SlideShare a Scribd company logo

UNIT 3- DATABASE INTEGRITY AND SECURITY CONCEPTS (1).pdf

K
KavitaShinde26

This is RDBMS unit- Database Integrity and Security.

Technology
1 of 23
Unit 3 Database Integrity and Security Concepts By Kavita Shinde Asst. Professor Computer Science MITACSC, Alandi Pune.
Content: 3.1 Domain constraints 3.2 Referential Integrity 3.3 Introduction to database security concepts 3.4 Methods for database security 3.4.1Discretionary access control method 3.4.2Mandatory access control 3.4.3. Role base access control for multilevel security. 3.5 Use of views in security enforcement. 3.6 Overview of encryption technique for security. 3.7 Statistical database security.
3.1 Domain constraints -Are most elementary form of integrity constraint. -Every domain must contain atomic values. -It makes sure that the data value entered for that particular column matches with the data type defined for that column.
3.2 Referential Integrity: -Also known as foreign key constraint. -A foreign key is a key whose values are derived from the Primary key of another table. -The table containing the foreign key is called the child table. -The table containing the Primary key/candidate key is called the referenced or parent table. -Rules : -A record cannot be deleted from a primary table if matching records exist in a related table. -A primary key value cannot be changed in the primary table if that record has related records. -A value cannot be entered in the foreign key field of the related table that doesn't exist in the primary key of the primary table. -A Null value can be entered in the foreign key, specifying that the records are unrelated. Insert Constraint: Value cannot be inserted in CHILD Table if the value is not lying in MASTER Table Delete Constraint: Value cannot be deleted from MASTER Table if the value is lying in CHILD Table
Ex:
3.3 Introduction to database security concepts: Threats to Databases: Threats to databases can result in the loss or degradation of some or all of the following commonly accepted security goals: integrity, availability, and confidentiality. (1)Loss of integrity: -Database integrity refers to the requirement that information be protected from improper modification. -Integrity is lost if unauthorized changes are made to the data by either intentional or accidental acts. (2)Loss of availability: Refers to making objects available to a human user or a program to which they have a legitimate right. (3)Loss of confidentiality: Refers to the protection of data from unauthorized disclosure.
3.3 Introduction to database security concepts: -Database Security: -Keep sensitive information safe and prevent the loss of data. -Security of data base is controlled by Database Administrator (DBA). -The following are the main control measures are used to provide security of data in databases: 1. Authentication 2. Access control 3. Inference control 4. Flow control 5. Database Security applying Statistical Method 6. Encryption
1.Authentication : [Login Process] -Used to protect database against unauthorized access. -A user can gain access to the database after clearing the login process through only valid user accounts. -Each user account is password protected. 2.Access control : [User Accounts] -The security mechanism of DBMS must include some provisions for restricting access to the data base by unauthorized users. -Access control is done by creating user accounts and to control login process by the DBMS. -Database access of sensitive data is possible only to those people (database users) who are allowed to access such data and to restrict access to unauthorized persons. 3.Inference control : -This method protect the sensitive information from indirect disclosure.
4.Flow control : -Distributed systems encompass a lot of data flow from one site to another and also within a site. -Flow control prevents data from being transferred in such a way that it can be accessed by unauthorized agents. 5.Database Security applying Statistical Method : -Statistical database security focuses on the protection of confidential individual values stored in and used for statistical purposes and used to retrieve the summaries of values based on categories. -They do not permit to retrieve the individual information. 6.Encryption: -Data encryption refers to coding data when sensitive data is to be communicated over public channels. -Even if an unauthorized agent gains access of the data, he cannot understand it since it is in an incomprehensible format.
3.3 Introduction to database security concepts: Database Security and the DBA -The DBA is responsible for the overall security of the database system. -The DBA’s responsibilities include granting and revoking privileges to users. Account creation: This action creates a new account and password for a user or a group of users to enable access to the DBMS. Privilege granting: This action permits the DBA to grant certain privileges to certain accounts. Privilege revocation: This action permits the DBA to revoke (cancel) certain privileges that were previously given to certain accounts. Security level assignment: This action consists of assigning user accounts to the appropriate security clearance level.
Ex: (1)GRANT Command: GRANT privilege [, ...] ON object [, ...] TO { PUBLIC | GROUP group | username } privilege : values could be: SELECT, INSERT, UPDATE, DELETE, ALL,etc. object : The name of an object to which to grant access (table, view, sequence) PUBLIC: To all users. GROUP group : A group to whom to grant privileges. Username: The name of a user to whom to grant privileges. PUBLIC is a short form representing all users.
Ex: (1)Revoke Command: REVOKE privilege [, ...] ON object [, ...] FROM { PUBLIC | GROUP groupname | username } privilege : values could be: SELECT, INSERT, UPDATE, DELETE, RULE, ALL. object : The name of an object to which to grant access. The possible objects are: table, view, sequence PUBLIC: A short form representing all users. GROUP group : A group to whom to grant privileges. Username: The name of a user to whom to grant privileges. PUBLIC is a short form representing all users.
Ex: (1)testdb=# CREATE USER manisha WITH PASSWORD 'password'; CREATE ROLE (2)testdb=# GRANT ALL ON COMPANY TO manisha; GRANT (3)testdb=# REVOKE ALL ON COMPANY FROM manisha; REVOKE (4)testdb=# DROP USER manisha; DROP ROLE
3.4 Methods for database security: -Regulates which users, applications, and devices can view, edit, add, and delete resources in an organization’s environment. -Controlling access is one of the key practices to protect sensitive data from theft, misuse, abuse, and any other threats.
3.4.1 Discretionary access control : (identity-based access control model ) -Provides users a certain amount of control over their data. -Data owners (or any users authorized to control data) can define access permissions for specific users or groups of users. -DAC is quite a popular model because it allows a lot of freedom for users and doesn’t cause administrative overhead. -User 1 can’t grant access rights that exceed their own. For example, if user 1 can only read a document, they can’t allow user 2 to edit it.
3.4.2 Mandatory access control: -MAC is considered the most secure of all access control models. -Access rules are manually defined by system administrators and strictly enforced by the operating system or security kernel. -Regular users can’t alter security attributes even for data they’ve created.
3.4.3 Role-based access control: -Also known as Non discretionary Access Control, takes more of a real world approach to structuring access control. -Access under RBAC is based on a user's job function within the organization to which the computer system belongs. -Essentially, RBAC assigns permissions to particular roles in an organization. Users are then assigned to that particular role. -For example, an accountant in a company will be assigned to the Accountant role, gaining access to all the resources permitted for all accountants on the system. Similarly, a software engineer might be assigned to the developer role. Roles differ from groups in that while users may belong to multiple groups, a user under RBAC may only be assigned a single role in an organization. Additionally, there is no way to provide individual users additional permissions over and above those available for their role. The accountant described above gets the same permissions as all other accountants, nothing more and nothing less.
3.5 Use of views in security enforcement: Rather than granting users privileges on a particular table, you can give them access to a view of the table. Views add two more levels of security: -A view can limit access to only selected columns of the base table. -A view can provide value-based security for the information in a table. Thus a WHERE clause in the definition of a view can display only selected rows of a base table. -Types of views : Read-only View : Allows only SELECT operations. Updateable View : Allows SELECT as well as INSERT , UPDATE and DELETE operations.
-Syn: (1) Read Only View: CREATE <OR REPLACE> VIEW <ViewName> AS SELECT <ColumnName1 >, <ColumnName2> FROM <TableName> WHERE <ColumnName> = < Expression List> <WITH READ ONLY> ; -Ex: create view stu as select enroll,name from student; (2) Updateable View: update stu set name='xyz' where enroll=4866; drop view stu; -Dropping View: drop view stu;
3.6 Overview of encryption technique for security: -Encryption is a security method in which information is encoded in such a way that only authorized user can read it. -It uses encryption algorithm to generate cipher text that can only be read if decrypted. Types of Encryption There are two types of encryptions schemes as listed below: Symmetric Key encryption Public Key encryption
(1)Symmetric Key encryption: Symmetric key encryption algorithmuses same cryptographic keys for both encryption and decryption of cipher text. Ex: DES(Data Encryption Standard) (2)Public Key encryption: Public key encryption algorithm uses pair of keys, one of which is a secret key and one of which is public. These two keys are mathematically linked with each other. Ex: RSA (Rivest, Shamir, and Adheman) algorithm and Diffie– Hellman algorithm.
3.7 Statistical database security: -A statistical database (SDB) is one that provides data of a statistical nature, such as counts and averages. -The term statistical database is used in two contexts: Pure statistical database: -This type of database only stores statistical data. -An example is a census database. -Access control for a pure SDB is straightforward. -Certain users are authorized to access the entire database. Ordinary database with statistical access: -This type of database contains individual entries. -The database supports a population of nonstatistical users who are allowed access to selected portions of the database using DAC, RBAC, or MAC. -In addition, the database supports a set of statistical users who are only permitted statistical queries.
3.6 Overview of encryption technique for security:

Recommended

Database Security
Database SecurityDatabase Security
Database SecurityShingalaKrupa
 
Introduction to database & sql
Introduction to database & sqlIntroduction to database & sql
Introduction to database & sqlzahid6
 
Database security
Database securityDatabase security
Database securityMurchana Borah
 
Chapter 14 - Protection
Chapter 14 - ProtectionChapter 14 - Protection
Chapter 14 - ProtectionWayne Jones Jnr
 
Intro to Web Application Security
Intro to Web Application SecurityIntro to Web Application Security
Intro to Web Application SecurityRob Ragan
 
OS-Part-06.pdf
OS-Part-06.pdfOS-Part-06.pdf
OS-Part-06.pdfNguyenTienDungK17HL
 
Security policies
Security policiesSecurity policies
Security policiesNishant Pahad
 
Application layer security protocol
Application layer security protocolApplication layer security protocol
Application layer security protocolKirti Ahirrao
 

Recommended

Database Security
Database SecurityDatabase Security
Database SecurityShingalaKrupa
 
Introduction to database & sql
Introduction to database & sqlIntroduction to database & sql
Introduction to database & sqlzahid6
 
Database security
Database securityDatabase security
Database securityMurchana Borah
 
Chapter 14 - Protection
Chapter 14 - ProtectionChapter 14 - Protection
Chapter 14 - ProtectionWayne Jones Jnr
 
Intro to Web Application Security
Intro to Web Application SecurityIntro to Web Application Security
Intro to Web Application SecurityRob Ragan
 
OS-Part-06.pdf
OS-Part-06.pdfOS-Part-06.pdf
OS-Part-06.pdfNguyenTienDungK17HL
 
Security policies
Security policiesSecurity policies
Security policiesNishant Pahad
 
Application layer security protocol
Application layer security protocolApplication layer security protocol
Application layer security protocolKirti Ahirrao
 
Data definition language
Data definition languageData definition language
Data definition languageVENNILAV6
 
database recovery techniques
database recovery techniques database recovery techniques
database recovery techniques Kalhan Liyanage
 
Database security
Database securityDatabase security
Database securityMaryamAsghar9
 
Data Warehouses & Deployment By Ankita dubey
Data Warehouses & Deployment By Ankita dubeyData Warehouses & Deployment By Ankita dubey
Data Warehouses & Deployment By Ankita dubeyAnkita Dubey
 
Security threats
Security threatsSecurity threats
Security threatsQamar Farooq
 
INTRODUCTION TO DATABASE
INTRODUCTION TO DATABASEINTRODUCTION TO DATABASE
INTRODUCTION TO DATABASEMuhammad Bilal Tariq
 
InformationSecurity
InformationSecurityInformationSecurity
InformationSecuritylearnt
 
Security Policies
Security PoliciesSecurity Policies
Security Policiesphanleson
 
Distributed file systems dfs
Distributed file systems dfsDistributed file systems dfs
Distributed file systems dfsPragati Startup Presentation Designer firm
 
Online Ticket Reservation System-SRS, ERD, DFD, Structured Charts
Online Ticket Reservation System-SRS, ERD, DFD, Structured ChartsOnline Ticket Reservation System-SRS, ERD, DFD, Structured Charts
Online Ticket Reservation System-SRS, ERD, DFD, Structured Chartsgrandhiprasuna
 
Difference between File system And DBMS.pptx
Difference between File system And DBMS.pptxDifference between File system And DBMS.pptx
Difference between File system And DBMS.pptxShayanMujahid2
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information securityKumawat Dharmpal
 
Security and Integrity violations, Authorisation and views, Integrity Constant
Security and Integrity violations, Authorisation and views, Integrity ConstantSecurity and Integrity violations, Authorisation and views, Integrity Constant
Security and Integrity violations, Authorisation and views, Integrity ConstantPrakash Kumar
 
Erd
ErdErd
Erdعاطف معروف
 
Database Systems Security
Database Systems SecurityDatabase Systems Security
Database Systems Securityamiable_indian
 
Security of the database
Security of the databaseSecurity of the database
Security of the databasePratik Tamgadge
 
Role of system analyst
Role of system analystRole of system analyst
Role of system analystDashiya Foundation
 
Database security
Database securityDatabase security
Database securityafzaalkhalid1
 
Intoduction- Database Management System
Intoduction- Database Management SystemIntoduction- Database Management System
Intoduction- Database Management SystemDr. Jasmine Beulah Gnanadurai
 
Security audits & compliance
Security audits & complianceSecurity audits & compliance
Security audits & complianceVandana Verma
 
Database Security Methods, DAC, MAC,View
Database Security Methods, DAC, MAC,ViewDatabase Security Methods, DAC, MAC,View
Database Security Methods, DAC, MAC,ViewDr-Dipali Meher
 
Database managementsystemes_Unit-7.pptxe
Database managementsystemes_Unit-7.pptxeDatabase managementsystemes_Unit-7.pptxe
Database managementsystemes_Unit-7.pptxechnrketan
 

More Related Content

What's hot

Data definition language
Data definition languageData definition language
Data definition languageVENNILAV6
 
database recovery techniques
database recovery techniques database recovery techniques
database recovery techniques Kalhan Liyanage
 
Data Warehouses & Deployment By Ankita dubey
Data Warehouses & Deployment By Ankita dubeyData Warehouses & Deployment By Ankita dubey
Data Warehouses & Deployment By Ankita dubeyAnkita Dubey
 
InformationSecurity
InformationSecurityInformationSecurity
InformationSecuritylearnt
 
Security Policies
Security PoliciesSecurity Policies
Security Policiesphanleson
 
Online Ticket Reservation System-SRS, ERD, DFD, Structured Charts
Online Ticket Reservation System-SRS, ERD, DFD, Structured ChartsOnline Ticket Reservation System-SRS, ERD, DFD, Structured Charts
Online Ticket Reservation System-SRS, ERD, DFD, Structured Chartsgrandhiprasuna
 
Difference between File system And DBMS.pptx
Difference between File system And DBMS.pptxDifference between File system And DBMS.pptx
Difference between File system And DBMS.pptxShayanMujahid2
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information securityKumawat Dharmpal
 
Security and Integrity violations, Authorisation and views, Integrity Constant
Security and Integrity violations, Authorisation and views, Integrity ConstantSecurity and Integrity violations, Authorisation and views, Integrity Constant
Security and Integrity violations, Authorisation and views, Integrity ConstantPrakash Kumar
 
Database Systems Security
Database Systems SecurityDatabase Systems Security
Database Systems Securityamiable_indian
 
Security of the database
Security of the databaseSecurity of the database
Security of the databasePratik Tamgadge
 
Security audits & compliance
Security audits & complianceSecurity audits & compliance
Security audits & complianceVandana Verma
 

What's hot (20)

Data definition language
Data definition languageData definition language
Data definition language
 
database recovery techniques
database recovery techniques database recovery techniques
database recovery techniques
 
Database security
Database securityDatabase security
Database security
 
Data Warehouses & Deployment By Ankita dubey
Data Warehouses & Deployment By Ankita dubeyData Warehouses & Deployment By Ankita dubey
Data Warehouses & Deployment By Ankita dubey
 
Security threats
Security threatsSecurity threats
Security threats
 
INTRODUCTION TO DATABASE
INTRODUCTION TO DATABASEINTRODUCTION TO DATABASE
INTRODUCTION TO DATABASE
 
InformationSecurity
InformationSecurityInformationSecurity
InformationSecurity
 
Security Policies
Security PoliciesSecurity Policies
Security Policies
 
Distributed file systems dfs
Distributed file systems dfsDistributed file systems dfs
Distributed file systems dfs
 
Online Ticket Reservation System-SRS, ERD, DFD, Structured Charts
Online Ticket Reservation System-SRS, ERD, DFD, Structured ChartsOnline Ticket Reservation System-SRS, ERD, DFD, Structured Charts
Online Ticket Reservation System-SRS, ERD, DFD, Structured Charts
 
Difference between File system And DBMS.pptx
Difference between File system And DBMS.pptxDifference between File system And DBMS.pptx
Difference between File system And DBMS.pptx
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information security
 
Security and Integrity violations, Authorisation and views, Integrity Constant
Security and Integrity violations, Authorisation and views, Integrity ConstantSecurity and Integrity violations, Authorisation and views, Integrity Constant
Security and Integrity violations, Authorisation and views, Integrity Constant
 
Erd
ErdErd
Erd
 
Database Systems Security
Database Systems SecurityDatabase Systems Security
Database Systems Security
 
Security of the database
Security of the databaseSecurity of the database
Security of the database
 
Role of system analyst
Role of system analystRole of system analyst
Role of system analyst
 
Database security
Database securityDatabase security
Database security
 
Intoduction- Database Management System
Intoduction- Database Management SystemIntoduction- Database Management System
Intoduction- Database Management System
 
Security audits & compliance
Security audits & complianceSecurity audits & compliance
Security audits & compliance
 

Similar to UNIT 3- DATABASE INTEGRITY AND SECURITY CONCEPTS (1).pdf

Database Security Methods, DAC, MAC,View
Database Security Methods, DAC, MAC,ViewDatabase Security Methods, DAC, MAC,View
Database Security Methods, DAC, MAC,ViewDr-Dipali Meher
 
Database managementsystemes_Unit-7.pptxe
Database managementsystemes_Unit-7.pptxeDatabase managementsystemes_Unit-7.pptxe
Database managementsystemes_Unit-7.pptxechnrketan
 
Adbms 46 security and integrity of databases
Adbms 46 security and integrity of databasesAdbms 46 security and integrity of databases
Adbms 46 security and integrity of databasesVaibhav Khanna
 
database-security-access-control-models-a-brief-overview-IJERTV2IS50406.pdf
database-security-access-control-models-a-brief-overview-IJERTV2IS50406.pdfdatabase-security-access-control-models-a-brief-overview-IJERTV2IS50406.pdf
database-security-access-control-models-a-brief-overview-IJERTV2IS50406.pdfDr Amit Phadikar
 
report on network security fundamentals
report on network security fundamentalsreport on network security fundamentals
report on network security fundamentalsJassika
 
Database Management System Security.pptx
Database Management System Security.pptxDatabase Management System Security.pptx
Database Management System Security.pptxRoshni814224
 
Chapter 5 database security
Chapter 5 database securityChapter 5 database security
Chapter 5 database securitySyaiful Ahdan
 
Dbms ii mca-ch12-security-2013
Dbms ii mca-ch12-security-2013Dbms ii mca-ch12-security-2013
Dbms ii mca-ch12-security-2013Prosanta Ghosh
 
security and privacy in dbms and in sql database
security and privacy in dbms and in sql databasesecurity and privacy in dbms and in sql database
security and privacy in dbms and in sql databasegourav kottawar
 
Data base security
Data base securityData base security
Data base securitySara Nazir
 
DBMS-material for b.tech students to learn
DBMS-material for b.tech students to learnDBMS-material for b.tech students to learn
DBMS-material for b.tech students to learnRajasekhar364622
 

Similar to UNIT 3- DATABASE INTEGRITY AND SECURITY CONCEPTS (1).pdf (20)

Database Security Methods, DAC, MAC,View
Database Security Methods, DAC, MAC,ViewDatabase Security Methods, DAC, MAC,View
Database Security Methods, DAC, MAC,View
 
Database managementsystemes_Unit-7.pptxe
Database managementsystemes_Unit-7.pptxeDatabase managementsystemes_Unit-7.pptxe
Database managementsystemes_Unit-7.pptxe
 
Adbms 46 security and integrity of databases
Adbms 46 security and integrity of databasesAdbms 46 security and integrity of databases
Adbms 46 security and integrity of databases
 
En ch23
En ch23En ch23
En ch23
 
database-security-access-control-models-a-brief-overview-IJERTV2IS50406.pdf
database-security-access-control-models-a-brief-overview-IJERTV2IS50406.pdfdatabase-security-access-control-models-a-brief-overview-IJERTV2IS50406.pdf
database-security-access-control-models-a-brief-overview-IJERTV2IS50406.pdf
 
report on network security fundamentals
report on network security fundamentalsreport on network security fundamentals
report on network security fundamentals
 
Database Management System Security.pptx
Database Management System Security.pptxDatabase Management System Security.pptx
Database Management System Security.pptx
 
Paper2
Paper2Paper2
Paper2
 
Chapter 5 database security
Chapter 5 database securityChapter 5 database security
Chapter 5 database security
 
Dbms ii mca-ch12-security-2013
Dbms ii mca-ch12-security-2013Dbms ii mca-ch12-security-2013
Dbms ii mca-ch12-security-2013
 
ELNA6eCh24.ppt
ELNA6eCh24.pptELNA6eCh24.ppt
ELNA6eCh24.ppt
 
Security Architecture
Security ArchitectureSecurity Architecture
Security Architecture
 
Database modeling and security
Database modeling and securityDatabase modeling and security
Database modeling and security
 
Lecture 15-16.pdf
Lecture 15-16.pdfLecture 15-16.pdf
Lecture 15-16.pdf
 
security and privacy in dbms and in sql database
security and privacy in dbms and in sql databasesecurity and privacy in dbms and in sql database
security and privacy in dbms and in sql database
 
Protection
ProtectionProtection
Protection
 
Chapter23
Chapter23Chapter23
Chapter23
 
Data base security
Data base securityData base security
Data base security
 
Chapter 7
Chapter 7Chapter 7
Chapter 7
 
DBMS-material for b.tech students to learn
DBMS-material for b.tech students to learnDBMS-material for b.tech students to learn
DBMS-material for b.tech students to learn
 

More from KavitaShinde26

UNIT 4- CRASH AND RECOVERY.pdf
UNIT 4- CRASH AND RECOVERY.pdfUNIT 4- CRASH AND RECOVERY.pdf
UNIT 4- CRASH AND RECOVERY.pdfKavitaShinde26
 
UNIT 2- TRANSACTION CONCEPTS AND CONCURRENCY CONCEPTS (1).pdf
UNIT 2- TRANSACTION CONCEPTS AND CONCURRENCY CONCEPTS (1).pdfUNIT 2- TRANSACTION CONCEPTS AND CONCURRENCY CONCEPTS (1).pdf
UNIT 2- TRANSACTION CONCEPTS AND CONCURRENCY CONCEPTS (1).pdfKavitaShinde26
 
UNIT 1- RELATIONAL DATABASE DESIGN USING PLSQL.pdf
UNIT 1- RELATIONAL DATABASE DESIGN USING PLSQL.pdfUNIT 1- RELATIONAL DATABASE DESIGN USING PLSQL.pdf
UNIT 1- RELATIONAL DATABASE DESIGN USING PLSQL.pdfKavitaShinde26
 
UNIT 5- AWT AND SWING.pdf
UNIT 5- AWT AND SWING.pdfUNIT 5- AWT AND SWING.pdf
UNIT 5- AWT AND SWING.pdfKavitaShinde26
 
UNIT 1- INTRODUCTION TO JAVA.pdf
UNIT 1- INTRODUCTION TO JAVA.pdfUNIT 1- INTRODUCTION TO JAVA.pdf
UNIT 1- INTRODUCTION TO JAVA.pdfKavitaShinde26
 
UNIT 2- OBJECTS AND CLASSES.pdf
UNIT 2- OBJECTS AND CLASSES.pdfUNIT 2- OBJECTS AND CLASSES.pdf
UNIT 2- OBJECTS AND CLASSES.pdfKavitaShinde26
 
UNIT 4- EXCEPTION AND FILE HANDLING IN JAVA.pdf
UNIT 4- EXCEPTION AND FILE HANDLING IN JAVA.pdfUNIT 4- EXCEPTION AND FILE HANDLING IN JAVA.pdf
UNIT 4- EXCEPTION AND FILE HANDLING IN JAVA.pdfKavitaShinde26
 
UNIT 3-INHERITANCE AND INTERFACE IN JAVA.pdf
UNIT 3-INHERITANCE AND INTERFACE IN JAVA.pdfUNIT 3-INHERITANCE AND INTERFACE IN JAVA.pdf
UNIT 3-INHERITANCE AND INTERFACE IN JAVA.pdfKavitaShinde26
 

More from KavitaShinde26 (8)

UNIT 4- CRASH AND RECOVERY.pdf
UNIT 4- CRASH AND RECOVERY.pdfUNIT 4- CRASH AND RECOVERY.pdf
UNIT 4- CRASH AND RECOVERY.pdf
 
UNIT 2- TRANSACTION CONCEPTS AND CONCURRENCY CONCEPTS (1).pdf
UNIT 2- TRANSACTION CONCEPTS AND CONCURRENCY CONCEPTS (1).pdfUNIT 2- TRANSACTION CONCEPTS AND CONCURRENCY CONCEPTS (1).pdf
UNIT 2- TRANSACTION CONCEPTS AND CONCURRENCY CONCEPTS (1).pdf
 
UNIT 1- RELATIONAL DATABASE DESIGN USING PLSQL.pdf
UNIT 1- RELATIONAL DATABASE DESIGN USING PLSQL.pdfUNIT 1- RELATIONAL DATABASE DESIGN USING PLSQL.pdf
UNIT 1- RELATIONAL DATABASE DESIGN USING PLSQL.pdf
 
UNIT 5- AWT AND SWING.pdf
UNIT 5- AWT AND SWING.pdfUNIT 5- AWT AND SWING.pdf
UNIT 5- AWT AND SWING.pdf
 
UNIT 1- INTRODUCTION TO JAVA.pdf
UNIT 1- INTRODUCTION TO JAVA.pdfUNIT 1- INTRODUCTION TO JAVA.pdf
UNIT 1- INTRODUCTION TO JAVA.pdf
 
UNIT 2- OBJECTS AND CLASSES.pdf
UNIT 2- OBJECTS AND CLASSES.pdfUNIT 2- OBJECTS AND CLASSES.pdf
UNIT 2- OBJECTS AND CLASSES.pdf
 
UNIT 4- EXCEPTION AND FILE HANDLING IN JAVA.pdf
UNIT 4- EXCEPTION AND FILE HANDLING IN JAVA.pdfUNIT 4- EXCEPTION AND FILE HANDLING IN JAVA.pdf
UNIT 4- EXCEPTION AND FILE HANDLING IN JAVA.pdf
 
UNIT 3-INHERITANCE AND INTERFACE IN JAVA.pdf
UNIT 3-INHERITANCE AND INTERFACE IN JAVA.pdfUNIT 3-INHERITANCE AND INTERFACE IN JAVA.pdf
UNIT 3-INHERITANCE AND INTERFACE IN JAVA.pdf
 

Recently uploaded

Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Hyundai Motor Group
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 

Recently uploaded (20)

Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 

UNIT 3- DATABASE INTEGRITY AND SECURITY CONCEPTS (1).pdf

  • 1. Unit 3 Database Integrity and Security Concepts By Kavita Shinde Asst. Professor Computer Science MITACSC, Alandi Pune.
  • 2. Content: 3.1 Domain constraints 3.2 Referential Integrity 3.3 Introduction to database security concepts 3.4 Methods for database security 3.4.1Discretionary access control method 3.4.2Mandatory access control 3.4.3. Role base access control for multilevel security. 3.5 Use of views in security enforcement. 3.6 Overview of encryption technique for security. 3.7 Statistical database security.
  • 3. 3.1 Domain constraints -Are most elementary form of integrity constraint. -Every domain must contain atomic values. -It makes sure that the data value entered for that particular column matches with the data type defined for that column.
  • 4. 3.2 Referential Integrity: -Also known as foreign key constraint. -A foreign key is a key whose values are derived from the Primary key of another table. -The table containing the foreign key is called the child table. -The table containing the Primary key/candidate key is called the referenced or parent table. -Rules : -A record cannot be deleted from a primary table if matching records exist in a related table. -A primary key value cannot be changed in the primary table if that record has related records. -A value cannot be entered in the foreign key field of the related table that doesn't exist in the primary key of the primary table. -A Null value can be entered in the foreign key, specifying that the records are unrelated. Insert Constraint: Value cannot be inserted in CHILD Table if the value is not lying in MASTER Table Delete Constraint: Value cannot be deleted from MASTER Table if the value is lying in CHILD Table
  • 5. Ex:
  • 6. 3.3 Introduction to database security concepts: Threats to Databases: Threats to databases can result in the loss or degradation of some or all of the following commonly accepted security goals: integrity, availability, and confidentiality. (1)Loss of integrity: -Database integrity refers to the requirement that information be protected from improper modification. -Integrity is lost if unauthorized changes are made to the data by either intentional or accidental acts. (2)Loss of availability: Refers to making objects available to a human user or a program to which they have a legitimate right. (3)Loss of confidentiality: Refers to the protection of data from unauthorized disclosure.
  • 7. 3.3 Introduction to database security concepts: -Database Security: -Keep sensitive information safe and prevent the loss of data. -Security of data base is controlled by Database Administrator (DBA). -The following are the main control measures are used to provide security of data in databases: 1. Authentication 2. Access control 3. Inference control 4. Flow control 5. Database Security applying Statistical Method 6. Encryption
  • 8. 1.Authentication : [Login Process] -Used to protect database against unauthorized access. -A user can gain access to the database after clearing the login process through only valid user accounts. -Each user account is password protected. 2.Access control : [User Accounts] -The security mechanism of DBMS must include some provisions for restricting access to the data base by unauthorized users. -Access control is done by creating user accounts and to control login process by the DBMS. -Database access of sensitive data is possible only to those people (database users) who are allowed to access such data and to restrict access to unauthorized persons. 3.Inference control : -This method protect the sensitive information from indirect disclosure.
  • 9. 4.Flow control : -Distributed systems encompass a lot of data flow from one site to another and also within a site. -Flow control prevents data from being transferred in such a way that it can be accessed by unauthorized agents. 5.Database Security applying Statistical Method : -Statistical database security focuses on the protection of confidential individual values stored in and used for statistical purposes and used to retrieve the summaries of values based on categories. -They do not permit to retrieve the individual information. 6.Encryption: -Data encryption refers to coding data when sensitive data is to be communicated over public channels. -Even if an unauthorized agent gains access of the data, he cannot understand it since it is in an incomprehensible format.
  • 10. 3.3 Introduction to database security concepts: Database Security and the DBA -The DBA is responsible for the overall security of the database system. -The DBA’s responsibilities include granting and revoking privileges to users. Account creation: This action creates a new account and password for a user or a group of users to enable access to the DBMS. Privilege granting: This action permits the DBA to grant certain privileges to certain accounts. Privilege revocation: This action permits the DBA to revoke (cancel) certain privileges that were previously given to certain accounts. Security level assignment: This action consists of assigning user accounts to the appropriate security clearance level.
  • 11. Ex: (1)GRANT Command: GRANT privilege [, ...] ON object [, ...] TO { PUBLIC | GROUP group | username } privilege : values could be: SELECT, INSERT, UPDATE, DELETE, ALL,etc. object : The name of an object to which to grant access (table, view, sequence) PUBLIC: To all users. GROUP group : A group to whom to grant privileges. Username: The name of a user to whom to grant privileges. PUBLIC is a short form representing all users.
  • 12. Ex: (1)Revoke Command: REVOKE privilege [, ...] ON object [, ...] FROM { PUBLIC | GROUP groupname | username } privilege : values could be: SELECT, INSERT, UPDATE, DELETE, RULE, ALL. object : The name of an object to which to grant access. The possible objects are: table, view, sequence PUBLIC: A short form representing all users. GROUP group : A group to whom to grant privileges. Username: The name of a user to whom to grant privileges. PUBLIC is a short form representing all users.
  • 13. Ex: (1)testdb=# CREATE USER manisha WITH PASSWORD 'password'; CREATE ROLE (2)testdb=# GRANT ALL ON COMPANY TO manisha; GRANT (3)testdb=# REVOKE ALL ON COMPANY FROM manisha; REVOKE (4)testdb=# DROP USER manisha; DROP ROLE
  • 14. 3.4 Methods for database security: -Regulates which users, applications, and devices can view, edit, add, and delete resources in an organization’s environment. -Controlling access is one of the key practices to protect sensitive data from theft, misuse, abuse, and any other threats.
  • 15. 3.4.1 Discretionary access control : (identity-based access control model ) -Provides users a certain amount of control over their data. -Data owners (or any users authorized to control data) can define access permissions for specific users or groups of users. -DAC is quite a popular model because it allows a lot of freedom for users and doesn’t cause administrative overhead. -User 1 can’t grant access rights that exceed their own. For example, if user 1 can only read a document, they can’t allow user 2 to edit it.
  • 16. 3.4.2 Mandatory access control: -MAC is considered the most secure of all access control models. -Access rules are manually defined by system administrators and strictly enforced by the operating system or security kernel. -Regular users can’t alter security attributes even for data they’ve created.
  • 17. 3.4.3 Role-based access control: -Also known as Non discretionary Access Control, takes more of a real world approach to structuring access control. -Access under RBAC is based on a user's job function within the organization to which the computer system belongs. -Essentially, RBAC assigns permissions to particular roles in an organization. Users are then assigned to that particular role. -For example, an accountant in a company will be assigned to the Accountant role, gaining access to all the resources permitted for all accountants on the system. Similarly, a software engineer might be assigned to the developer role. Roles differ from groups in that while users may belong to multiple groups, a user under RBAC may only be assigned a single role in an organization. Additionally, there is no way to provide individual users additional permissions over and above those available for their role. The accountant described above gets the same permissions as all other accountants, nothing more and nothing less.
  • 18. 3.5 Use of views in security enforcement: Rather than granting users privileges on a particular table, you can give them access to a view of the table. Views add two more levels of security: -A view can limit access to only selected columns of the base table. -A view can provide value-based security for the information in a table. Thus a WHERE clause in the definition of a view can display only selected rows of a base table. -Types of views : Read-only View : Allows only SELECT operations. Updateable View : Allows SELECT as well as INSERT , UPDATE and DELETE operations.
  • 19. -Syn: (1) Read Only View: CREATE <OR REPLACE> VIEW <ViewName> AS SELECT <ColumnName1 >, <ColumnName2> FROM <TableName> WHERE <ColumnName> = < Expression List> <WITH READ ONLY> ; -Ex: create view stu as select enroll,name from student; (2) Updateable View: update stu set name='xyz' where enroll=4866; drop view stu; -Dropping View: drop view stu;
  • 20. 3.6 Overview of encryption technique for security: -Encryption is a security method in which information is encoded in such a way that only authorized user can read it. -It uses encryption algorithm to generate cipher text that can only be read if decrypted. Types of Encryption There are two types of encryptions schemes as listed below: Symmetric Key encryption Public Key encryption
  • 21. (1)Symmetric Key encryption: Symmetric key encryption algorithmuses same cryptographic keys for both encryption and decryption of cipher text. Ex: DES(Data Encryption Standard) (2)Public Key encryption: Public key encryption algorithm uses pair of keys, one of which is a secret key and one of which is public. These two keys are mathematically linked with each other. Ex: RSA (Rivest, Shamir, and Adheman) algorithm and Diffie– Hellman algorithm.
  • 22. 3.7 Statistical database security: -A statistical database (SDB) is one that provides data of a statistical nature, such as counts and averages. -The term statistical database is used in two contexts: Pure statistical database: -This type of database only stores statistical data. -An example is a census database. -Access control for a pure SDB is straightforward. -Certain users are authorized to access the entire database. Ordinary database with statistical access: -This type of database contains individual entries. -The database supports a population of nonstatistical users who are allowed access to selected portions of the database using DAC, RBAC, or MAC. -In addition, the database supports a set of statistical users who are only permitted statistical queries.
  • 23. 3.6 Overview of encryption technique for security: