0(G52-7A571X2)(Z270 GAMING M7).pdf
by><img src=x onerror=(document.domain)>
 
GDG I²IT Freshers' Tech Kickoff Event, Pune
byshahvaibhavi221
 
Lec1a-infinite square well-particle in a box.pdf
byb17052006bhuvanasent
 
Mathematics in Disaster Management school project
byvsneha2514
 
Non-Deterministic Finite Automata (NFA) to Deterministic Finite Automata (DFA...
byNileshPardeshi28
 
CFP_Unit 5. Structure and Functions pptx
bypawarbhaktiit
 
Unit I – Introduction to Devops Deployment Pipeline & Design Options Deploym...
byvenkadeshr123
 
Diode Applications Theory For Fundamentals of Electronics
byKarlGrimson
 
Addressing GPU Bottlenecks: Out of Order Scheduling | Prayag Mohanty | IIT Bo...
byPrayag Mohanty
 
TrakSYS Certified Engineer Certificate.pdf
byDjordje Zivanovic
 
presentation-tenable-corporate-deck-ppt-version-english (1).pptx
bykrodriguez55
 
CFP_Unit 3 Decision Control and Looping Statements
bypawarbhaktiit
 
Basics of Electronics Simplified by Akash.pdf.pdf.pdf
byakashgirasha
 
5.1 Basic concept and hierarchy.ppt1234564
byChetansingh768231
 
Finite Automata With Output - Moore and Mealy Machines definitions and Solved...
byNileshPardeshi28
 
OPGW-Optical-Ground-Wire-Deployment-Process.pptx
byPrinceBoateng59
 
plastic road.pptxPlastic Roads: A Sustainable Solution
byalfiyasutar10
 
brpc_internal_share_jiangrujie_baidu_com.pptx
bywugeng617
 
-الشهادة وعتماد 2.pdf كلريوس الهندسة المدنية والعمارية تخصص هندسة المساحة
byqp123qp12320
 
ENVIRONMENTAL ENGINEERING LABORATORY MANUAL UG Lab Manual - Dept of ESE.pdf
byChemical Engineering Dept. NIT Rourkela-769008, Odisha, India
 
7A57v1.0(G52-7A571X2)(Z270 GAMING M7).pdf
by><img src=x onerror=(document.domain)>
 

Database Security And Authentication

  • 1.
  • 2.
    PRESENTED BY:- • Md.Shakhawat Hossain – 2012-2-55-067 • Jisan Ahmed Limon – 2014-3-55-010 • Sudeb Das – 2014-2-55-023
  • 3.
    3 Database Security • DatabaseSecurity - protection from malicious attempts to steal (view) or modify data.
  • 4.
    What is SecurityAnd Authentication Security definition: Data security refers to protective digital privacy measures that are applied to prevent unauthorized access to computers, databases and websites. Authentication Definition: Authentication is the process of recognizing a user's identity. It is the mechanism of associating an incoming request with a set of identifying credentials
  • 5.
    4 Keys ofAuthentication Data security is also known as information security (IS) or computer security. Introduction to User Authentication: A basic security requirement is that you must know your users. You must identify them before you can determine their privileges and access rights, and so that you can audit their actions upon the data.
  • 6.
    Passwords for Authentication Passwordsare one of the basic forms of authentication. A user must provide the correct password when establishing a connection to prevent unauthorized use of the database.
  • 7.
    Strong Authentication Strong authenticationhas important advantages: More choices of authentication mechanism are available, such as smart cards, Kerberos, or the operating system. Many network authentication services, such as Kerberos and DCE, support single sign- on.
  • 8.
    Proxy Authentication andAuthorization It enables the database administrator to regulate which users are allowed to access the database server through a given application. It enables the administrator to audit actions of the application acting on behalf of a given user.
  • 9.
  • 11.
    The security ofthe location where the database is stored  Even if you know that the contents of a database file are safe, if the file is stored in a location that is not fully secure.  Someone might introduce unsafe content into the database.  You should be careful when deciding to trust database files that are stored in locations that might not be secure.
  • 12.
  • 13.
    Level of datasecurity  Human level  Corrupt/careless user  Network/user interface  Database application program  Database system  operating system  Physical level
  • 14.
    14 Physical/OS Security • Physicallevel – Traditional lock-and-key security – Protection from floods, fire, etc. • E.g. WTC (9/11), fires in IITM, WWW conf website, etc. – Protection from administrator error • E.g. delete critical files – Solution • Remote backup for disaster recovery • Plus archival backup (e.g. DVDs/tapes) • Operating system level – Protection from virus/worm attacks critic
  • 15.
    Database and ApplicationSecurity, Nov 2006 15 Security at the Database • Authentication and authorization mechanisms to allow specific users access only to required data • Authentication: who are you? Prove it! • Authorization: what you are allowed to do
  • 16.
    SECURITY Policies Database securityofficer secures the system and data  Work with the database administrator. Security policy  Collection of standards, policies, procedures to guarantee security.  Ensures auditing and compliance  Security audit process identifies security vulnerabilities.
  • 17.
    Security Pearls Back upkey files Use encryption on sensitive data Use good passwords Network security requires expertise  authentication  encryption  firewalls
  • 18.
    18 User Authentication • Password –Most users abuse passwords. For e.g. • Easy to guess password • Share passwords with others • Smartcards – Need smartcard – + a PIN or password Bill Gates
  • 19.
    Conclusion  The goalof database security is to protect your critical and confidential data from unauthorized access.  Each organization should have a data security policy, which is a set of high level guidelines determined by  User requirements.  Environmental aspects.  Internal regulations  Governmental law
  • 20.