ShingalaKrupa, profile picture
Uploaded byShingalaKrupa
PPTX, PDF17,194 views

Database Security

The document discusses database security and provides an overview of key concepts. It defines database security and the data security lifecycle. It also outlines various countermeasures for database security including authorization, views, backup and recovery, integrity, encryption, and RAID technology. The overall goals are to understand security issues in database systems and consider how to address threats and protect against risks like theft, fraud, and data loss or exposure.

Embed presentation

Downloaded 750 times
Presentation on Database Security Submitted to:Charmi Purohit Prepared By: Kumbhani Minaxi Limbasiya Jignasha Minaxi & Jignasha 1/24 Database Security
Index  Definition  Data security Lifecycle  Countermeasures - Authorization - Views - Backup And Recovery - Integrity - Encryption - RAID Technology Minaxi & Jignasha 2/24 Database Security
What is Database Security?  Database Security is the mechanism that protect the database against intentional or accidental threats.  Security policy describes the security measures enforced.  Security mechanisms of the underlying DBMS must be utilized to enforce the policy. Minaxi & Jignasha 3/24 Database Security
Requirements Security curriculum is relatively light in database systems area Focus currently on protecting information through network configuration, systems administration, application security Need to specifically consider database system security issues Minaxi & Jignasha 4/24 Database Security
Goals Understand security issues in: a general database system environment a specific DBMS (Oracle) environment Consider database security issues in context of general security principles and ideas Consider issues relating to both database storage and database system communication with other applications Minaxi & Jignasha 5/24 Database Security
Main Message  Database system security is more than securing the database • Secure database • Secure DBMS • Secure applications/application development • Secure operating system in relation to database system • Secure web server in relation to database system • Secure network environment in relation to database system Minaxi & Jignasha 6/24 Database Security
Purpose  We consider database security in relation to the following situations: - Theft and Fraud - Loss of confidentiality - Loss of privacy - Loss of integrity - Loss of availability Minaxi & Jignasha 7/24 Database Security
Data Security Lifecycle Minaxi & Jignasha 8/24 Database Security
Threat  Threat is any intentional or accidental event that may adversely affect the system.  Examples of threats: - Using another person’s log-in name to access data - Unauthorized copying data - Program/Data alteration - Illegal entry by hacker - Viruses Minaxi & Jignasha 9/24 Database Security
Countermeasures  A Countermeasures is an action that you take on order to weaken the effect of another action, a situation, or to make it harmless.  Because the threat never developed, We didn’t need to take any real countermeasures. Minaxi & Jignasha 10/24 Database Security
Countermeasures  Computer-Based Controls: - Authorization - Authenticating - Views - Backup and Recovery - Integrity - Encryption - Privileges,Roles,GrantRevoke - RAID Technology Minaxi & Jignasha 11/24 Database Security
Authorization  The granting of a privilege that enable a user to have a legitimate access to a system.  They are sometimes referred as access controls.  The process of authorization involves authenticating the user requesting access to objects. Minaxi & Jignasha 12/24 Database Security
Authenticating  Means a mechanism that determines whether a user is who he/she claim to be.  A system administrator is responsible for allowing users to have access to the system by creating individual user accounts. Minaxi & Jignasha 13/24 Database Security
 Four Authenticating Users to the Database: 1)Introduction to User Authentication 2)password for Authentication 3)Strong Authentication 4)Proxy Authentication and Authorization Minaxi & Jignasha 14/24 Database Security
Views  A view is virtual relation that does not actually exit in the database, but is produced upon request by a particular user, at the time of request.  The view mechanism provides a powerful and flexible security mechanism by hiding parts of the database from certain users.  The user is not aware of the existence of any attributes or rows that are missing from the view. Minaxi & Jignasha 15/24 Database Security
Backup and Recovery  DBMS should provide backup facilities to assist with the recovery of a database failure.  backup and recovery refers to the various strategies and procedures involved in protecting your database against data loss and reconstructing the database after any kind of data loss. Minaxi & Jignasha 16/24 Database Security
 Backups can be divided into physical backups and logical backups.  Backup have two distinct purpose: 1)Primary purpose is to recover data After it’s loss, be it by data deletion or corruption. 2)Secondary purpose of backup is to recover data from an earlier time. Minaxi & Jignasha 17/24 Database Security
Integrity  Data integrity is a fundamental component of information security.  Maintaining a secure database system by preventing data from becoming invalid.  Only authorized users should be allowed to modify data.  Numeric columns should not accept alphabetic data.  For example, students Minaxi & Jignasha 18/24 Database Security
Encryption  The encoding of data by a special algorithm that renders the data unreadable by any program without the decryption key.  It also protects the data transmitted over communication lines. Plain-Data Encrypted Data Algorithm and Password Minaxi & Jignasha 19/24 Database Security
privilege  A privilege allows a user to access some data object in a certain manner (e.g., to read or to modify).  SQL-92 supports access control through GRANT and REVOKE commands.  GRANT command: Give users privileges to base tables and views.  REVOKE command: intended to achieve the reverse, to withdraw the granted privilege from the user. Minaxi & Jignasha 20/24 Database Security
Grant and Revoke Black Brown (owner) Red White GRANT SELECT ON Employee TO Red GRANT SELECT ON Employee TO Black WITH GRANT OPTION ? Brown revokes grant given to Black ? Brown does not want Red to access the Employee relationGRANT UPDATE(Salary) ON Employee TO White Minaxi & Jignasha 21/24 Database Security
RAID Technology  Redundant Array of Independent Disks  The DBMS is running on must be fault-tolerant, meaning that the DBMS should continue to operate even if one of the hardware components fails. One solution is the use of RAID technology.  RAID works on having a large disk array comprising an arrangement of several independent disks that are organized to improve reliability and at the same time increase performance. Minaxi & Jignasha 22/24 Database Security
References  http://www.wikipedia.com  http://www.techonNet.com  http://www.About.com/Databases Minaxi & Jignasha 23/24 Database Security
Database Security

More Related Content

PDF
Data security and Integrity
byZaid Shabbir
 
PPTX
Database Security, Threats & Countermeasures.pptx
bySaqibAhmedKhan4
 
PPTX
Database security
byafzaalkhalid1
 
PPTX
Database security
byBirju Tank
 
PPT
DB security
byERSHUBHAM TIWARI
 
PPTX
Database security
byArpana shree
 
PPT
Database Security
byalraee
 
PPTX
Database Security And Authentication
bySudeb Das
 
Data security and Integrity
byZaid Shabbir
 
Database Security, Threats & Countermeasures.pptx
bySaqibAhmedKhan4
 
Database security
byafzaalkhalid1
 
Database security
byBirju Tank
 
DB security
byERSHUBHAM TIWARI
 
Database security
byArpana shree
 
Database Security
byalraee
 
Database Security And Authentication
bySudeb Das
 

What's hot

PPTX
Database security
byMaryamAsghar9
 
PPTX
Database security
bySoftware Engineering
 
PPTX
DBMS SECURITY
byWasim Raza
 
PPTX
Data science applications and usecases
bySreenatha Reddy K R
 
PPTX
Security in distributed systems
byHaitham Ahmed
 
PPTX
Characteristic of dabase approach
byLuina Pani
 
PPTX
Physical database design(database)
bywelcometofacebook
 
PPTX
Distribution transparency and Distributed transaction
byshraddha mane
 
PDF
Data warehouse architecture
bypcherukumalla
 
PPTX
Distributed database
byReachLocal Services India
 
PDF
Big Data Evolution
byitnewsafrica
 
PDF
NOSQL- Presentation on NoSQL
byRamakant Soni
 
PPT
1. Introduction to DBMS
bykoolkampus
 
PPT
Data preprocessing
byankur bhalla
 
PPT
File organisation
bySamuel Igbanogu
 
PPT
11. Storage and File Structure in DBMS
bykoolkampus
 
PPTX
Lecture 1 ddbms
byMangesh Wanjari
 
PPTX
multi dimensional data model
bymoni sindhu
 
PPT
1.2 steps and functionalities
byKrish_ver2
 
PDF
Query trees
byShefa Idrees
 
Database security
byMaryamAsghar9
 
Database security
bySoftware Engineering
 
DBMS SECURITY
byWasim Raza
 
Data science applications and usecases
bySreenatha Reddy K R
 
Security in distributed systems
byHaitham Ahmed
 
Characteristic of dabase approach
byLuina Pani
 
Physical database design(database)
bywelcometofacebook
 
Distribution transparency and Distributed transaction
byshraddha mane
 
Data warehouse architecture
bypcherukumalla
 
Distributed database
byReachLocal Services India
 
Big Data Evolution
byitnewsafrica
 
NOSQL- Presentation on NoSQL
byRamakant Soni
 
1. Introduction to DBMS
bykoolkampus
 
Data preprocessing
byankur bhalla
 
File organisation
bySamuel Igbanogu
 
11. Storage and File Structure in DBMS
bykoolkampus
 
Lecture 1 ddbms
byMangesh Wanjari
 
multi dimensional data model
bymoni sindhu
 
1.2 steps and functionalities
byKrish_ver2
 
Query trees
byShefa Idrees
 

Similar to Database Security

PPTX
Data base security & integrity
byPooja Dixit
 
PPTX
Security of the database
byPratik Tamgadge
 
PPTX
Database security and privacy
byMd. Ahasan Hasib
 
PPTX
Database security and security in networks
byPrachi Gulihar
 
PPTX
Database Security Methods, DAC, MAC,View
byDr-Dipali Meher
 
DOCX
Database security
byMehrdad Jingoism
 
PDF
databasesecurit-phpapp01.pdf
byAnSHiKa187943
 
PPT
UNIT 1 DBMS Security made by me it hrlps you to makr your future bright.ppt
byAnuradhaGupta789099
 
PPT
Lecture 7 Database security managent such as backup, replication.ppt
byAnnKingori
 
PPTX
3130703_DBMS_GTU_Study_Material_Presentations_Unit-8_16102020044754AM.pptx
byRameshPrasadBhatta2
 
PPT
Database security copy
byfika sweety
 
PDF
Database security presentation in easy way
byArsalanMaqsood1
 
PPTX
Database Security and Management Systems
byIsmaelKakaRealsoft
 
PDF
uu (2).pdf
byuzairAsif268
 
PPTX
ch20 Secuity & Admin Transparencies-6E.pptx
byalhashediyemen1
 
PPT
Dstca
byajay vj
 
PPTX
Database Security - IK
byIlgın Kavaklıoğulları
 
PPT
Data base security
bySara Nazir
 
PDF
5db-security.pdf
byHODCA1
 
PPTX
01 database security ent-db
byuncleRhyme
 
Data base security & integrity
byPooja Dixit
 
Security of the database
byPratik Tamgadge
 
Database security and privacy
byMd. Ahasan Hasib
 
Database security and security in networks
byPrachi Gulihar
 
Database Security Methods, DAC, MAC,View
byDr-Dipali Meher
 
Database security
byMehrdad Jingoism
 
databasesecurit-phpapp01.pdf
byAnSHiKa187943
 
UNIT 1 DBMS Security made by me it hrlps you to makr your future bright.ppt
byAnuradhaGupta789099
 
Lecture 7 Database security managent such as backup, replication.ppt
byAnnKingori
 
3130703_DBMS_GTU_Study_Material_Presentations_Unit-8_16102020044754AM.pptx
byRameshPrasadBhatta2
 
Database security copy
byfika sweety
 
Database security presentation in easy way
byArsalanMaqsood1
 
Database Security and Management Systems
byIsmaelKakaRealsoft
 
uu (2).pdf
byuzairAsif268
 
ch20 Secuity & Admin Transparencies-6E.pptx
byalhashediyemen1
 
Dstca
byajay vj
 
Database Security - IK
byIlgın Kavaklıoğulları
 
Data base security
bySara Nazir
 
5db-security.pdf
byHODCA1
 
01 database security ent-db
byuncleRhyme
 

Recently uploaded

PPTX
OCCULTISM IN JEHOVAH'S WITNESSES' ARTWORK
byDaniel Barnea
 
PDF
PULSE according to Physiology special pdf for all medical sectors students & ...
byhttps://www.facebook.com/profile.php?id=61578457231735
 
PPTX
When UDL is no longer enough: Examining post-UDL reflections on inclusive des...
byFrederic Fovet
 
PPTX
Capacity Building Programme for Teachers on Equitable and Inclusive Education
byMUKHTAR133762
 
PPTX
CHAPTER NO. 09 HCP BY GG LABORATORY CLINICAL TEST
byGanu Gavade
 
PDF
1.The-Story-of-Indian-Farming ppt/7th part 2/by k sandeep swamy(MSc,BEd)/samy...
bySandeep Swamy
 
PDF
Halogen-Derivatives.pdf/BY K SANDEEP SWAMY/FOR ONLINE CLASSES CONTACT 9491878325
bySandeep Swamy
 
PDF
ATOMIC-STRUCTURE.pdf/class 11 chemistry/IITJEE AND NEET/By: K SANDEEP SWAMY(M...
bySandeep Swamy
 
PPTX
Prepositions of Place : English Grammar Presentation
byPintoo Dhillon
 
PPTX
Redox Titration - Oxidation and Reduction
byKhushbu Shah
 
PPTX
THEORIES OF LEARNING Shilpa Hotakar.pptx
bySHILPA HOTAKAR
 
PDF
eSAT-for-Teachers-2025-2028-ver.2-Nov2025 idp.pdf
byJunmelValientes
 
PDF
1. AI for E-content Development: What and Why, 2. E- content Development thro...
byProf. Vinod Kumar Kanvaria
 
PPTX
INSTAGRAM: Where Moment Turns Into Stories.pptx
byandriemark51
 
PPTX
OverView of AI in Products in Odoo 19
byCeline George
 
PPTX
Birthday Field in Employee Records Odoo 19
byCeline George
 
PPTX
Overview of SEO optimiser in Odoo 19 Website
byCeline George
 
PPTX
special senses-eye, ear, nose, tongue.pptx
byAshish Umale
 
PPTX
Report for Prepare Time Management in Odoo 19 POS
byCeline George
 
PPTX
Standard Development Principles in Assessing the Quality of Opinion Editorial...
byastairelyxx
 
OCCULTISM IN JEHOVAH'S WITNESSES' ARTWORK
byDaniel Barnea
 
PULSE according to Physiology special pdf for all medical sectors students & ...
byhttps://www.facebook.com/profile.php?id=61578457231735
 
When UDL is no longer enough: Examining post-UDL reflections on inclusive des...
byFrederic Fovet
 
Capacity Building Programme for Teachers on Equitable and Inclusive Education
byMUKHTAR133762
 
CHAPTER NO. 09 HCP BY GG LABORATORY CLINICAL TEST
byGanu Gavade
 
1.The-Story-of-Indian-Farming ppt/7th part 2/by k sandeep swamy(MSc,BEd)/samy...
bySandeep Swamy
 
Halogen-Derivatives.pdf/BY K SANDEEP SWAMY/FOR ONLINE CLASSES CONTACT 9491878325
bySandeep Swamy
 
ATOMIC-STRUCTURE.pdf/class 11 chemistry/IITJEE AND NEET/By: K SANDEEP SWAMY(M...
bySandeep Swamy
 
Prepositions of Place : English Grammar Presentation
byPintoo Dhillon
 
Redox Titration - Oxidation and Reduction
byKhushbu Shah
 
THEORIES OF LEARNING Shilpa Hotakar.pptx
bySHILPA HOTAKAR
 
eSAT-for-Teachers-2025-2028-ver.2-Nov2025 idp.pdf
byJunmelValientes
 
1. AI for E-content Development: What and Why, 2. E- content Development thro...
byProf. Vinod Kumar Kanvaria
 
INSTAGRAM: Where Moment Turns Into Stories.pptx
byandriemark51
 
OverView of AI in Products in Odoo 19
byCeline George
 
Birthday Field in Employee Records Odoo 19
byCeline George
 
Overview of SEO optimiser in Odoo 19 Website
byCeline George
 
special senses-eye, ear, nose, tongue.pptx
byAshish Umale
 
Report for Prepare Time Management in Odoo 19 POS
byCeline George
 
Standard Development Principles in Assessing the Quality of Opinion Editorial...
byastairelyxx
 

Database Security

  • 1.
    Presentation on Database Security Submitted to:CharmiPurohit Prepared By: Kumbhani Minaxi Limbasiya Jignasha Minaxi & Jignasha 1/24 Database Security
  • 2.
    Index  Definition  Datasecurity Lifecycle  Countermeasures - Authorization - Views - Backup And Recovery - Integrity - Encryption - RAID Technology Minaxi & Jignasha 2/24 Database Security
  • 3.
    What is DatabaseSecurity?  Database Security is the mechanism that protect the database against intentional or accidental threats.  Security policy describes the security measures enforced.  Security mechanisms of the underlying DBMS must be utilized to enforce the policy. Minaxi & Jignasha 3/24 Database Security
  • 4.
    Requirements Security curriculum isrelatively light in database systems area Focus currently on protecting information through network configuration, systems administration, application security Need to specifically consider database system security issues Minaxi & Jignasha 4/24 Database Security
  • 5.
    Goals Understand security issuesin: a general database system environment a specific DBMS (Oracle) environment Consider database security issues in context of general security principles and ideas Consider issues relating to both database storage and database system communication with other applications Minaxi & Jignasha 5/24 Database Security
  • 6.
    Main Message  Databasesystem security is more than securing the database • Secure database • Secure DBMS • Secure applications/application development • Secure operating system in relation to database system • Secure web server in relation to database system • Secure network environment in relation to database system Minaxi & Jignasha 6/24 Database Security
  • 7.
    Purpose  We considerdatabase security in relation to the following situations: - Theft and Fraud - Loss of confidentiality - Loss of privacy - Loss of integrity - Loss of availability Minaxi & Jignasha 7/24 Database Security
  • 8.
    Data Security Lifecycle Minaxi& Jignasha 8/24 Database Security
  • 9.
    Threat  Threat isany intentional or accidental event that may adversely affect the system.  Examples of threats: - Using another person’s log-in name to access data - Unauthorized copying data - Program/Data alteration - Illegal entry by hacker - Viruses Minaxi & Jignasha 9/24 Database Security
  • 10.
    Countermeasures  A Countermeasuresis an action that you take on order to weaken the effect of another action, a situation, or to make it harmless.  Because the threat never developed, We didn’t need to take any real countermeasures. Minaxi & Jignasha 10/24 Database Security
  • 11.
    Countermeasures  Computer-Based Controls: -Authorization - Authenticating - Views - Backup and Recovery - Integrity - Encryption - Privileges,Roles,GrantRevoke - RAID Technology Minaxi & Jignasha 11/24 Database Security
  • 12.
    Authorization  The grantingof a privilege that enable a user to have a legitimate access to a system.  They are sometimes referred as access controls.  The process of authorization involves authenticating the user requesting access to objects. Minaxi & Jignasha 12/24 Database Security
  • 13.
    Authenticating  Means amechanism that determines whether a user is who he/she claim to be.  A system administrator is responsible for allowing users to have access to the system by creating individual user accounts. Minaxi & Jignasha 13/24 Database Security
  • 14.
     Four AuthenticatingUsers to the Database: 1)Introduction to User Authentication 2)password for Authentication 3)Strong Authentication 4)Proxy Authentication and Authorization Minaxi & Jignasha 14/24 Database Security
  • 15.
    Views  A viewis virtual relation that does not actually exit in the database, but is produced upon request by a particular user, at the time of request.  The view mechanism provides a powerful and flexible security mechanism by hiding parts of the database from certain users.  The user is not aware of the existence of any attributes or rows that are missing from the view. Minaxi & Jignasha 15/24 Database Security
  • 16.
    Backup and Recovery DBMS should provide backup facilities to assist with the recovery of a database failure.  backup and recovery refers to the various strategies and procedures involved in protecting your database against data loss and reconstructing the database after any kind of data loss. Minaxi & Jignasha 16/24 Database Security
  • 17.
     Backups canbe divided into physical backups and logical backups.  Backup have two distinct purpose: 1)Primary purpose is to recover data After it’s loss, be it by data deletion or corruption. 2)Secondary purpose of backup is to recover data from an earlier time. Minaxi & Jignasha 17/24 Database Security
  • 18.
    Integrity  Data integrityis a fundamental component of information security.  Maintaining a secure database system by preventing data from becoming invalid.  Only authorized users should be allowed to modify data.  Numeric columns should not accept alphabetic data.  For example, students Minaxi & Jignasha 18/24 Database Security
  • 19.
    Encryption  The encodingof data by a special algorithm that renders the data unreadable by any program without the decryption key.  It also protects the data transmitted over communication lines. Plain-Data Encrypted Data Algorithm and Password Minaxi & Jignasha 19/24 Database Security
  • 20.
    privilege  A privilegeallows a user to access some data object in a certain manner (e.g., to read or to modify).  SQL-92 supports access control through GRANT and REVOKE commands.  GRANT command: Give users privileges to base tables and views.  REVOKE command: intended to achieve the reverse, to withdraw the granted privilege from the user. Minaxi & Jignasha 20/24 Database Security
  • 21.
    Grant and Revoke Black Brown(owner) Red White GRANT SELECT ON Employee TO Red GRANT SELECT ON Employee TO Black WITH GRANT OPTION ? Brown revokes grant given to Black ? Brown does not want Red to access the Employee relationGRANT UPDATE(Salary) ON Employee TO White Minaxi & Jignasha 21/24 Database Security
  • 22.
    RAID Technology  RedundantArray of Independent Disks  The DBMS is running on must be fault-tolerant, meaning that the DBMS should continue to operate even if one of the hardware components fails. One solution is the use of RAID technology.  RAID works on having a large disk array comprising an arrangement of several independent disks that are organized to improve reliability and at the same time increase performance. Minaxi & Jignasha 22/24 Database Security
  • 23.
    References  http://www.wikipedia.com  http://www.techonNet.com http://www.About.com/Databases Minaxi & Jignasha 23/24 Database Security