Download Distributed DBMS Security

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
Document related concepts

Global serializability wikipedia , lookup

Commitment ordering wikipedia , lookup

Serializability wikipedia , lookup

Microsoft Access wikipedia , lookup

Open Database Connectivity wikipedia , lookup

Database wikipedia , lookup

Relational model wikipedia , lookup

Microsoft Jet Database Engine wikipedia , lookup

Functional Database Model wikipedia , lookup

Clusterpoint wikipedia , lookup

ContactPoint wikipedia , lookup

Database model wikipedia , lookup

Concurrency control wikipedia , lookup

Transcript 
DDBMS Security
- Bakul Gada
Overview
Introduction to Database Security
Security Issues in centralized databases
Security issues in Distributed Databases
Introduction

Data security
–

Protect data against unauthorized access.
Two aspects
–
–
Data protection.
Authorization Control.
Aspects of Data security

Data Protection
–

Can be achieved using data encryption techniques.
Authorization Control
–
It ensures that only authorized users perform, operations
that they are allowed to perform on the database.
Reference: Principles of Distributed Database Systems –
M. Tamer Ozsu & Patrick Valduriez
Authorization Control

It includes two main issues
–
Access control

–
Unauthorized Access to data should not be allowed.
Integrity

Only authorized users should be allowed to modify data
in the database.
Centralized Authorization Control

Allowing a user to do a particular operation
on the subsets of database.

In RDBMS these subsets can be defined
using Views.
–
Views allow limited access to database
Methods of Authorization Control

Discretionary Access Control
–

Based on privileges or access rights
Mandatory Access control
–
Based on policies that can’t be changed by
individual users
Reference: Database Management Systems - R.Ramakrishnan /
J Gehrke (2nd ed.)
Discretionary Access Control

This can be implemented at two levels
–
Account Level

–
Set privileges for each account on different relations
Relation Level

Set privileges to access each individual relation or view
Reference: Database Management Systems - R.Ramakrishnan /
J Gehrke (2nd ed.)
GRANT and REVOKE commands

SQL supports discretionary access control through
grant and revoke commands.
–
Syntax for GRANT and REVOKE commands
 GRANT < operation type(s)> ON <object> TO <user(s)>
 REVOKE < operation type(s)> ON <object> TO <user(s)>
Reference: Principles of Distributed Database Systems –
M. Tamer Ozsu & Patrick Valduriez
Mandatory Access Control

Users classified based on security classes
–
–
–
–
Top Secret (TS)
Secret (S)
Confidential (C)
Unclassified (U)
Bell –LaPadula Model


Most Popular Model for multilevel security.
Two restrictions are enforced on data access based
on subject/object classification.
–
–
A subject S is not allowed to read an object O unless
class(S)  class(O)
A subject S is not allowed to write an object O unless
class(S)  class(O)
Reference: Bell D.E and LaPadula L.J., "Secure Computer Systems:
Unified Exposition and Multics Interpretation", THE MITRE
Corporation, July 1975.
Authorization Control in Distributed
Environment.




More Complex.
Remote User Authentication
Management of distributed authorization rules
Handling of Views and User Groups
Reference: Principles of Distributed Database Systems –
M. Tamer Ozsu & Patrick Valduriez
Solution

Information for authenticating users is
replicated at all sites.

All sites of the DDBMS identify &
authenticate themselves similarly to the way
users do.
Integrity



How to guarantee database consistency ?
A database is said to be consistent if it satisfies the
set of integrity constraints.
Concurrency control techniques
–
–
–
–
Locking Technique
Timestamp Ordering
Multiversion Concurrency Control
Validation Concurrency Control
Ref: Fundamentals of Database Systems - Elmasri & Navathe (3rd ed)
Integrity in Distributed Databases

Concurrency Control techniques need to be
employed in Distributed databases.

Two general classes
–
–
Pessimistic Concurrency Control
Optimistic Concurrency Control


Summary
Security issues in Distributed Databases are more
complex as compared to Centralized Databases. But
they can be taken care of through careful study.
Future
Right now, RDBMS is a better choice for distributed
applications. OODBMSs are much more difficult to
implement in a distributed environment. Steps are
being taken to do the same.
Related documents
Database Design for the Web
Database Design for the Web
Introduction to Database
Introduction to Database
LOYOLA COLLEGE (AUTONOMOUS), CHENNAI – 600 034
LOYOLA COLLEGE (AUTONOMOUS), CHENNAI – 600 034
Authorization to Obtain Patient Information
Authorization to Obtain Patient Information
Release of Information - Rheumatology Care Center
Release of Information - Rheumatology Care Center
Authorization to release healthcare form AARC
Authorization to release healthcare form AARC
Authorization, Release or Review of Medical Records
Authorization, Release or Review of Medical Records
SE487 outline - current Term
SE487 outline - current Term
Description of Private Health Information to be released: Insert what
Description of Private Health Information to be released: Insert what
CSE 510 Database Management System Implementation
CSE 510 Database Management System Implementation
Michigan General Authorization Form for
Michigan General Authorization Form for
Direct Marketing
Direct Marketing