SlideShare una empresa de Scribd logo

Database security copy

Descargar como PPT, PDF
F
fika sweety

Database

Educación
1 de 19
DATABASE SECURITYDATABASE SECURITY By Oscar SuciadiBy Oscar Suciadi CS 157BCS 157B Prof. Sin-Min LeeProf. Sin-Min Lee
DefinitionDefinition Database Security isDatabase Security is the mechanism that protect the databasethe mechanism that protect the database against intentional or accidental threats.against intentional or accidental threats. We consider database security in relation toWe consider database security in relation to the following situations:the following situations: - Theft and Fraud- Theft and Fraud - Loss of confidentiality- Loss of confidentiality
IntroductionIntroduction – Loss of privacyLoss of privacy – Loss of integrityLoss of integrity – Loss of availabilityLoss of availability Threat isThreat is any intentional or accidental event thatany intentional or accidental event that may adversely affect the system.may adversely affect the system.
Introduction (Cont)Introduction (Cont) Examples of threats:Examples of threats: - Using another person’s log-in name- Using another person’s log-in name toto access dataaccess data - Unauthorized copying data- Unauthorized copying data - Program/Data alteration- Program/Data alteration - Illegal entry by hacker- Illegal entry by hacker - Viruses- Viruses - Etc.- Etc.
CountermeasuresCountermeasures Computer-Based Controls:Computer-Based Controls: - Authorization- Authorization - Views- Views - Backup and Recovery- Backup and Recovery - Integrity- Integrity - Encryption- Encryption - RAID Technology- RAID Technology
AuthorizationAuthorization The granting of a privilege that enable aThe granting of a privilege that enable a user to have a legitimate access to auser to have a legitimate access to a system.system. They are sometimes referred as accessThey are sometimes referred as access controls.controls. The process of authorization involvesThe process of authorization involves authenticating the user requesting accessauthenticating the user requesting access to objects.to objects.
AuthenticatingAuthenticating Means a mechanism that determinesMeans a mechanism that determines whether a user is who he/she claim to be.whether a user is who he/she claim to be. A system administrator is responsible forA system administrator is responsible for allowing users to have access to theallowing users to have access to the system by creating individual usersystem by creating individual user accounts.accounts.
Closed Vs Open SystemsClosed Vs Open Systems Closed SystemsClosed Systems Some DBMS required authorization forSome DBMS required authorization for authorized DBMS users to access specificauthorized DBMS users to access specific objects.objects. Open SystemsOpen Systems Allow users to have complete access to allAllow users to have complete access to all objects within the database.objects within the database.
A DBMS may permit both individual userA DBMS may permit both individual user identifiers and group identifiers to beidentifiers and group identifiers to be created.created. Certain privileges may be associated withCertain privileges may be associated with specific identifiers, which indicate whatspecific identifiers, which indicate what kind of privilege is allowed with certainkind of privilege is allowed with certain with certain database objects.with certain database objects.
Each privileges has a binary valueEach privileges has a binary value associated with it. The binary values areassociated with it. The binary values are summed and the total value indicates whatsummed and the total value indicates what privileges are allowed for a specific user orprivileges are allowed for a specific user or group with a particular object.group with a particular object.
User & Group IdentifierUser & Group Identifier UserUser IdentifierIdentifier TypeType GroupGroup MemberMember IdentifierIdentifier SG37SG37 UserUser SalesSales SG37SG37 SG14SG14 UserUser SalesSales SG14SG14 SG5SG5 UserUser SalesSales GroupGroup
Access Control MatrixAccess Control Matrix UserUser IdentifierIdentifier Property#Property# TypeType PricePrice Owner#Owner# Staff#Staff# Branch#Branch# QueryQuery RowRow LimitLimit SalesSales 00010001 00010001 00010001 00000000 00000000 00000000 1515 SG37SG37 01010101 01010101 01110111 01010101 01110111 00000000 100100 SG5SG5 11111111 11111111 11111111 11111111 11111111 11111111 nonenone SELECTSELECT UPDATEUPDATE INSERTINSERT DELETEDELETE ALLALL 00010001 00100010 01000100 10001000 11111111
ViewsViews Is the dynamic result of one or moreIs the dynamic result of one or more relational operations operating on therelational operations operating on the base relations to produce another relation.base relations to produce another relation. A view is a virtual relation that does notA view is a virtual relation that does not actually exist in the database, but isactually exist in the database, but is produced upon request by a particularproduced upon request by a particular user, at the time of request.user, at the time of request.
Views (Cont)Views (Cont) The view mechanism provides a powerfulThe view mechanism provides a powerful and flexible security mechanism by hidingand flexible security mechanism by hiding parts of the database from certain users.parts of the database from certain users. The user is not aware of the existence ofThe user is not aware of the existence of any attributes or rows that are missingany attributes or rows that are missing from the view.from the view.
Backup & RecoveryBackup & Recovery Is the process of periodically taking a copyIs the process of periodically taking a copy of the database and log file on to offlineof the database and log file on to offline storage media.storage media. DBMS should provide backup facilities toDBMS should provide backup facilities to assist with the recovery of a databaseassist with the recovery of a database failure.failure.
IntegrityIntegrity Maintaining a secure database system byMaintaining a secure database system by preventing data from becoming invalid.preventing data from becoming invalid.
EncryptionEncryption The encoding of data by a special algorithmThe encoding of data by a special algorithm that renders the data unreadable by anythat renders the data unreadable by any program without the decryption key.program without the decryption key. There will be degradation in performanceThere will be degradation in performance because of the time taken to decode it.because of the time taken to decode it. It also protects the data transmitted overIt also protects the data transmitted over communication lines.communication lines.
RAIDRAID Redundant Array of Independent DisksRedundant Array of Independent Disks The hardware that the DBMS is running onThe hardware that the DBMS is running on must be fault-tolerant, meaning that themust be fault-tolerant, meaning that the DBMS should continue to operate even ifDBMS should continue to operate even if one of the hardware components fails.one of the hardware components fails. One solution is the use of RAID technology.One solution is the use of RAID technology.
RAID (Cont)RAID (Cont) RAID works on having a large disk arrayRAID works on having a large disk array comprising an arrangement of severalcomprising an arrangement of several independent disks that are organized toindependent disks that are organized to improve reliability and at the same timeimprove reliability and at the same time increase performance.increase performance.

Recomendados

01 database security ent-db
01 database security ent-db01 database security ent-db
01 database security ent-dbuncleRhyme
 
Dbms ii mca-ch12-security-2013
Dbms ii mca-ch12-security-2013Dbms ii mca-ch12-security-2013
Dbms ii mca-ch12-security-2013Prosanta Ghosh
 
security and privacy in dbms and in sql database
security and privacy in dbms and in sql databasesecurity and privacy in dbms and in sql database
security and privacy in dbms and in sql databasegourav kottawar
 
Database security
Database securityDatabase security
Database securitykeerthusandeepreddy
 
Distributed database security with discretionary access control
Distributed database security with discretionary access controlDistributed database security with discretionary access control
Distributed database security with discretionary access controlJyotishkar Dey
 
Database Security
Database SecurityDatabase Security
Database SecurityShingalaKrupa
 
Database security
Database securityDatabase security
Database securityBirju Tank
 
Security of the database
Security of the databaseSecurity of the database
Security of the databasePratik Tamgadge
 

Recomendados

01 database security ent-db
01 database security ent-db01 database security ent-db
01 database security ent-dbuncleRhyme
 
Dbms ii mca-ch12-security-2013
Dbms ii mca-ch12-security-2013Dbms ii mca-ch12-security-2013
Dbms ii mca-ch12-security-2013Prosanta Ghosh
 
security and privacy in dbms and in sql database
security and privacy in dbms and in sql databasesecurity and privacy in dbms and in sql database
security and privacy in dbms and in sql databasegourav kottawar
 
Database security
Database securityDatabase security
Database securitykeerthusandeepreddy
 
Distributed database security with discretionary access control
Distributed database security with discretionary access controlDistributed database security with discretionary access control
Distributed database security with discretionary access controlJyotishkar Dey
 
Database Security
Database SecurityDatabase Security
Database SecurityShingalaKrupa
 
Database security
Database securityDatabase security
Database securityBirju Tank
 
Security of the database
Security of the databaseSecurity of the database
Security of the databasePratik Tamgadge
 
DB security
DB security DB security
DB securityERSHUBHAM TIWARI
 
Database security
Database securityDatabase security
Database securitySoftware Engineering
 
Database security and security in networks
Database security and security in networksDatabase security and security in networks
Database security and security in networksG Prachi
 
Chapter23
Chapter23Chapter23
Chapter23gourab87
 
Database security
Database securityDatabase security
Database securityArpana shree
 
Distributed database security with discretionary access control
Distributed database security with discretionary access controlDistributed database security with discretionary access control
Distributed database security with discretionary access controlJyotishkar Dey
 
Database security
Database securityDatabase security
Database securityCAS
 
Data base security & integrity
Data base security & integrityData base security & integrity
Data base security & integrityPooja Dixit
 
Chapter 5 database security
Chapter 5 database securityChapter 5 database security
Chapter 5 database securitySyaiful Ahdan
 
Database security issues
Database security issuesDatabase security issues
Database security issuesn|u - The Open Security Community
 
Database modeling and security
Database modeling and securityDatabase modeling and security
Database modeling and securityNeeharika Nidadavolu
 
Data base security
Data base securityData base security
Data base securitySara Nazir
 
Database security
Database securityDatabase security
Database securityMurchana Borah
 
DBMS SECURITY
DBMS SECURITYDBMS SECURITY
DBMS SECURITYWasim Raza
 
Database Security And Authentication
Database Security And AuthenticationDatabase Security And Authentication
Database Security And AuthenticationSudeb Das
 
Security and Integrity of Data
Security and Integrity of DataSecurity and Integrity of Data
Security and Integrity of DataAdeel Riaz
 
Database security and privacy
Database security and privacyDatabase security and privacy
Database security and privacyMd. Ahasan Hasib
 
Security and Integrity
Security and IntegritySecurity and Integrity
Security and Integritylubna19
 
Database security
Database securityDatabase security
Database securityPrabhat gangwar
 
Database Security
Database SecurityDatabase Security
Database SecurityFerdous Pathan
 
Safety LAMP: data security & agile languages
Safety LAMP: data security & agile languagesSafety LAMP: data security & agile languages
Safety LAMP: data security & agile languagesPostgreSQL Experts, Inc.
 
Data base security and injection
Data base security and injectionData base security and injection
Data base security and injectionA. Shamel
 

Más contenido relacionado

La actualidad más candente

Database security and security in networks
Database security and security in networksDatabase security and security in networks
Database security and security in networksG Prachi
 
Distributed database security with discretionary access control
Distributed database security with discretionary access controlDistributed database security with discretionary access control
Distributed database security with discretionary access controlJyotishkar Dey
 
Database security
Database securityDatabase security
Database securityCAS
 
Data base security & integrity
Data base security & integrityData base security & integrity
Data base security & integrityPooja Dixit
 
Chapter 5 database security
Chapter 5 database securityChapter 5 database security
Chapter 5 database securitySyaiful Ahdan
 
Data base security
Data base securityData base security
Data base securitySara Nazir
 
Database Security And Authentication
Database Security And AuthenticationDatabase Security And Authentication
Database Security And AuthenticationSudeb Das
 
Security and Integrity of Data
Security and Integrity of DataSecurity and Integrity of Data
Security and Integrity of DataAdeel Riaz
 
Database security and privacy
Database security and privacyDatabase security and privacy
Database security and privacyMd. Ahasan Hasib
 
Security and Integrity
Security and IntegritySecurity and Integrity
Security and Integritylubna19
 

La actualidad más candente (20)

DB security
DB security DB security
DB security
 
Database security
Database securityDatabase security
Database security
 
Database security and security in networks
Database security and security in networksDatabase security and security in networks
Database security and security in networks
 
Chapter23
Chapter23Chapter23
Chapter23
 
Database security
Database securityDatabase security
Database security
 
Distributed database security with discretionary access control
Distributed database security with discretionary access controlDistributed database security with discretionary access control
Distributed database security with discretionary access control
 
Database security
Database securityDatabase security
Database security
 
Data base security & integrity
Data base security & integrityData base security & integrity
Data base security & integrity
 
Chapter 5 database security
Chapter 5 database securityChapter 5 database security
Chapter 5 database security
 
Database security issues
Database security issuesDatabase security issues
Database security issues
 
Database modeling and security
Database modeling and securityDatabase modeling and security
Database modeling and security
 
Data base security
Data base securityData base security
Data base security
 
Database security
Database securityDatabase security
Database security
 
DBMS SECURITY
DBMS SECURITYDBMS SECURITY
DBMS SECURITY
 
Database Security And Authentication
Database Security And AuthenticationDatabase Security And Authentication
Database Security And Authentication
 
Security and Integrity of Data
Security and Integrity of DataSecurity and Integrity of Data
Security and Integrity of Data
 
Database security and privacy
Database security and privacyDatabase security and privacy
Database security and privacy
 
Security and Integrity
Security and IntegritySecurity and Integrity
Security and Integrity
 
Database security
Database securityDatabase security
Database security
 
Database Security
Database SecurityDatabase Security
Database Security
 

Similar a Database security copy

Safety LAMP: data security & agile languages
Safety LAMP: data security & agile languagesSafety LAMP: data security & agile languages
Safety LAMP: data security & agile languagesPostgreSQL Experts, Inc.
 
Data base security and injection
Data base security and injectionData base security and injection
Data base security and injectionA. Shamel
 
Modern Data Security for the Enterprises – SQL Server & Azure SQL Database
Modern Data Security for the Enterprises – SQL Server & Azure SQL DatabaseModern Data Security for the Enterprises – SQL Server & Azure SQL Database
Modern Data Security for the Enterprises – SQL Server & Azure SQL DatabaseWinWire Technologies Inc
 
Security and Integrity violations, Authorisation and views, Integrity Constant
Security and Integrity violations, Authorisation and views, Integrity ConstantSecurity and Integrity violations, Authorisation and views, Integrity Constant
Security and Integrity violations, Authorisation and views, Integrity ConstantPrakash Kumar
 
Database security in database management.pptx
Database security in database management.pptxDatabase security in database management.pptx
Database security in database management.pptxFarhanaMariyam1
 
How to Detect SQL Injections & XSS Attacks with AlienVault USM
How to Detect SQL Injections & XSS Attacks with AlienVault USM How to Detect SQL Injections & XSS Attacks with AlienVault USM
How to Detect SQL Injections & XSS Attacks with AlienVault USM AlienVault
 
MobileDBSecurity.pptx
MobileDBSecurity.pptxMobileDBSecurity.pptx
MobileDBSecurity.pptxmissionsk81
 
Scylla Summit 2018: Access-control in Scylla - What You Can Do, How It Works,...
Scylla Summit 2018: Access-control in Scylla - What You Can Do, How It Works,...Scylla Summit 2018: Access-control in Scylla - What You Can Do, How It Works,...
Scylla Summit 2018: Access-control in Scylla - What You Can Do, How It Works,...ScyllaDB
 
Android App Security Fundamentals
Android App Security FundamentalsAndroid App Security Fundamentals
Android App Security FundamentalsAndreaCioccarelli
 
Implementing Active Directory and Information Security Audit also VAPT in Fin...
Implementing Active Directory and Information Security Audit also VAPT in Fin...Implementing Active Directory and Information Security Audit also VAPT in Fin...
Implementing Active Directory and Information Security Audit also VAPT in Fin...KajolPatel17
 
PeopleSoft: HACK THE Planet^W university
PeopleSoft: HACK THE Planet^W universityPeopleSoft: HACK THE Planet^W university
PeopleSoft: HACK THE Planet^W universityDmitry Iudin
 
Hunting for Privilege Escalation in Windows Environment
Hunting for Privilege Escalation in Windows EnvironmentHunting for Privilege Escalation in Windows Environment
Hunting for Privilege Escalation in Windows EnvironmentTeymur Kheirkhabarov
 
DIDAR: Database Intrusion Detection with Automated Recovery
DIDAR: Database Intrusion Detection with Automated RecoveryDIDAR: Database Intrusion Detection with Automated Recovery
DIDAR: Database Intrusion Detection with Automated RecoveryAsankhaya Sharma
 
How to protect your sensitive data using oracle database vault / Creating and...
How to protect your sensitive data using oracle database vault / Creating and...How to protect your sensitive data using oracle database vault / Creating and...
How to protect your sensitive data using oracle database vault / Creating and...Anar Godjaev
 
IRJET - Blockchain-based Public Integrity Verification for Cloud Storage Agai...
IRJET - Blockchain-based Public Integrity Verification for Cloud Storage Agai...IRJET - Blockchain-based Public Integrity Verification for Cloud Storage Agai...
IRJET - Blockchain-based Public Integrity Verification for Cloud Storage Agai...IRJET Journal
 
Make your Azure PaaS Deployment More Safe
Make your Azure PaaS Deployment More SafeMake your Azure PaaS Deployment More Safe
Make your Azure PaaS Deployment More SafeThuan Ng
 

Similar a Database security copy (20)

Safety LAMP: data security & agile languages
Safety LAMP: data security & agile languagesSafety LAMP: data security & agile languages
Safety LAMP: data security & agile languages
 
Data base security and injection
Data base security and injectionData base security and injection
Data base security and injection
 
Modern Data Security for the Enterprises – SQL Server & Azure SQL Database
Modern Data Security for the Enterprises – SQL Server & Azure SQL DatabaseModern Data Security for the Enterprises – SQL Server & Azure SQL Database
Modern Data Security for the Enterprises – SQL Server & Azure SQL Database
 
Security and Integrity violations, Authorisation and views, Integrity Constant
Security and Integrity violations, Authorisation and views, Integrity ConstantSecurity and Integrity violations, Authorisation and views, Integrity Constant
Security and Integrity violations, Authorisation and views, Integrity Constant
 
Database security in database management.pptx
Database security in database management.pptxDatabase security in database management.pptx
Database security in database management.pptx
 
How to Detect SQL Injections & XSS Attacks with AlienVault USM
How to Detect SQL Injections & XSS Attacks with AlienVault USM How to Detect SQL Injections & XSS Attacks with AlienVault USM
How to Detect SQL Injections & XSS Attacks with AlienVault USM
 
Database security
Database securityDatabase security
Database security
 
MobileDBSecurity.pptx
MobileDBSecurity.pptxMobileDBSecurity.pptx
MobileDBSecurity.pptx
 
Data Base
Data BaseData Base
Data Base
 
Scylla Summit 2018: Access-control in Scylla - What You Can Do, How It Works,...
Scylla Summit 2018: Access-control in Scylla - What You Can Do, How It Works,...Scylla Summit 2018: Access-control in Scylla - What You Can Do, How It Works,...
Scylla Summit 2018: Access-control in Scylla - What You Can Do, How It Works,...
 
Ingres database and compliance
Ingres database and complianceIngres database and compliance
Ingres database and compliance
 
Android App Security Fundamentals
Android App Security FundamentalsAndroid App Security Fundamentals
Android App Security Fundamentals
 
Database security
Database securityDatabase security
Database security
 
Implementing Active Directory and Information Security Audit also VAPT in Fin...
Implementing Active Directory and Information Security Audit also VAPT in Fin...Implementing Active Directory and Information Security Audit also VAPT in Fin...
Implementing Active Directory and Information Security Audit also VAPT in Fin...
 
PeopleSoft: HACK THE Planet^W university
PeopleSoft: HACK THE Planet^W universityPeopleSoft: HACK THE Planet^W university
PeopleSoft: HACK THE Planet^W university
 
Hunting for Privilege Escalation in Windows Environment
Hunting for Privilege Escalation in Windows EnvironmentHunting for Privilege Escalation in Windows Environment
Hunting for Privilege Escalation in Windows Environment
 
DIDAR: Database Intrusion Detection with Automated Recovery
DIDAR: Database Intrusion Detection with Automated RecoveryDIDAR: Database Intrusion Detection with Automated Recovery
DIDAR: Database Intrusion Detection with Automated Recovery
 
How to protect your sensitive data using oracle database vault / Creating and...
How to protect your sensitive data using oracle database vault / Creating and...How to protect your sensitive data using oracle database vault / Creating and...
How to protect your sensitive data using oracle database vault / Creating and...
 
IRJET - Blockchain-based Public Integrity Verification for Cloud Storage Agai...
IRJET - Blockchain-based Public Integrity Verification for Cloud Storage Agai...IRJET - Blockchain-based Public Integrity Verification for Cloud Storage Agai...
IRJET - Blockchain-based Public Integrity Verification for Cloud Storage Agai...
 
Make your Azure PaaS Deployment More Safe
Make your Azure PaaS Deployment More SafeMake your Azure PaaS Deployment More Safe
Make your Azure PaaS Deployment More Safe
 

Más de fika sweety

Query optimization and performance
Query optimization and performanceQuery optimization and performance
Query optimization and performancefika sweety
 
Program design techniques
Program design techniquesProgram design techniques
Program design techniquesfika sweety
 
Modeling and simulation ch 1
Modeling and simulation ch 1Modeling and simulation ch 1
Modeling and simulation ch 1fika sweety
 
Macros...presentation
Macros...presentationMacros...presentation
Macros...presentationfika sweety
 
Pseudocode algorithim flowchart
Pseudocode algorithim flowchartPseudocode algorithim flowchart
Pseudocode algorithim flowchartfika sweety
 
Howtowriteamemo 090920105907-phpapp02
Howtowriteamemo 090920105907-phpapp02Howtowriteamemo 090920105907-phpapp02
Howtowriteamemo 090920105907-phpapp02fika sweety
 
Coal presentationt
Coal presentationtCoal presentationt
Coal presentationtfika sweety
 
1 Computer Architecture
1 Computer Architecture1 Computer Architecture
1 Computer Architecturefika sweety
 
Warehouse chapter3
Warehouse chapter3 Warehouse chapter3
Warehouse chapter3 fika sweety
 
Query optimization and performance
Query optimization and performanceQuery optimization and performance
Query optimization and performancefika sweety
 

Más de fika sweety (20)

Query optimization and performance
Query optimization and performanceQuery optimization and performance
Query optimization and performance
 
Program design techniques
Program design techniquesProgram design techniques
Program design techniques
 
Plsql
PlsqlPlsql
Plsql
 
Shift rotate
Shift rotateShift rotate
Shift rotate
 
Graphss
GraphssGraphss
Graphss
 
Modeling and simulation ch 1
Modeling and simulation ch 1Modeling and simulation ch 1
Modeling and simulation ch 1
 
Macros...presentation
Macros...presentationMacros...presentation
Macros...presentation
 
Pseudocode algorithim flowchart
Pseudocode algorithim flowchartPseudocode algorithim flowchart
Pseudocode algorithim flowchart
 
Diversity (HRM)
Diversity (HRM)Diversity (HRM)
Diversity (HRM)
 
Howtowriteamemo 090920105907-phpapp02
Howtowriteamemo 090920105907-phpapp02Howtowriteamemo 090920105907-phpapp02
Howtowriteamemo 090920105907-phpapp02
 
Coal presentationt
Coal presentationtCoal presentationt
Coal presentationt
 
1 Computer Architecture
1 Computer Architecture1 Computer Architecture
1 Computer Architecture
 
3 Pipelining
3 Pipelining3 Pipelining
3 Pipelining
 
19 primkruskal
19 primkruskal19 primkruskal
19 primkruskal
 
Warehouse chapter3
Warehouse chapter3 Warehouse chapter3
Warehouse chapter3
 
Storage memory
Storage memoryStorage memory
Storage memory
 
Quick sort
Quick sortQuick sort
Quick sort
 
Query optimization and performance
Query optimization and performanceQuery optimization and performance
Query optimization and performance
 
L2
L2L2
L2
 
Master theorem
Master theoremMaster theorem
Master theorem
 

Último

Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfagholdier
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104misteraugie
 
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...fonyou31
 
fourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingfourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingTeacherCyreneCayanan
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3JemimahLaneBuaron
 
Disha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfDisha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfchloefrazer622
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxVishalSingh1417
 
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...christianmathematics
 
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...Sapna Thakur
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphThiyagu K
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfchloefrazer622
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfSoniaTolstoy
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactPECB
 
social pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajansocial pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajanpragatimahajan3
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactdawncurless
 
Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfAdmir Softic
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDThiyagu K
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxiammrhaywood
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13Steve Thomason
 

Último (20)

Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdf
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104
 
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
 
fourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingfourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writing
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3
 
Disha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfDisha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdf
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptx
 
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
 
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot Graph
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdf
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
 
social pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajansocial pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajan
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdf
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SD
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 

Database security copy

  • 1. DATABASE SECURITYDATABASE SECURITY By Oscar SuciadiBy Oscar Suciadi CS 157BCS 157B Prof. Sin-Min LeeProf. Sin-Min Lee
  • 2. DefinitionDefinition Database Security isDatabase Security is the mechanism that protect the databasethe mechanism that protect the database against intentional or accidental threats.against intentional or accidental threats. We consider database security in relation toWe consider database security in relation to the following situations:the following situations: - Theft and Fraud- Theft and Fraud - Loss of confidentiality- Loss of confidentiality
  • 3. IntroductionIntroduction – Loss of privacyLoss of privacy – Loss of integrityLoss of integrity – Loss of availabilityLoss of availability Threat isThreat is any intentional or accidental event thatany intentional or accidental event that may adversely affect the system.may adversely affect the system.
  • 4. Introduction (Cont)Introduction (Cont) Examples of threats:Examples of threats: - Using another person’s log-in name- Using another person’s log-in name toto access dataaccess data - Unauthorized copying data- Unauthorized copying data - Program/Data alteration- Program/Data alteration - Illegal entry by hacker- Illegal entry by hacker - Viruses- Viruses - Etc.- Etc.
  • 5. CountermeasuresCountermeasures Computer-Based Controls:Computer-Based Controls: - Authorization- Authorization - Views- Views - Backup and Recovery- Backup and Recovery - Integrity- Integrity - Encryption- Encryption - RAID Technology- RAID Technology
  • 6. AuthorizationAuthorization The granting of a privilege that enable aThe granting of a privilege that enable a user to have a legitimate access to auser to have a legitimate access to a system.system. They are sometimes referred as accessThey are sometimes referred as access controls.controls. The process of authorization involvesThe process of authorization involves authenticating the user requesting accessauthenticating the user requesting access to objects.to objects.
  • 7. AuthenticatingAuthenticating Means a mechanism that determinesMeans a mechanism that determines whether a user is who he/she claim to be.whether a user is who he/she claim to be. A system administrator is responsible forA system administrator is responsible for allowing users to have access to theallowing users to have access to the system by creating individual usersystem by creating individual user accounts.accounts.
  • 8. Closed Vs Open SystemsClosed Vs Open Systems Closed SystemsClosed Systems Some DBMS required authorization forSome DBMS required authorization for authorized DBMS users to access specificauthorized DBMS users to access specific objects.objects. Open SystemsOpen Systems Allow users to have complete access to allAllow users to have complete access to all objects within the database.objects within the database.
  • 9. A DBMS may permit both individual userA DBMS may permit both individual user identifiers and group identifiers to beidentifiers and group identifiers to be created.created. Certain privileges may be associated withCertain privileges may be associated with specific identifiers, which indicate whatspecific identifiers, which indicate what kind of privilege is allowed with certainkind of privilege is allowed with certain with certain database objects.with certain database objects.
  • 10. Each privileges has a binary valueEach privileges has a binary value associated with it. The binary values areassociated with it. The binary values are summed and the total value indicates whatsummed and the total value indicates what privileges are allowed for a specific user orprivileges are allowed for a specific user or group with a particular object.group with a particular object.
  • 11. User & Group IdentifierUser & Group Identifier UserUser IdentifierIdentifier TypeType GroupGroup MemberMember IdentifierIdentifier SG37SG37 UserUser SalesSales SG37SG37 SG14SG14 UserUser SalesSales SG14SG14 SG5SG5 UserUser SalesSales GroupGroup
  • 12. Access Control MatrixAccess Control Matrix UserUser IdentifierIdentifier Property#Property# TypeType PricePrice Owner#Owner# Staff#Staff# Branch#Branch# QueryQuery RowRow LimitLimit SalesSales 00010001 00010001 00010001 00000000 00000000 00000000 1515 SG37SG37 01010101 01010101 01110111 01010101 01110111 00000000 100100 SG5SG5 11111111 11111111 11111111 11111111 11111111 11111111 nonenone SELECTSELECT UPDATEUPDATE INSERTINSERT DELETEDELETE ALLALL 00010001 00100010 01000100 10001000 11111111
  • 13. ViewsViews Is the dynamic result of one or moreIs the dynamic result of one or more relational operations operating on therelational operations operating on the base relations to produce another relation.base relations to produce another relation. A view is a virtual relation that does notA view is a virtual relation that does not actually exist in the database, but isactually exist in the database, but is produced upon request by a particularproduced upon request by a particular user, at the time of request.user, at the time of request.
  • 14. Views (Cont)Views (Cont) The view mechanism provides a powerfulThe view mechanism provides a powerful and flexible security mechanism by hidingand flexible security mechanism by hiding parts of the database from certain users.parts of the database from certain users. The user is not aware of the existence ofThe user is not aware of the existence of any attributes or rows that are missingany attributes or rows that are missing from the view.from the view.
  • 15. Backup & RecoveryBackup & Recovery Is the process of periodically taking a copyIs the process of periodically taking a copy of the database and log file on to offlineof the database and log file on to offline storage media.storage media. DBMS should provide backup facilities toDBMS should provide backup facilities to assist with the recovery of a databaseassist with the recovery of a database failure.failure.
  • 16. IntegrityIntegrity Maintaining a secure database system byMaintaining a secure database system by preventing data from becoming invalid.preventing data from becoming invalid.
  • 17. EncryptionEncryption The encoding of data by a special algorithmThe encoding of data by a special algorithm that renders the data unreadable by anythat renders the data unreadable by any program without the decryption key.program without the decryption key. There will be degradation in performanceThere will be degradation in performance because of the time taken to decode it.because of the time taken to decode it. It also protects the data transmitted overIt also protects the data transmitted over communication lines.communication lines.
  • 18. RAIDRAID Redundant Array of Independent DisksRedundant Array of Independent Disks The hardware that the DBMS is running onThe hardware that the DBMS is running on must be fault-tolerant, meaning that themust be fault-tolerant, meaning that the DBMS should continue to operate even ifDBMS should continue to operate even if one of the hardware components fails.one of the hardware components fails. One solution is the use of RAID technology.One solution is the use of RAID technology.
  • 19. RAID (Cont)RAID (Cont) RAID works on having a large disk arrayRAID works on having a large disk array comprising an arrangement of severalcomprising an arrangement of several independent disks that are organized toindependent disks that are organized to improve reliability and at the same timeimprove reliability and at the same time increase performance.increase performance.