Database Security. Objectives Scope of database security. Why database security is a serious concern for an organization. Type of threats that can affect.

Database Security

Objectives

• Scope of database security.• Why database security is a serious concern

for an organization.• Type of threats that can affect a database

system.• How to protect a computer system using

computer-based controls.• Security measures provided by Microsoft

Accesshttp://arief.ismy.web.id

Why do we have to secure our data?

• Data is a valuable resource that must be strictly controlled and managed, as with any corporate resource.

• Part or all of the corporate data may have strategic importance and therefore needs to be kept secure and confidential.

http://arief.ismy.web.id

Database Security

• Security refers to the protection of the database against unauthorized access, intentional or accidental.

• Database security refers to mechanisms that protect the database against intentional or accidental threats.

• Security considerations do not only apply to the data held in a database. Breaches of security may affect other parts of the system, which may in turn affect the database.

• Encompass hardware, software, people and data.

http://arief.ismy.web.id

Database Security

Reasons• The increasing amounts of crucial corporate

data being stored on computer

• The acceptance that any loss of this data could prove to be disastrous.

http://arief.ismy.web.id

Database Security

Reasons• The increasing amounts of crucial corporate

data being stored on computer

• The acceptance that any loss of this data could prove to be disastrous.

http://arief.ismy.web.id

Database Security

• Involves measures/situations to avoid:– Theft and fraud– Loss of confidentiality (secrecy)– Loss of privacy– Loss of integrity– Loss of availability

http://arief.ismy.web.id

Database Security

• Threat– Any situation or event, whether intentional or

unintentional, that will adversely affect a system and consequently an organization.

– Tangible: loss of hardware, software, data.– Intangible: loss of credibility or client confidence.

– Problem: identify all possible threats

http://arief.ismy.web.id

http://arief.ismy.web.id

Summary of Threats to Computer Systems

http://arief.ismy.web.id

Typical Multi-User Computer Environment

Countermeasures

• Computer based control for a multiuser environment:– Authorization– Access control– Views– Backup Recovery– Integrity– Encryption– RAID technology

Authorization

• Authorization: the granting of a right or privilege that enables a subject to have legitimate access to a system or a system’s object

• Privilege allows user to create and access some database objects

• Authentication: A mechanism that determines whether a user is who he or she claims to be

Access Control

• Access Control: granting and revoking of privilege.– Granting is to give privilege– Revoking is to delete privilege

• DBMS has two types of access control– Discretionary Access Control allows user to grant and

revoke privilege– Mandatory Access Control is based on system-wide

policies that cannot be changed by individual users

Views

• Views have flexible security mechanism by hiding parts of the database from certain users.

• Only authorized users can use a view but not to use its base relations.

Backup & Recovery

• Backup: the process of periodically copying the database and the log files to offline storage media

• Journaling: The process f keeping and maintaining a log file (or journal) of all changes made to database to enable recovery to be undertaken effectively in the event of failure

Integrity

• Integrity constraints contribute to maintaining a secure database system by preventing data from becoming invalid and hence giving misleading or incorrect results.

Encryption

• Encryption: the encoding of the data by special algorithm that renders the data unreadable by any program without the decryption key.

• Cryptosystem includes:– Encryption key to encrypt data– Encryption algorithm works with encryption key to encode

data (from plaintext to ciphertext)– Decryption key to decrypt data– Decryption algorithm works with decryption key to decode

data (from ciphertext to plaintext).

Cryptosystem

• Cryptosystem has two techniques:– Symmetric encryption• Use the same key for encryption and decryption• Uses Data Encryption Standard (DES) developed by IBM

– Asymmetric encryption• Use a different key for encryption and decryption• Public key cryptosystem uses two keys: public key &

private key.• The most known asymetric encryption is RSA (Rivest,

Shamir and Adleman).

RAID (Redundant Array of Independent Disks) Technology

• Hardware that the DBMS is running on must be fault-tolerant, meaning that the DBMS should continue to operate even if one of the hardware components fails.

• Suggests having redundant components that can be seamlessly integrated into the working system whenever there is one or more component failures.

http://arief.ismy.web.id

RAID Technology

• Main hardware components that should be fault-tolerant include disk drives, disk controllers, CPU, power supplies, cooling fans.

• Disk drives are most vulnerable components with shortest times between failure of any of the hardware components.

http://arief.ismy.web.id

RAID Technology

• One solution is to provide a large disk array comprising an arrangement of several independent disks organized to improve reliability and increase performance.

• Redundant Array of Independent Disks

http://arief.ismy.web.id

RAID Technology

• Performance is increased through data striping: the data is segmented into equal-size partitions (the striping unit), which are transparently distributed across multiple disks. – Parallel services

• Reliability is improved through storing redundant information across the disks using a parity scheme or an error-correcting scheme.

http://arief.ismy.web.id

Security in Microsoft Access DBMS

• Provides two methods for securing a database:– setting a password for opening a database

(system security);– user-level security, which can be used to

limit the parts of the database that a user can read or update (data security).

http://arief.ismy.web.id

Securing the DreamHome Database Using a Password

http://arief.ismy.web.id

User and Group Accounts Dialog Box for the DreamHome Database

http://arief.ismy.web.id

User and Group Permissions Dialog Box

http://arief.ismy.web.id

Web Security

• The challenge:– Privacy (inaccessible only for sender and receiver)– Integrity (cannot be changed during transmission)– Authenticity (the true sender)– Non Fabrication (the true receiver)– Non repudiation (true messages)

Proxy Servers

• Proxy server is placed between Web browser and Web server.

• Save results of all requests for a certain amount of time

• Used to filter requests

Firewall

• Type firewall:– Packet filter– Application gateway– Circuit level gateway– Proxy server

Message Digest Algorithm

• A message digest takes an arbitrarily sized string and generates a fixed length string

• A digest characteristic:– It should be computationally infeasible to find

another message that will generate the same digest

– It does not reveal anything about the message

Digital Signature

• DS consists of two pieces of information– Its useful properties:– Its authenticity can be verified– It cannot be forged– It is a function of the data signed and cannot be claimed to be

the signature for any other data– The signed data cannot be changed otherwise the signature will

no longer verify data as being authentic• Two DS techniques:

– Use message digest algorithm for part of their computation– Digest a message and digitally sign the digest rather than the

message

Digital Certificates

• DC is attachment to an electronic message used for security purposes to verify that sending the message is the right sender and provide the receiver with the means to encode the reply.

Group Homework

Summarize the advantages and disadvantages of • Secure Sockets Layer and secure HTTP• Secure Electronic Transactions and Secure

Transaction Technology• Java Security• ActiveX security