SlideShare a Scribd company logo

Study of Security functionality in Distributed Database.pptx

Download as PPTX, PDF
H
HasibAhmadKhaliqi1

A detail on Study of Security functionality in Distributed Database.pptx

Data & Analytics
1 of 22
Study of Security Functionality in Distributed Databases Presented By: Hasib Ahmad Khaliqi
Contents Introduction to Distributed Database Concepts in Secure Database Multilevel Security Discretionary Security Security of Emerging Distributed System Technologies The Security Challenges of DDS Solutions to address the Security Challenges Conclusion References Inference Problem
Introduction to Distributed Databases • A distributed database is data that is distributed across multiple databases. • A distributed database system includes: o Distributed database management system (DDBMS) o Distributed database o Network for interconnection. • The DDBMS manages the distributed database. • Distributed database system functions include: o Distributed query management o Distributed transaction processing o Distributed metadata management o Enforcing security and integrity across the multiple nodes.
Concepts in Secure Databases • Much of the early work on secure databases was on discretionary security. • The major issues in security are: o Authentication o Identification o Enforcing appropriate access controls • Some of the most important security requirements for database management systems are: o Multi-Level Access Control o Confidentiality: Confidentiality measures protect information from unauthorized access and misuse. o Reliability: is defined broadly to mean that the database performs consistently without causing problems. More specifically, it means that there is accuracy and consistency of data. o Integrity: Integrity measures protect information from unauthorized alteration. o Recovery: is the process of restoring the database to a correct (consistent) state in the event of a failure.
Multilevel Security • In an MLS/DBMS, users cleared at different security levels access and share a database with data at different security levels (also called sensitivity levels) without violating security. • It is generally assumed that the security levels form a lattice where: o Unclassified < Confidential < Secret < TopSecret • An MLS/DBMS may also support users and data at different compartments or categories. • Multilevel security is a security policy that allows you to classify objects and users based on a system of hierarchical security levels and a system of non-hierarchical security categories. • Multilevel security provides the capability to prevent unauthorized users from accessing information at a higher classification than their authorization, and prevents users from declassifying information. • The security policy of MLS/DBMSs includes: o Mandatory access control (MAC): Mandatory security controls restrict access to data depending on the sensitivity levels of the data and the clearance level of the user. In general, most MLS/DBMSs enforce a MAC policy where a subject reads an object (such as row or relation) if the subject’s security level dominates the security level of the object and a subject updates an object if the subject’s security level is that of the object. o Discretionary access control (DAC): Discretionary security measures are usually in the form of rules, which specify the type of access that users or groups of users may have to different kinds of data. o Other components of the security policy include policies for integrity, identification and authentication, auditing and accounting. • Two type of architecures proposed in Multilevel security: o Distributed Data and Centralized Control o Distributed Data and Distributed Control
Distributed Data and Centralized Control Security In this architecture, the data is distributed while control is centralized. Two approaches were proposed at the Summer Study. In the first of these approaches, known as the Partitioned approach, a trusted front-end database system is connected to non-trusted back-end database systems. Each back-end database system operates at a single level and manages data at that level. For example, an Unclassified DBMS manages the unclassified data while a Secret DBMS manages Secret data. All communication between the backend database systems is through the front-end database system. A user’s query is sent to the DBMS at the user’s level or below the user’s level. Update requests are sent only to the DBMS at the user’s level. For example, a Secret user ’s query is sent to the Secret and Unclassified DBMSs, while a Secret user’s update request is sent only to the Secret DBMS. It was found that there was potential for covert channels with this approach as a Secret user’s query could have sensitive information that is sent to an Unclassified DBMS. As a result, a second approach was examined where data is replicated. In this approach, the unclassified data İlker Köse, GYTE, Veri ve Ağ Güvenliği, Distributed Database Security, Spring 2002 6is replicated at the Secret and Top- Secret databases, and the Secret data is replicated at the Top-Secret database. This way, a user’s query is sent only to the DBMS at the user’s level. The update request is sent to the replicated databases. While there is no covert channel for the query operation, since a user’s update is propagated upwards, there is a potential for covert channels during the update operation. Nevertheless, this issue has been studied extensively and shown that the bandwidth of the channel is fairly low. Therefore, the preferred approach is the replicated approach. This approach has been studied extensively both at Unisys and at the Naval Research Laboratory.
Distributed Data and Distributed Control • In a multilevel secure distributed database management system (MLS/DDBMS), users cleared at different security levels access and share a distributed database consisting of data at different security levels without violating security. • In this architecture, the MLS/DDBMS consists of several nodes that are interconnected by a multilevel secure network. • In a homogeneous environment, all of the nodes are designed identically. • Each node is capable of handling multilevel data. Each node has a MLS/DBMS, which manages the local multilevel database. • Each node also has a distributed processing component called the Secure Distributed Processor (SDP). The modules of the SDP are similar to those of the DDBMS described above. • Multilevel security must be taken into consideration during all of the processing. First of all, an appropriate security policy has to be formulated. This policy will depend on the policies of the local DBMS, the network and the distributed processor. • The algorithms for query, update and transaction processing in a DDBMS have to be extended to handle multilevel security. Locking techniques could cause covert channels. Therefore, algorithms for MLS/DBMSs have to be integrated with algorithms for DDBMSs to handle MLS/DDBMSs. These algorithms are implemented by the SDTM. Finally, security and integrity processing techniques for MLS/DBMSs and DDBMSs have to be extended for MLS/DDBMSs. For example, in the case of the SDSM, it has to consider multilevel security within functions such as identification, authentication and enforcing discretionary security controls.
Discretionary Security • Discretionary security mechanisms enforce rules which specify the types of access that users or groups of users have to the data. • Multilevel security controls ensure that users cleared at different security levels access and share a distributed database in which the data is assigned different sensitivity levels without compromising security. • In this section, we describe both types of security. In a distributed environment, users need to be authenticated with respect to the local system as well as the global environment. • An issue here is whether the authentication mechanism should be centralized or distributed. If it is centralized, then the authenticator needs to have information about all of the users of the system. If the authenticator is distributed, then the various components of the authenticator need to communicate with each other to authenticate a user. • The access control rules enforced in a distributed environment may be distributed, centralized or replicated. If the rules are centralized, then the central server needs to check all accesses to the database. • If the rules are distributed, then appropriate rules need to be located and enforced for a particular access. • Often the rules associated with a particular database may also be stored at the same site. If the rules are replicated, then each node can carry out the access control checks for the data that it manages.
Inference Problem • The inference problem has received a great deal of attention for many years. There is still work on this problem especially with emerging technologies such as data warehousing, data mining and the web. • Inference is the process of users posing queries and deducing unauthorized information from the legitimate responses that they receive. • This problem has been discussed a great deal over the past two decades. However, data mining makes this problem worse. • Users now have sophisticated tools that they can employ to get data and deduce patterns that could be sensitive. Without these data mining tools, users would have to be fairly sophisticated in their reasoning to be able to deduce information from posing queries to the databases. • In short, data mining tools make the inference problem quite dangerous. • Essentially, the query processor of the MLS/DDBMS described in the preceding subsection was examined and augmented with constraint processors.
Heterogeneous and Federated Systems Security • In particular, various approaches to designing heterogeneous and federated database systems were examined and the security impact was investigated. • The issues include security for integrating the federated schemas as well as handling different ranges of security levels. • For example, one system could handle the range from Secret to Top-Secret, while another system could handle the range from Unclassified to Secret. • Issues on integrating heterogeneous database schemas in a secure environment were also investigated. Much of the work here focused on query processing issues. • In addition, prototype systems were also developed. The approaches examined both the multidatabase and the nonmultidatabase architectures. Around 1992, the MITRE Corporation began an effort called MUSET (Multilevel Secure Transactions) database system. This effort focused mainly on transaction management in a heterogeneous database system. This effort also investigated concurrency control, recovery and commit protocols for multilevel transactions. • A multilevel transaction is a transaction that can operate at multiple security levels. For example, a sub-transaction at one site could operate at the unclassified level, while another sub-transaction at a different site could operate at the Secret level. • The challenge here is to ensure consistency and at the same time minimize covert channels. Other work on secure distributed database systems includes various concurrency control algorithms for transactions.
Security for Emerging Distributed System Technologies Data warehouse: The major issues here are ensuring that security is maintained in building a data warehouse from the backend database systems and also enforcing appropriate access control techniques when retrieving the data from the warehouse. For example, security policies of the different data sources that form the warehouse have to be integrated to form a policy for the warehouse. Data mining: Data mining causes serious security problems. For example, consider a user who has the ability to apply data mining tools. This user can pose various queries and infer a sensitive hypothesis. That is, the inference problem occurs via data mining. Collaborative computing systems, distributed object management systems and the web
The security challenges of DDBS Distribution Design Operating Environment Replication Control Distributed Deadlock Management Distributed Concurrency Control • The Distributed Concurrency Control is the integrity of the database is maintained by specifying the synchronization of access to the distributed database to manage concurrency; • different locking techniques uses based on the mutual exclusion of access to data. • The Replication Control applies to distributed systems where a database is supposed to be replicated if the whole database or its percentage is copied. The copies are stockpiled at different sites. Having more than one copy of a database, the issue is continuing the copies' communal uniformity, ensuring with all copies are identical schema and data. • Deadlock Handling if the users request the same resources from the database if the resources are obtainable, then the database allows permission for the resources to that user if not available. The user has to wait until the resources have released another user. Sometimes the users do not remove the resources blocked by some other users. • To implement distributed database environment, a specific operating system is required as per organizational requirements. The operating system plays a vital role in managing the distributed database because sometimes it supports the distributed database. • Furthermore, the central problem area in the distributed database where data is located in numerous locations and the number is used. So, the transparent management of information is essential to maintain the integrity of the distributed database.
Solutions to address the security challenges of DDBS Locking Techniques Design Fragmentation Deadlock Detection Agents Summary-schema Model • Locking as a technique of synchronizing the access through concurrent transactions towards database items that resolve the distributed concurrency control. • Through fragmentation, a lot of topics in DDBS can be resolved. Fragmentation is when large schema records are divided into independent pieces or parts to increase the speed of query processing. This also enables us to achieve the distribution design and security issues in DDBS. • For deadlock handling issues, Krivokapic et al. presented the deadlock detection agents (DDAs). Deadlock resolution strategies determine which transaction(s) are to be aborted in order to resolve the deadlock. • Bright and Hurson introduce the summary- schema model, one of the possible solutions to powerful user interfaces, effective distribution of processing, and increased semantic content in distributed design
Conclusion • Distributed database systems are a reality. • Many organizations are now deploying distributed database systems. • Therefore, we have no choice but to ensure that these systems operate in a secure environment. • We believe that as more and more technologies emerge, the impact of secure distributed database systems on these technologies will be significant.
References • B. Thuraisingham, Security for Distributed Database Systems, Computers & Security, 2000. • Simon Wiseman, DERA, Database Security: Retrospective and Way Forward, 2001 • A. A. Akintola, G. A. Aderounmu and A. U. Osakwe (2005). “Performing Modeling of an Enhanced Optimistic Locking Architecture for Concurrency Control in a Distributed Database System”, ACM vol.37, No.4, November 2005 • https://studylib.net/doc/14661240/distributed- database-security--introduction-i%CC%87lker- k%C3%B6se • http://ignited.in/I/a/242216
THANK YOU
DD Security and Threats Data security is of specific significance in distributed systems due to huge number of clients, divided and reproduced data, different locales and distributed control.
Measures of Control in D. Database The measures of control can be broadly divided into the following categories – Access control includes security mechanisms in a database management system to protect against unauthorized access. A user can gain access to the database after clearing the login process through only valid user accounts. Each user account is password protected. Access Control Flow Control You can simply Distributed systems encompass a lot of data flow from one site to another and also within a site. Flow control prevents data from being transferred in such a way that it can be accessed by unauthorized agents. A flow policy lists out the channels through which information can flow. It also defines security classes for data as well as transactions. your audience and add a unique zing and appeal to your Presentations. Data Encryption You can simply impress your audience and add a unique Data encryption refers to coding data when sensitive data is to be communicated over public channels. Even if an unauthorized agent gains access of the data, he cannot understand it since it is in an incomprehensible format. and appeal to your Presentations.
TYPES OF DATABASE SECURITY Auditing Validation Encryption
Auditing Auditing is a procedure of inspecting all security pertinent occasions to find and analyze the security infringement of database. It is an assortment of efficient review data and investigation which needs assurance from change by a gatecrasher.
Validation Before accessing a system, each client is distinguished and verified .it is an affirmation of a person or thing is credible to utilize the assets of the system.
Encryption encryption is a piece of cryptography where a calculation for the most part called as figure is utilized to change data (called plaintext) into incomprehensible to anybody with the exception of those clients who have unique information and certifications.

Recommended

Final Study of Security functionality in Distributed Database.pptx
Final Study of Security functionality in Distributed Database.pptxFinal Study of Security functionality in Distributed Database.pptx
Final Study of Security functionality in Distributed Database.pptxHasibAhmadKhaliqi1
 
Ijetcas14 583
Ijetcas14 583Ijetcas14 583
Ijetcas14 583Iasir Journals
 
Database security
Database securityDatabase security
Database securitykeerthusandeepreddy
 
Unit 2 - Chapter 7 (Database Security).pptx
Unit 2 - Chapter 7 (Database Security).pptxUnit 2 - Chapter 7 (Database Security).pptx
Unit 2 - Chapter 7 (Database Security).pptxSakshiGawde6
 
Data security and Integrity
Data security and IntegrityData security and Integrity
Data security and IntegrityZaid Shabbir
 
IT 650 Principles of Database DesignProject Milestone – 5.docx
IT 650 Principles of Database DesignProject Milestone – 5.docxIT 650 Principles of Database DesignProject Milestone – 5.docx
IT 650 Principles of Database DesignProject Milestone – 5.docxpriestmanmable
 
Encryption technology
Encryption technologyEncryption technology
Encryption technologySivakumarraju Gangaraju
 
Data Domain-Driven Design
Data Domain-Driven DesignData Domain-Driven Design
Data Domain-Driven DesignKiran Kumar Chittoori
 

Recommended

Final Study of Security functionality in Distributed Database.pptx
Final Study of Security functionality in Distributed Database.pptxFinal Study of Security functionality in Distributed Database.pptx
Final Study of Security functionality in Distributed Database.pptxHasibAhmadKhaliqi1
 
Ijetcas14 583
Ijetcas14 583Ijetcas14 583
Ijetcas14 583Iasir Journals
 
Database security
Database securityDatabase security
Database securitykeerthusandeepreddy
 
Unit 2 - Chapter 7 (Database Security).pptx
Unit 2 - Chapter 7 (Database Security).pptxUnit 2 - Chapter 7 (Database Security).pptx
Unit 2 - Chapter 7 (Database Security).pptxSakshiGawde6
 
Data security and Integrity
Data security and IntegrityData security and Integrity
Data security and IntegrityZaid Shabbir
 
IT 650 Principles of Database DesignProject Milestone – 5.docx
IT 650 Principles of Database DesignProject Milestone – 5.docxIT 650 Principles of Database DesignProject Milestone – 5.docx
IT 650 Principles of Database DesignProject Milestone – 5.docxpriestmanmable
 
Encryption technology
Encryption technologyEncryption technology
Encryption technologySivakumarraju Gangaraju
 
Data Domain-Driven Design
Data Domain-Driven DesignData Domain-Driven Design
Data Domain-Driven DesignKiran Kumar Chittoori
 
Who has the data ... and will breach the duty of confidence
Who has the data ... and will breach the duty of confidenceWho has the data ... and will breach the duty of confidence
Who has the data ... and will breach the duty of confidenceEmil Lupu
 
An Overview of Security in Distributed Database Management System
An Overview of Security in Distributed Database Management SystemAn Overview of Security in Distributed Database Management System
An Overview of Security in Distributed Database Management SystemIJSRD
 
Santosh Kumar Meher(2105040008) DISTRIBUTED DATABASE.pptx
Santosh Kumar Meher(2105040008) DISTRIBUTED DATABASE.pptxSantosh Kumar Meher(2105040008) DISTRIBUTED DATABASE.pptx
Santosh Kumar Meher(2105040008) DISTRIBUTED DATABASE.pptxSANTOSH KUMAR MEHER
 
Lecture 9.pptx
Lecture 9.pptxLecture 9.pptx
Lecture 9.pptxJiyaMalik33
 
MobileDBSecurity.pptx
MobileDBSecurity.pptxMobileDBSecurity.pptx
MobileDBSecurity.pptxmissionsk81
 
Distributed database management system
Distributed database management systemDistributed database management system
Distributed database management systemVinay D. Patel
 
Distributed database security with discretionary access control
Distributed database security with discretionary access controlDistributed database security with discretionary access control
Distributed database security with discretionary access controlJyotishkar Dey
 
Presentation (6).pptx
Presentation (6).pptxPresentation (6).pptx
Presentation (6).pptxMSMuthu5
 
Chapter-1 Introduction to Database Management Systems
Chapter-1 Introduction to Database Management SystemsChapter-1 Introduction to Database Management Systems
Chapter-1 Introduction to Database Management SystemsKunal Anand
 
Introduction & history of dbms
Introduction & history of dbmsIntroduction & history of dbms
Introduction & history of dbmssethu pm
 
Software Defined Networking in the ATMOSPHERE project
Software Defined Networking in the ATMOSPHERE projectSoftware Defined Networking in the ATMOSPHERE project
Software Defined Networking in the ATMOSPHERE projectATMOSPHERE .
 
Agent-Driven Distributed Data Mining
Agent-Driven Distributed Data MiningAgent-Driven Distributed Data Mining
Agent-Driven Distributed Data MiningEditor IJCATR
 
Chapter 01 Fundamental of Database Management System (DBMS)
Chapter 01 Fundamental of Database Management System (DBMS)Chapter 01 Fundamental of Database Management System (DBMS)
Chapter 01 Fundamental of Database Management System (DBMS)Abdurehman Mahmud
 
Introduction to databasecasmfnbskdfjnfkjsdnsjkdfn
Introduction to databasecasmfnbskdfjnfkjsdnsjkdfnIntroduction to databasecasmfnbskdfjnfkjsdnsjkdfn
Introduction to databasecasmfnbskdfjnfkjsdnsjkdfnaj01bhisma
 
CLOUD COMPUTING.pdf
CLOUD COMPUTING.pdfCLOUD COMPUTING.pdf
CLOUD COMPUTING.pdfProtelion
 
CLOUD COMPUTING.pdf
CLOUD COMPUTING.pdfCLOUD COMPUTING.pdf
CLOUD COMPUTING.pdfProtelion
 
Database Management System.pptx
Database Management System.pptxDatabase Management System.pptx
Database Management System.pptxAaravSharma743156
 
Data Analytics: HDFS with Big Data : Issues and Application
Data Analytics: HDFS with Big Data : Issues and ApplicationData Analytics: HDFS with Big Data : Issues and Application
Data Analytics: HDFS with Big Data : Issues and ApplicationDr. Chitra Dhawale
 
1784 1788
1784 17881784 1788
1784 1788Editor IJARCET
 
1784 1788
1784 17881784 1788
1784 1788Editor IJARCET
 
BPAC WITH UFSBI GENERAL PRESENTATION 18_05_2017-1.pptx
BPAC WITH UFSBI GENERAL PRESENTATION 18_05_2017-1.pptxBPAC WITH UFSBI GENERAL PRESENTATION 18_05_2017-1.pptx
BPAC WITH UFSBI GENERAL PRESENTATION 18_05_2017-1.pptxMohammedJunaid861692
 
Delhi Call Girls Punjabi Bagh 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Punjabi Bagh 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls Punjabi Bagh 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Punjabi Bagh 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Callshivangimorya083
 

More Related Content

Similar to Study of Security functionality in Distributed Database.pptx

Who has the data ... and will breach the duty of confidence
Who has the data ... and will breach the duty of confidenceWho has the data ... and will breach the duty of confidence
Who has the data ... and will breach the duty of confidenceEmil Lupu
 
An Overview of Security in Distributed Database Management System
An Overview of Security in Distributed Database Management SystemAn Overview of Security in Distributed Database Management System
An Overview of Security in Distributed Database Management SystemIJSRD
 
Santosh Kumar Meher(2105040008) DISTRIBUTED DATABASE.pptx
Santosh Kumar Meher(2105040008) DISTRIBUTED DATABASE.pptxSantosh Kumar Meher(2105040008) DISTRIBUTED DATABASE.pptx
Santosh Kumar Meher(2105040008) DISTRIBUTED DATABASE.pptxSANTOSH KUMAR MEHER
 
MobileDBSecurity.pptx
MobileDBSecurity.pptxMobileDBSecurity.pptx
MobileDBSecurity.pptxmissionsk81
 
Distributed database management system
Distributed database management systemDistributed database management system
Distributed database management systemVinay D. Patel
 
Distributed database security with discretionary access control
Distributed database security with discretionary access controlDistributed database security with discretionary access control
Distributed database security with discretionary access controlJyotishkar Dey
 
Presentation (6).pptx
Presentation (6).pptxPresentation (6).pptx
Presentation (6).pptxMSMuthu5
 
Chapter-1 Introduction to Database Management Systems
Chapter-1 Introduction to Database Management SystemsChapter-1 Introduction to Database Management Systems
Chapter-1 Introduction to Database Management SystemsKunal Anand
 
Introduction & history of dbms
Introduction & history of dbmsIntroduction & history of dbms
Introduction & history of dbmssethu pm
 
Software Defined Networking in the ATMOSPHERE project
Software Defined Networking in the ATMOSPHERE projectSoftware Defined Networking in the ATMOSPHERE project
Software Defined Networking in the ATMOSPHERE projectATMOSPHERE .
 
Agent-Driven Distributed Data Mining
Agent-Driven Distributed Data MiningAgent-Driven Distributed Data Mining
Agent-Driven Distributed Data MiningEditor IJCATR
 
Chapter 01 Fundamental of Database Management System (DBMS)
Chapter 01 Fundamental of Database Management System (DBMS)Chapter 01 Fundamental of Database Management System (DBMS)
Chapter 01 Fundamental of Database Management System (DBMS)Abdurehman Mahmud
 
Introduction to databasecasmfnbskdfjnfkjsdnsjkdfn
Introduction to databasecasmfnbskdfjnfkjsdnsjkdfnIntroduction to databasecasmfnbskdfjnfkjsdnsjkdfn
Introduction to databasecasmfnbskdfjnfkjsdnsjkdfnaj01bhisma
 
CLOUD COMPUTING.pdf
CLOUD COMPUTING.pdfCLOUD COMPUTING.pdf
CLOUD COMPUTING.pdfProtelion
 
CLOUD COMPUTING.pdf
CLOUD COMPUTING.pdfCLOUD COMPUTING.pdf
CLOUD COMPUTING.pdfProtelion
 
Database Management System.pptx
Database Management System.pptxDatabase Management System.pptx
Database Management System.pptxAaravSharma743156
 
Data Analytics: HDFS with Big Data : Issues and Application
Data Analytics: HDFS with Big Data : Issues and ApplicationData Analytics: HDFS with Big Data : Issues and Application
Data Analytics: HDFS with Big Data : Issues and ApplicationDr. Chitra Dhawale
 

Similar to Study of Security functionality in Distributed Database.pptx (20)

Who has the data ... and will breach the duty of confidence
Who has the data ... and will breach the duty of confidenceWho has the data ... and will breach the duty of confidence
Who has the data ... and will breach the duty of confidence
 
An Overview of Security in Distributed Database Management System
An Overview of Security in Distributed Database Management SystemAn Overview of Security in Distributed Database Management System
An Overview of Security in Distributed Database Management System
 
Santosh Kumar Meher(2105040008) DISTRIBUTED DATABASE.pptx
Santosh Kumar Meher(2105040008) DISTRIBUTED DATABASE.pptxSantosh Kumar Meher(2105040008) DISTRIBUTED DATABASE.pptx
Santosh Kumar Meher(2105040008) DISTRIBUTED DATABASE.pptx
 
Lecture 9.pptx
Lecture 9.pptxLecture 9.pptx
Lecture 9.pptx
 
MobileDBSecurity.pptx
MobileDBSecurity.pptxMobileDBSecurity.pptx
MobileDBSecurity.pptx
 
Distributed database management system
Distributed database management systemDistributed database management system
Distributed database management system
 
Distributed database security with discretionary access control
Distributed database security with discretionary access controlDistributed database security with discretionary access control
Distributed database security with discretionary access control
 
Presentation (6).pptx
Presentation (6).pptxPresentation (6).pptx
Presentation (6).pptx
 
Chapter-1 Introduction to Database Management Systems
Chapter-1 Introduction to Database Management SystemsChapter-1 Introduction to Database Management Systems
Chapter-1 Introduction to Database Management Systems
 
Introduction & history of dbms
Introduction & history of dbmsIntroduction & history of dbms
Introduction & history of dbms
 
Software Defined Networking in the ATMOSPHERE project
Software Defined Networking in the ATMOSPHERE projectSoftware Defined Networking in the ATMOSPHERE project
Software Defined Networking in the ATMOSPHERE project
 
Agent-Driven Distributed Data Mining
Agent-Driven Distributed Data MiningAgent-Driven Distributed Data Mining
Agent-Driven Distributed Data Mining
 
Chapter 01 Fundamental of Database Management System (DBMS)
Chapter 01 Fundamental of Database Management System (DBMS)Chapter 01 Fundamental of Database Management System (DBMS)
Chapter 01 Fundamental of Database Management System (DBMS)
 
Introduction to databasecasmfnbskdfjnfkjsdnsjkdfn
Introduction to databasecasmfnbskdfjnfkjsdnsjkdfnIntroduction to databasecasmfnbskdfjnfkjsdnsjkdfn
Introduction to databasecasmfnbskdfjnfkjsdnsjkdfn
 
CLOUD COMPUTING.pdf
CLOUD COMPUTING.pdfCLOUD COMPUTING.pdf
CLOUD COMPUTING.pdf
 
CLOUD COMPUTING.pdf
CLOUD COMPUTING.pdfCLOUD COMPUTING.pdf
CLOUD COMPUTING.pdf
 
Database Management System.pptx
Database Management System.pptxDatabase Management System.pptx
Database Management System.pptx
 
Data Analytics: HDFS with Big Data : Issues and Application
Data Analytics: HDFS with Big Data : Issues and ApplicationData Analytics: HDFS with Big Data : Issues and Application
Data Analytics: HDFS with Big Data : Issues and Application
 
1784 1788
1784 17881784 1788
1784 1788
 
1784 1788
1784 17881784 1788
1784 1788
 

Recently uploaded

BPAC WITH UFSBI GENERAL PRESENTATION 18_05_2017-1.pptx
BPAC WITH UFSBI GENERAL PRESENTATION 18_05_2017-1.pptxBPAC WITH UFSBI GENERAL PRESENTATION 18_05_2017-1.pptx
BPAC WITH UFSBI GENERAL PRESENTATION 18_05_2017-1.pptxMohammedJunaid861692
 
Delhi Call Girls Punjabi Bagh 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Punjabi Bagh 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls Punjabi Bagh 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Punjabi Bagh 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Callshivangimorya083
 
Call Girls in Sarai Kale Khan Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escorts S...
Call Girls in Sarai Kale Khan Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escorts S...Call Girls in Sarai Kale Khan Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escorts S...
Call Girls in Sarai Kale Khan Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escorts S...Delhi Call girls
 
VIP Call Girls in Amravati Aarohi 8250192130 Independent Escort Service Amravati
VIP Call Girls in Amravati Aarohi 8250192130 Independent Escort Service AmravatiVIP Call Girls in Amravati Aarohi 8250192130 Independent Escort Service Amravati
VIP Call Girls in Amravati Aarohi 8250192130 Independent Escort Service AmravatiSuhani Kapoor
 
Introduction-to-Machine-Learning (1).pptx
Introduction-to-Machine-Learning (1).pptxIntroduction-to-Machine-Learning (1).pptx
Introduction-to-Machine-Learning (1).pptxfirstjob4
 
04242024_CCC TUG_Joins and Relationships
04242024_CCC TUG_Joins and Relationships04242024_CCC TUG_Joins and Relationships
04242024_CCC TUG_Joins and Relationshipsccctableauusergroup
 
Al Barsha Escorts $#$ O565212860 $#$ Escort Service In Al Barsha
Al Barsha Escorts $#$ O565212860 $#$ Escort Service In Al BarshaAl Barsha Escorts $#$ O565212860 $#$ Escort Service In Al Barsha
Al Barsha Escorts $#$ O565212860 $#$ Escort Service In Al BarshaAroojKhan71
 
BabyOno dropshipping via API with DroFx.pptx
BabyOno dropshipping via API with DroFx.pptxBabyOno dropshipping via API with DroFx.pptx
BabyOno dropshipping via API with DroFx.pptxolyaivanovalion
 
Generative AI on Enterprise Cloud with NiFi and Milvus
Generative AI on Enterprise Cloud with NiFi and MilvusGenerative AI on Enterprise Cloud with NiFi and Milvus
Generative AI on Enterprise Cloud with NiFi and MilvusTimothy Spann
 
Mature dropshipping via API with DroFx.pptx
Mature dropshipping via API with DroFx.pptxMature dropshipping via API with DroFx.pptx
Mature dropshipping via API with DroFx.pptxolyaivanovalion
 
定制英国白金汉大学毕业证(UCB毕业证书) 成绩单原版一比一
定制英国白金汉大学毕业证(UCB毕业证书) 成绩单原版一比一定制英国白金汉大学毕业证(UCB毕业证书) 成绩单原版一比一
定制英国白金汉大学毕业证(UCB毕业证书) 成绩单原版一比一ffjhghh
 
RA-11058_IRR-COMPRESS Do 198 series of 1998
RA-11058_IRR-COMPRESS Do 198 series of 1998RA-11058_IRR-COMPRESS Do 198 series of 1998
RA-11058_IRR-COMPRESS Do 198 series of 1998YohFuh
 
Brighton SEO | April 2024 | Data Storytelling
Brighton SEO | April 2024 | Data StorytellingBrighton SEO | April 2024 | Data Storytelling
Brighton SEO | April 2024 | Data StorytellingNeil Barnes
 
Week-01-2.ppt BBB human Computer interaction
Week-01-2.ppt BBB human Computer interactionWeek-01-2.ppt BBB human Computer interaction
Week-01-2.ppt BBB human Computer interactionfulawalesam
 
Midocean dropshipping via API with DroFx
Midocean dropshipping via API with DroFxMidocean dropshipping via API with DroFx
Midocean dropshipping via API with DroFxolyaivanovalion
 
CebaBaby dropshipping via API with DroFX.pptx
CebaBaby dropshipping via API with DroFX.pptxCebaBaby dropshipping via API with DroFX.pptx
CebaBaby dropshipping via API with DroFX.pptxolyaivanovalion
 
VIP High Class Call Girls Jamshedpur Anushka 8250192130 Independent Escort Se...
VIP High Class Call Girls Jamshedpur Anushka 8250192130 Independent Escort Se...VIP High Class Call Girls Jamshedpur Anushka 8250192130 Independent Escort Se...
VIP High Class Call Girls Jamshedpur Anushka 8250192130 Independent Escort Se...Suhani Kapoor
 
April 2024 - Crypto Market Report's Analysis
April 2024 - Crypto Market Report's AnalysisApril 2024 - Crypto Market Report's Analysis
April 2024 - Crypto Market Report's Analysismanisha194592
 
Halmar dropshipping via API with DroFx
Halmar dropshipping via API with DroFxHalmar dropshipping via API with DroFx
Halmar dropshipping via API with DroFxolyaivanovalion
 

Recently uploaded (20)

BPAC WITH UFSBI GENERAL PRESENTATION 18_05_2017-1.pptx
BPAC WITH UFSBI GENERAL PRESENTATION 18_05_2017-1.pptxBPAC WITH UFSBI GENERAL PRESENTATION 18_05_2017-1.pptx
BPAC WITH UFSBI GENERAL PRESENTATION 18_05_2017-1.pptx
 
Delhi Call Girls Punjabi Bagh 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Punjabi Bagh 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls Punjabi Bagh 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Punjabi Bagh 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
 
Call Girls in Sarai Kale Khan Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escorts S...
Call Girls in Sarai Kale Khan Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escorts S...Call Girls in Sarai Kale Khan Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escorts S...
Call Girls in Sarai Kale Khan Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escorts S...
 
VIP Call Girls in Amravati Aarohi 8250192130 Independent Escort Service Amravati
VIP Call Girls in Amravati Aarohi 8250192130 Independent Escort Service AmravatiVIP Call Girls in Amravati Aarohi 8250192130 Independent Escort Service Amravati
VIP Call Girls in Amravati Aarohi 8250192130 Independent Escort Service Amravati
 
Introduction-to-Machine-Learning (1).pptx
Introduction-to-Machine-Learning (1).pptxIntroduction-to-Machine-Learning (1).pptx
Introduction-to-Machine-Learning (1).pptx
 
04242024_CCC TUG_Joins and Relationships
04242024_CCC TUG_Joins and Relationships04242024_CCC TUG_Joins and Relationships
04242024_CCC TUG_Joins and Relationships
 
Al Barsha Escorts $#$ O565212860 $#$ Escort Service In Al Barsha
Al Barsha Escorts $#$ O565212860 $#$ Escort Service In Al BarshaAl Barsha Escorts $#$ O565212860 $#$ Escort Service In Al Barsha
Al Barsha Escorts $#$ O565212860 $#$ Escort Service In Al Barsha
 
BabyOno dropshipping via API with DroFx.pptx
BabyOno dropshipping via API with DroFx.pptxBabyOno dropshipping via API with DroFx.pptx
BabyOno dropshipping via API with DroFx.pptx
 
Generative AI on Enterprise Cloud with NiFi and Milvus
Generative AI on Enterprise Cloud with NiFi and MilvusGenerative AI on Enterprise Cloud with NiFi and Milvus
Generative AI on Enterprise Cloud with NiFi and Milvus
 
Mature dropshipping via API with DroFx.pptx
Mature dropshipping via API with DroFx.pptxMature dropshipping via API with DroFx.pptx
Mature dropshipping via API with DroFx.pptx
 
꧁❤ Aerocity Call Girls Service Aerocity Delhi ❤꧂ 9999965857 ☎️ Hard And Sexy ...
꧁❤ Aerocity Call Girls Service Aerocity Delhi ❤꧂ 9999965857 ☎️ Hard And Sexy ...꧁❤ Aerocity Call Girls Service Aerocity Delhi ❤꧂ 9999965857 ☎️ Hard And Sexy ...
꧁❤ Aerocity Call Girls Service Aerocity Delhi ❤꧂ 9999965857 ☎️ Hard And Sexy ...
 
定制英国白金汉大学毕业证(UCB毕业证书) 成绩单原版一比一
定制英国白金汉大学毕业证(UCB毕业证书) 成绩单原版一比一定制英国白金汉大学毕业证(UCB毕业证书) 成绩单原版一比一
定制英国白金汉大学毕业证(UCB毕业证书) 成绩单原版一比一
 
RA-11058_IRR-COMPRESS Do 198 series of 1998
RA-11058_IRR-COMPRESS Do 198 series of 1998RA-11058_IRR-COMPRESS Do 198 series of 1998
RA-11058_IRR-COMPRESS Do 198 series of 1998
 
Brighton SEO | April 2024 | Data Storytelling
Brighton SEO | April 2024 | Data StorytellingBrighton SEO | April 2024 | Data Storytelling
Brighton SEO | April 2024 | Data Storytelling
 
Week-01-2.ppt BBB human Computer interaction
Week-01-2.ppt BBB human Computer interactionWeek-01-2.ppt BBB human Computer interaction
Week-01-2.ppt BBB human Computer interaction
 
Midocean dropshipping via API with DroFx
Midocean dropshipping via API with DroFxMidocean dropshipping via API with DroFx
Midocean dropshipping via API with DroFx
 
CebaBaby dropshipping via API with DroFX.pptx
CebaBaby dropshipping via API with DroFX.pptxCebaBaby dropshipping via API with DroFX.pptx
CebaBaby dropshipping via API with DroFX.pptx
 
VIP High Class Call Girls Jamshedpur Anushka 8250192130 Independent Escort Se...
VIP High Class Call Girls Jamshedpur Anushka 8250192130 Independent Escort Se...VIP High Class Call Girls Jamshedpur Anushka 8250192130 Independent Escort Se...
VIP High Class Call Girls Jamshedpur Anushka 8250192130 Independent Escort Se...
 
April 2024 - Crypto Market Report's Analysis
April 2024 - Crypto Market Report's AnalysisApril 2024 - Crypto Market Report's Analysis
April 2024 - Crypto Market Report's Analysis
 
Halmar dropshipping via API with DroFx
Halmar dropshipping via API with DroFxHalmar dropshipping via API with DroFx
Halmar dropshipping via API with DroFx
 

Study of Security functionality in Distributed Database.pptx

  • 1. Study of Security Functionality in Distributed Databases Presented By: Hasib Ahmad Khaliqi
  • 2. Contents Introduction to Distributed Database Concepts in Secure Database Multilevel Security Discretionary Security Security of Emerging Distributed System Technologies The Security Challenges of DDS Solutions to address the Security Challenges Conclusion References Inference Problem
  • 3. Introduction to Distributed Databases • A distributed database is data that is distributed across multiple databases. • A distributed database system includes: o Distributed database management system (DDBMS) o Distributed database o Network for interconnection. • The DDBMS manages the distributed database. • Distributed database system functions include: o Distributed query management o Distributed transaction processing o Distributed metadata management o Enforcing security and integrity across the multiple nodes.
  • 4. Concepts in Secure Databases • Much of the early work on secure databases was on discretionary security. • The major issues in security are: o Authentication o Identification o Enforcing appropriate access controls • Some of the most important security requirements for database management systems are: o Multi-Level Access Control o Confidentiality: Confidentiality measures protect information from unauthorized access and misuse. o Reliability: is defined broadly to mean that the database performs consistently without causing problems. More specifically, it means that there is accuracy and consistency of data. o Integrity: Integrity measures protect information from unauthorized alteration. o Recovery: is the process of restoring the database to a correct (consistent) state in the event of a failure.
  • 5. Multilevel Security • In an MLS/DBMS, users cleared at different security levels access and share a database with data at different security levels (also called sensitivity levels) without violating security. • It is generally assumed that the security levels form a lattice where: o Unclassified < Confidential < Secret < TopSecret • An MLS/DBMS may also support users and data at different compartments or categories. • Multilevel security is a security policy that allows you to classify objects and users based on a system of hierarchical security levels and a system of non-hierarchical security categories. • Multilevel security provides the capability to prevent unauthorized users from accessing information at a higher classification than their authorization, and prevents users from declassifying information. • The security policy of MLS/DBMSs includes: o Mandatory access control (MAC): Mandatory security controls restrict access to data depending on the sensitivity levels of the data and the clearance level of the user. In general, most MLS/DBMSs enforce a MAC policy where a subject reads an object (such as row or relation) if the subject’s security level dominates the security level of the object and a subject updates an object if the subject’s security level is that of the object. o Discretionary access control (DAC): Discretionary security measures are usually in the form of rules, which specify the type of access that users or groups of users may have to different kinds of data. o Other components of the security policy include policies for integrity, identification and authentication, auditing and accounting. • Two type of architecures proposed in Multilevel security: o Distributed Data and Centralized Control o Distributed Data and Distributed Control
  • 6. Distributed Data and Centralized Control Security In this architecture, the data is distributed while control is centralized. Two approaches were proposed at the Summer Study. In the first of these approaches, known as the Partitioned approach, a trusted front-end database system is connected to non-trusted back-end database systems. Each back-end database system operates at a single level and manages data at that level. For example, an Unclassified DBMS manages the unclassified data while a Secret DBMS manages Secret data. All communication between the backend database systems is through the front-end database system. A user’s query is sent to the DBMS at the user’s level or below the user’s level. Update requests are sent only to the DBMS at the user’s level. For example, a Secret user ’s query is sent to the Secret and Unclassified DBMSs, while a Secret user’s update request is sent only to the Secret DBMS. It was found that there was potential for covert channels with this approach as a Secret user’s query could have sensitive information that is sent to an Unclassified DBMS. As a result, a second approach was examined where data is replicated. In this approach, the unclassified data İlker Köse, GYTE, Veri ve Ağ Güvenliği, Distributed Database Security, Spring 2002 6is replicated at the Secret and Top- Secret databases, and the Secret data is replicated at the Top-Secret database. This way, a user’s query is sent only to the DBMS at the user’s level. The update request is sent to the replicated databases. While there is no covert channel for the query operation, since a user’s update is propagated upwards, there is a potential for covert channels during the update operation. Nevertheless, this issue has been studied extensively and shown that the bandwidth of the channel is fairly low. Therefore, the preferred approach is the replicated approach. This approach has been studied extensively both at Unisys and at the Naval Research Laboratory.
  • 7. Distributed Data and Distributed Control • In a multilevel secure distributed database management system (MLS/DDBMS), users cleared at different security levels access and share a distributed database consisting of data at different security levels without violating security. • In this architecture, the MLS/DDBMS consists of several nodes that are interconnected by a multilevel secure network. • In a homogeneous environment, all of the nodes are designed identically. • Each node is capable of handling multilevel data. Each node has a MLS/DBMS, which manages the local multilevel database. • Each node also has a distributed processing component called the Secure Distributed Processor (SDP). The modules of the SDP are similar to those of the DDBMS described above. • Multilevel security must be taken into consideration during all of the processing. First of all, an appropriate security policy has to be formulated. This policy will depend on the policies of the local DBMS, the network and the distributed processor. • The algorithms for query, update and transaction processing in a DDBMS have to be extended to handle multilevel security. Locking techniques could cause covert channels. Therefore, algorithms for MLS/DBMSs have to be integrated with algorithms for DDBMSs to handle MLS/DDBMSs. These algorithms are implemented by the SDTM. Finally, security and integrity processing techniques for MLS/DBMSs and DDBMSs have to be extended for MLS/DDBMSs. For example, in the case of the SDSM, it has to consider multilevel security within functions such as identification, authentication and enforcing discretionary security controls.
  • 8. Discretionary Security • Discretionary security mechanisms enforce rules which specify the types of access that users or groups of users have to the data. • Multilevel security controls ensure that users cleared at different security levels access and share a distributed database in which the data is assigned different sensitivity levels without compromising security. • In this section, we describe both types of security. In a distributed environment, users need to be authenticated with respect to the local system as well as the global environment. • An issue here is whether the authentication mechanism should be centralized or distributed. If it is centralized, then the authenticator needs to have information about all of the users of the system. If the authenticator is distributed, then the various components of the authenticator need to communicate with each other to authenticate a user. • The access control rules enforced in a distributed environment may be distributed, centralized or replicated. If the rules are centralized, then the central server needs to check all accesses to the database. • If the rules are distributed, then appropriate rules need to be located and enforced for a particular access. • Often the rules associated with a particular database may also be stored at the same site. If the rules are replicated, then each node can carry out the access control checks for the data that it manages.
  • 9. Inference Problem • The inference problem has received a great deal of attention for many years. There is still work on this problem especially with emerging technologies such as data warehousing, data mining and the web. • Inference is the process of users posing queries and deducing unauthorized information from the legitimate responses that they receive. • This problem has been discussed a great deal over the past two decades. However, data mining makes this problem worse. • Users now have sophisticated tools that they can employ to get data and deduce patterns that could be sensitive. Without these data mining tools, users would have to be fairly sophisticated in their reasoning to be able to deduce information from posing queries to the databases. • In short, data mining tools make the inference problem quite dangerous. • Essentially, the query processor of the MLS/DDBMS described in the preceding subsection was examined and augmented with constraint processors.
  • 10. Heterogeneous and Federated Systems Security • In particular, various approaches to designing heterogeneous and federated database systems were examined and the security impact was investigated. • The issues include security for integrating the federated schemas as well as handling different ranges of security levels. • For example, one system could handle the range from Secret to Top-Secret, while another system could handle the range from Unclassified to Secret. • Issues on integrating heterogeneous database schemas in a secure environment were also investigated. Much of the work here focused on query processing issues. • In addition, prototype systems were also developed. The approaches examined both the multidatabase and the nonmultidatabase architectures. Around 1992, the MITRE Corporation began an effort called MUSET (Multilevel Secure Transactions) database system. This effort focused mainly on transaction management in a heterogeneous database system. This effort also investigated concurrency control, recovery and commit protocols for multilevel transactions. • A multilevel transaction is a transaction that can operate at multiple security levels. For example, a sub-transaction at one site could operate at the unclassified level, while another sub-transaction at a different site could operate at the Secret level. • The challenge here is to ensure consistency and at the same time minimize covert channels. Other work on secure distributed database systems includes various concurrency control algorithms for transactions.
  • 11. Security for Emerging Distributed System Technologies Data warehouse: The major issues here are ensuring that security is maintained in building a data warehouse from the backend database systems and also enforcing appropriate access control techniques when retrieving the data from the warehouse. For example, security policies of the different data sources that form the warehouse have to be integrated to form a policy for the warehouse. Data mining: Data mining causes serious security problems. For example, consider a user who has the ability to apply data mining tools. This user can pose various queries and infer a sensitive hypothesis. That is, the inference problem occurs via data mining. Collaborative computing systems, distributed object management systems and the web
  • 12. The security challenges of DDBS Distribution Design Operating Environment Replication Control Distributed Deadlock Management Distributed Concurrency Control • The Distributed Concurrency Control is the integrity of the database is maintained by specifying the synchronization of access to the distributed database to manage concurrency; • different locking techniques uses based on the mutual exclusion of access to data. • The Replication Control applies to distributed systems where a database is supposed to be replicated if the whole database or its percentage is copied. The copies are stockpiled at different sites. Having more than one copy of a database, the issue is continuing the copies' communal uniformity, ensuring with all copies are identical schema and data. • Deadlock Handling if the users request the same resources from the database if the resources are obtainable, then the database allows permission for the resources to that user if not available. The user has to wait until the resources have released another user. Sometimes the users do not remove the resources blocked by some other users. • To implement distributed database environment, a specific operating system is required as per organizational requirements. The operating system plays a vital role in managing the distributed database because sometimes it supports the distributed database. • Furthermore, the central problem area in the distributed database where data is located in numerous locations and the number is used. So, the transparent management of information is essential to maintain the integrity of the distributed database.
  • 13. Solutions to address the security challenges of DDBS Locking Techniques Design Fragmentation Deadlock Detection Agents Summary-schema Model • Locking as a technique of synchronizing the access through concurrent transactions towards database items that resolve the distributed concurrency control. • Through fragmentation, a lot of topics in DDBS can be resolved. Fragmentation is when large schema records are divided into independent pieces or parts to increase the speed of query processing. This also enables us to achieve the distribution design and security issues in DDBS. • For deadlock handling issues, Krivokapic et al. presented the deadlock detection agents (DDAs). Deadlock resolution strategies determine which transaction(s) are to be aborted in order to resolve the deadlock. • Bright and Hurson introduce the summary- schema model, one of the possible solutions to powerful user interfaces, effective distribution of processing, and increased semantic content in distributed design
  • 14. Conclusion • Distributed database systems are a reality. • Many organizations are now deploying distributed database systems. • Therefore, we have no choice but to ensure that these systems operate in a secure environment. • We believe that as more and more technologies emerge, the impact of secure distributed database systems on these technologies will be significant.
  • 15. References • B. Thuraisingham, Security for Distributed Database Systems, Computers & Security, 2000. • Simon Wiseman, DERA, Database Security: Retrospective and Way Forward, 2001 • A. A. Akintola, G. A. Aderounmu and A. U. Osakwe (2005). “Performing Modeling of an Enhanced Optimistic Locking Architecture for Concurrency Control in a Distributed Database System”, ACM vol.37, No.4, November 2005 • https://studylib.net/doc/14661240/distributed- database-security--introduction-i%CC%87lker- k%C3%B6se • http://ignited.in/I/a/242216
  • 17. DD Security and Threats Data security is of specific significance in distributed systems due to huge number of clients, divided and reproduced data, different locales and distributed control.
  • 18. Measures of Control in D. Database The measures of control can be broadly divided into the following categories – Access control includes security mechanisms in a database management system to protect against unauthorized access. A user can gain access to the database after clearing the login process through only valid user accounts. Each user account is password protected. Access Control Flow Control You can simply Distributed systems encompass a lot of data flow from one site to another and also within a site. Flow control prevents data from being transferred in such a way that it can be accessed by unauthorized agents. A flow policy lists out the channels through which information can flow. It also defines security classes for data as well as transactions. your audience and add a unique zing and appeal to your Presentations. Data Encryption You can simply impress your audience and add a unique Data encryption refers to coding data when sensitive data is to be communicated over public channels. Even if an unauthorized agent gains access of the data, he cannot understand it since it is in an incomprehensible format. and appeal to your Presentations.
  • 19. TYPES OF DATABASE SECURITY Auditing Validation Encryption
  • 20. Auditing Auditing is a procedure of inspecting all security pertinent occasions to find and analyze the security infringement of database. It is an assortment of efficient review data and investigation which needs assurance from change by a gatecrasher.
  • 21. Validation Before accessing a system, each client is distinguished and verified .it is an affirmation of a person or thing is credible to utilize the assets of the system.
  • 22. Encryption encryption is a piece of cryptography where a calculation for the most part called as figure is utilized to change data (called plaintext) into incomprehensible to anybody with the exception of those clients who have unique information and certifications.