Download Data mining

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
page
25
page
26
page
27
page
28
page
29
page
30
page
31
page
32
page
33
page
34
page
35
page
36
page
37
page
38
page
39
page
40
page
41
page
42
page
43
page
44
page
45
page
46
Document related concepts

Extensible Storage Engine wikipedia , lookup

Entity–attribute–value model wikipedia , lookup

Database wikipedia , lookup

Microsoft Access wikipedia , lookup

Team Foundation Server wikipedia , lookup

Microsoft Jet Database Engine wikipedia , lookup

Oracle Database wikipedia , lookup

Clusterpoint wikipedia , lookup

Relational model wikipedia , lookup

Database model wikipedia , lookup

Open Database Connectivity wikipedia , lookup

Microsoft SQL Server wikipedia , lookup

SQL wikipedia , lookup

PL/SQL wikipedia , lookup

Transcript 
CS551 Project - Security of Databases
Security of Databases
By
Christopher DiBiagio-Wood
Yves LéPouchard
Yiting Nan
Kendrick Hang
Ted Hsu
04/26
2000
Outline
Overview
OODBS
SQL
Oracle &
Microsoft
SQL Server
Active DB
Data mining
/warehouse
Real-time
Conclusion
Outline
Topics
Database Security Overview
Object Oriented Database Security
SQL
Oracle® and MS® SQL Server
Active Databases
Data Warehousing and Mining
Real-time databases
Conclusion
University of Virginia - CS551 Project - Security of Databases
2
04/26
2000
Outline
Overview
OODBS
SQL
Oracle &
Microsoft
SQL Server
Active DB
Data mining
/warehouse
Real-time
Conclusion
Overview of Database Security
The 3 primary goals of DB Security
Secrecy
data is not disclosed to unauthorized users
Integrity
only authorized users can modify the data
Availability
authorized users are only denied access to
data when absolutely necessary
example: table locked for a write operation
University of Virginia - CS551 Project - Security of Databases
3
04/26
2000
Outline
Overview
OODBS
SQL
Oracle &
Microsoft
SQL Server
Active DB
Data mining
/warehouse
Real-time
Conclusion
Models of Database Security
Access Control Lists
all users are given lists of rights to all
objects in the database (like OSes)
Flow Control
information passage between objects is
governed by data flow rules
Bell-LaPadula Model
has two important properties
the basis of mandatory access control
University of Virginia - CS551 Project - Security of Databases
4
04/26
2000
Comparison of Flow vs. ACLs
Outline
Overview
OODBS
SQL
Oracle &
Microsoft
SQL Server
Active DB
Data mining
/warehouse
Real-time
Conclusion
University of Virginia - CS551 Project - Security of Databases
5
04/26
2000
Outline
Overview
OODBS
SQL
Oracle &
Microsoft
SQL Server
Active DB
Data mining
/warehouse
Real-time
Conclusion
Mandatory Access Control
Bell-LaPadula Model (saw this before)
1. Simple Security Property: A subject S can read an object O
only if [class (O)] <= [class (S)]
2. *-Property (Confinement): A subject S can write to an
object O only if [class (O)] >= [class (S)]
based on military security ideals, it is described in terms of
objects, subjects, security classes, and clearances
Security classes are usually ordered TS > S > C > U
Given that objects are given security classes and subjects
are given clearances, the database system enforces the
security policies using the 2 rules of the above model
the key issue is that mandatory access control is a system
wide policy, not a user controlled access system
University of Virginia - CS551 Project - Security of Databases
6
04/26
2000
Outline
Overview
OODBS
SQL
Oracle &
Microsoft
SQL Server
Discretionary Access Control
Uses privileges that are granted and
revoked between users
Weaker than mandatory access control
Strongly linked to SQL92
Can grant privileges like this:
Active DB
GRANT privileges ON object TO users [WITH GRANT OPTION]
Data mining
/warehouse
select, insert, update, delete, and references
Real-time
Conclusion
Grantable privileges include:
Revoking a privilege can cause cascading
revocations
University of Virginia - CS551 Project - Security of Databases
7
04/26
2000
Discretionary Access Example
Outline
Overview
OODBS
SQL
Oracle &
Microsoft
SQL Server
Active DB
Data mining
/warehouse
Real-time
Conclusion
University of Virginia - CS551 Project - Security of Databases
8
04/26
2000
Outline
Overview
OODBS
SQL
Oracle &
Microsoft
SQL Server
Active DB
Data mining
/warehouse
Real-time
Conclusion
Views/Roles
Views
users can pass rights for only certain columns or
rows in a table (more specific access control)
the underlying representation of the view is
unknown to the recipient
Roles
privileges are associated with a job rather than a
user, because this is often more natural
users are assigned to roles in the system
roles can be assigned sub-roles for nesting
University of Virginia - CS551 Project - Security of Databases
9
04/26
2000
Outline
Overview
OODBS
SQL
Oracle &
Microsoft
SQL Server
Active DB
Data mining
/warehouse
Real-time
Conclusion
Covert Channels
A Difficult Problem
This is an extremely hard to combat method of
passing data through unexpected pathways (not
new)
For instance, use differential commit transactions
to pass ‘1’ or ‘0’ from a higher level DB user to a
lower level one
Stopping this kind of attack often requires
limiting the database to one op at a time
You can also formally prove that a covert attack
is not possible (extremely difficult to do)
University of Virginia - CS551 Project - Security of Databases
10
04/26
2000
Outline
Overview
OODBS
SQL
Oracle &
Microsoft
SQL Server
Active DB
Data mining
/warehouse
Real-time
Conclusion
Inference
Inference Attacks produce protected
information from databases by logical
deduction (usually statistical)
Examples:
Salary of the company president is protected,
but not the MAX of salaries in the database,
which is a statistical query
The number of top rated people is protected, but
not the average rating of the top n, n+1, . . .
until the average drops
University of Virginia - CS551 Project - Security of Databases
11
04/26
2000
Outline
Overview
OODBS
SQL
Oracle &
Microsoft
SQL Server
Active DB
Data mining
/warehouse
Real-time
Conclusion
Auditing
Similar to OS auditing
A retroactive technique to check
whether improper access to database
information has been obtained
this allows corrective action to be taken
(sometimes automated as part of audit system)
it can also notify the DBA of potential security
breakdowns or corrupted data and set other
processes in motion
University of Virginia - CS551 Project - Security of Databases
12
04/26
2000
Outline
Overview
OODBS
SQL
Oracle &
Microsoft
SQL Server
Active DB
Data mining
/warehouse
Encryption
Information can be stored as
ciphertext within the database
This keeps those who steal the data
from being able to decrypt it, because
they do not know the keys
This step serves as a good second
layer of defense for a data fortress
Real-time
Conclusion
University of Virginia - CS551 Project - Security of Databases
13
04/26
2000
Outline
Overview
OODBS
SQL
Oracle &
Microsoft
SQL Server
Active DB
Data mining
/warehouse
Real-time
Conclusion
Object-Oriented Databases
= database containing OO data
Data encapsulated in Objects
Objects = instances of classes
Objects have attributes / variables
Object have methods (functions)
Objects communicate via messages
Inheritance hierarchy
Definition of Object-Oriented is
controversial
University of Virginia - CS551 Project - Security of Databases
14
04/26
2000
Outline
Overview
OODBS
SQL
Oracle &
Microsoft
SQL Server
Active DB
Data mining
/warehouse
Real-time
Conclusion
Orion (1)
=
discretionary security model for
OODB
Role-based (Role Lattice)
Classes (AOS) and instances (AOL)
Access modes (AAM & ATL)
Write, Read, Generate, Write any, Read Definition
Authorizations
explicit / implicit
positive / negative
strong / weak
University of Virginia - CS551 Project - Security of Databases
15
04/26
2000
Orion (2)
Outline
Overview
OODBS
SQL
Oracle &
Microsoft
SQL Server
Active DB
Data mining
/warehouse
Real-time
Conclusion
University of Virginia - CS551 Project - Security of Databases
16
04/26
2000
Orion (3)
Outline
Overview
OODBS
SQL
Oracle &
Microsoft
SQL Server
Active DB
Data mining
/warehouse
Real-time
Conclusion
Propagation of access modes restricted
A.up (WA, RD) / A.down (W, R) / A.nil (G)
6 formal rules to describe this propagation
e.g Authorizations with access mode belonging to A.down
are propagated for subjects at higher levels, and for objects
at lower levels as described in the corresponding lattices
University of Virginia - CS551 Project - Security of Databases
17
04/26
2000
Outline
Overview
OODBS
SQL
Oracle &
Microsoft
SQL Server
Active DB
Data mining
/warehouse
Real-time
Conclusion
Message filter (1)
= mandatory security model based on
Bell-LaPadula rules
message filter mediates every message
exchanged between objects
subjects and objects are considered as
objects in the BLP meaning
Object has an immutable security level
Alterations to an object (like its
creation) consists of a message which
is sent by the object to itself
University of Virginia - CS551 Project - Security of Databases
18
04/26
2000
Outline
Overview
OODBS
SQL
Oracle &
Microsoft
SQL Server
Active DB
Data mining
/warehouse
Real-time
Conclusion
Message filter (2)
Two basic rules:
the level of an instance object must
dominate the level of the class of which
the object is an instance
the level of a subclass must dominate
the level of its super class(es)
Three decisions of the message filter:
block, let flow or enforce restriction
University of Virginia - CS551 Project - Security of Databases
19
04/26
2000
Outline
Overview
OODBS
SQL
Oracle &
Microsoft
SQL Server
Active DB
Data mining
/warehouse
How SQL handles security
View
A view is a virtual table. For example:
Create or replace view RESTRICTED_NAMES as
Select * from NAME
Where Name = User;
Authority
SQL99 based on Role-model.
Real-time
Conclusion
University of Virginia - CS551 Project - Security of Databases
20
04/26
2000
Outline
Overview
OODBS
SQL
Oracle &
Microsoft
SQL Server
Active DB
Data mining
/warehouse
Real-time
Authority
Advantages of Role-based model:
Permit enforcement of the least privilege
Permits enforcement of the separation of
duties principle
Simplified the authorization management
task
Allows for more powerful administrative
policies
Conclusion
University of Virginia - CS551 Project - Security of Databases
21
04/26
2000
Outline
Overview
OODBS
SQL
Oracle &
Microsoft
SQL Server
Active DB
Data mining
/warehouse
Real-time
Conclusion
Example - Oracle 8
Role can be granted two database privileges:
system privileges and object privileges
create role clerk;
create role manager;
grant select on account_access TO clerk;
GRANT clerk TO manager;
REVOKE SELECT ON account_access FROM clerk;
DROP ROLE clerk;
Role can also be authorized by the operating system
or network. The SQL statement is like:
CREATE ROLE account_access IDENTIFIED EXTERNALLY;
University of Virginia - CS551 Project - Security of Databases
22
04/26
2000
Outline
Overview
OODBS
SQL
Oracle &
Microsoft
SQL Server
Active DB
Data mining
/warehouse
Relational Databases
SQL is the standard relational
database language
Two widely used commercial relational
databases
SQL Server 7 by Microsoft
Oracle 8/8i by Oracle
Real-time
Conclusion
University of Virginia - CS551 Project - Security of Databases
23
04/26
2000
Outline
Relational Databases
Microsoft SQL Server Security
Overview
OODBS
SQL
Oracle &
Microsoft
SQL Server
Active DB
Data mining
/warehouse
Claim: “SQL Server 7.0 makes farreaching enhancements in data
security by completely integrating
Microsoft Windows NT security into
the SQL Server core”
Real-time
Conclusion
University of Virginia - CS551 Project - Security of Databases
24
04/26
2000
Outline
Overview
OODBS
SQL
Oracle &
Microsoft
SQL Server
Relational Databases
Microsoft SQL Server Security Features
Security Modes
Roles
Permissions
Networking Protocols
Active DB
Data mining
/warehouse
Real-time
Version 7 is the first to provide these
features
Conclusion
University of Virginia - CS551 Project - Security of Databases
25
04/26
2000
Outline
Overview
OODBS
SQL
Oracle &
Microsoft
SQL Server
Active DB
Data mining
/warehouse
Relational Databases
Oracle 8/8i Security Features
Authentication Modes
Oracle, Host OS, Third-Party
Privileges
2 types: system and object
Stored Procedures
Call procedures instead of modifying data
Real-time
Conclusion
University of Virginia - CS551 Project - Security of Databases
26
04/26
2000
Outline
Overview
OODBS
SQL
Oracle &
Microsoft
SQL Server
Active DB
Data mining
/warehouse
Real-time
Relational Databases
Oracle 8/8i Security Features
Virtual Private Database
Fine grained control at DB level instead of
app level for client interfaces
Roles
Auditing
Database Encryption
Choose from: full, partial, or off-line
Conclusion
University of Virginia - CS551 Project - Security of Databases
27
04/26
2000
Outline
Overview
OODBS
SQL
Oracle &
Microsoft
SQL Server
Active DB
Data mining
/warehouse
Relational Databases
SQL Server and Oracle 8i are widely
used on the Internet
What mechanisms do we have when
we operate on the Internet?
Still dependent on the operating system
New features include secure networking
and secure services
Real-time
Conclusion
University of Virginia - CS551 Project - Security of Databases
28
04/26
2000
Active Databases
Outline
What is an active database?
Overview
OODBS
SQL
Oracle &
Microsoft
SQL Server
Active DB
Data mining
/warehouse
Automatically executes actions
Reactive behavior
Benefits
Reactive behavior moved to DBMS
DBMS can react & monitor specific events
Centralized & timely
Real-time
Conclusion
University of Virginia - CS551 Project - Security of Databases
29
04/26
2000
Outline
Overview
OODBS
SQL
Oracle &
Microsoft
SQL Server
Need for Rules System
Most active database definitions
informal
Need formal definition
Help define clear & maintainable policy
Active DB
Data mining
/warehouse
Real-time
Conclusion
University of Virginia - CS551 Project - Security of Databases
30
04/26
2000
Outline
Overview
OODBS
SQL
Oracle &
Microsoft
SQL Server
Active DB
Data mining
/warehouse
Active database model
Knowledge Model – describes rules
Event
Condition
Action
ECA (Event-condition-action)
Execution Model – describes behaviors
associated with rule
Real-time
Conclusion
University of Virginia - CS551 Project - Security of Databases
31
04/26
2000
Outline
Overview
OODBS
SQL
Oracle &
Microsoft
SQL Server
Active DB
Data mining
/warehouse
Termination Problem
Event conditions can call other events
Possibility of infinite loop
Solutions
Static analysis of rules set
Limit number of rules evaluated in
sequence
Real-time
Conclusion
University of Virginia - CS551 Project - Security of Databases
32
04/26
2000
Outline
Overview
OODBS
SQL
Oracle &
Microsoft
SQL Server
Active DB
Data mining
/warehouse
Granularity
Event granularity
Transition granularity
Net effect
Multiple event-rule pairs triggered
Starburst
Check with transition table
Option to delay with later net effects
Real-time
Conclusion
University of Virginia - CS551 Project - Security of Databases
33
04/26
2000
Outline
Overview
OODBS
SQL
Oracle &
Microsoft
SQL Server
Active DB
Data mining
/warehouse
Need for Monitors
Needed to enforce policy
Monitors
Event Detector
Condition Monitor
Scheduler
Query evaluator
Real-time
Conclusion
University of Virginia - CS551 Project - Security of Databases
34
04/26
2000
Outline
Overview
OODBS
SQL
Oracle &
Microsoft
SQL Server
Active DB
Data mining
/warehouse
Real-time
Data Warehousing and Mining
Data warehousing
A technique to integrate an organization’s
distributed, autonomous, and
heterogeneous data for use in analysis.
Data mining
A technology that converts data in data
warehouse into useful information. It can
give a complete picture of the data.
Conclusion
University of Virginia - CS551 Project - Security of Databases
35
04/26
2000
Outline
Overview
OODBS
SQL
Oracle &
Microsoft
SQL Server
Security in Data Warehousing
Characters
Subject-oriented
Integrated
Time-variant
Low volatility
Issues
Data mining
/warehouse
security architectures,
integrating multiple security policies for the warehouse,
inference problem,
Real-time
administrating and auditing the warehouse.
Active DB
Conclusion
University of Virginia - CS551 Project - Security of Databases
36
04/26
2000
Outline
Overview
OODBS
SQL
Oracle &
Microsoft
SQL Server
Active DB
Data mining
/warehouse
Real-time
Data Mining and Security
As a technique to handle security
problems
Such as intrusion detection and database
auditing, which finding abnormal pattern
in audit data.
Security in data mining itself
The main problem is the inference problem.
It is a dual-edged sword.
Conclusion
University of Virginia - CS551 Project - Security of Databases
37
04/26
2000
Outline
Overview
OODBS
SQL
Oracle &
Microsoft
SQL Server
Active DB
Data mining
/warehouse
Real-time
Conclusion
Data Mining - Challenges
Same problem as statistical databases have.
Do not know what it is we are trying to
protect.
Opposite of raised by statistical/summary queries that
value to be protected is the individual values of data
instances.
Model imprecise database inference.
Establish the granularity of inference and evaluate the
potential of inference compromise.
Materialization of latent facts and rules (inference
channels)
Representation method to express common sense
knowledge
University of Virginia - CS551 Project - Security of Databases
38
04/26
2000
Outline
Overview
OODBS
SQL
Oracle &
Microsoft
SQL Server
Active DB
Data mining
/warehouse
Real-time
Conclusion
Mining - Current Approaches
Before-hand
Adding an inference
controller between data
mining tools and data
warehouse.
After-hand
Use data mining tools to see
whether sensitive
information can be
deduced.
University of Virginia - CS551 Project - Security of Databases
39
04/26
2000
Outline
Overview
OODBS
SQL
Oracle &
Microsoft
SQL Server
Active DB
Data mining
/warehouse
Real-time Database Definition
A real-time database is a database in
which each transaction has a deadline.
Implies:
Real-time database correctness is based on
both logical correctness and the timelines of
its actions.
Real-time
Conclusion
University of Virginia - CS551 Project - Security of Databases
40
04/26
2000
Outline
Overview
OODBS
SQL
Oracle &
Microsoft
SQL Server
Active DB
Data mining
/warehouse
Real-time
Conclusion
Real-time DB Motivation
Many RTDBS applications arise in
safety-critical areas where enforcing
security is crucial (aerospace, stock
exchanges)
A secure RTDBS has to simultaneously
satisfy two conflicting requirements guarantee data security and minimize
the number of missed transaction
deadlines.
University of Virginia - CS551 Project - Security of Databases
41
04/26
2000
Outline
Overview
OODBS
SQL
Oracle &
Microsoft
SQL Server
Active DB
Data mining
/warehouse
Real-time
Real-time Database Issues
New architectural and transaction
processing model
New approaches to supporting
transaction scheduling and
concurrency control
New specification language
New metrics for evaluation
Conclusion
University of Virginia - CS551 Project - Security of Databases
42
04/26
2000
Outline
Overview
OODBS
SQL
Oracle &
Microsoft
SQL Server
Active DB
Data mining
/warehouse
Real-time
Conclusion
Real-time DB Proposals (1)
Assumption:
Timeliness is more essential than security and
hence security can be traded for timeliness.
Solution:
Defined the notion of partial security.
Classified transactions into three catalogs:
class1 - Critical and periodic transactions
class2 - Critical and aperiodic transactions
class3 - Non-critical transactions
University of Virginia - CS551 Project - Security of Databases
43
04/26
2000
Outline
Overview
OODBS
SQL
Oracle &
Microsoft
SQL Server
Active DB
Data mining
/warehouse
Real-time
Real-time DB Proposals (2)
Assumption:
Security is of utmost importance (i.e. it is a
correctness criterion) whereas timeliness is a
performance issue.
Solution:
Simultaneously using different Concurrent
Control protocols in order to guarantee
security and improve real time performance.
Conclusion
University of Virginia - CS551 Project - Security of Databases
44
04/26
2000
Outline
Overview
OODBS
SQL
Oracle &
Microsoft
SQL Server
Active DB
Data mining
/warehouse
Real-time
Conclusion
Conclusion
Database security is a complex topic
There are many different database
paradigms and hence many different
security models
Commercial systems only implement
part of the solutions to date
More standardization is needed
More research is needed
University of Virginia - CS551 Project - Security of Databases
45
04/26
2000
Outline
Overview
OODBS
Our Web Page
Go here to learn more:
www.cs.virginia.edu/~kjh7r
SQL
Oracle &
Microsoft
SQL Server
Active DB
Data mining
/warehouse
Real-time
Conclusion
University of Virginia - CS551 Project - Security of Databases
46
Related documents
Data Resource Management
Data Resource Management
Chapter 6 Concepts New 11e Edition
Chapter 6 Concepts New 11e Edition
Business Intelligence and Data Warehousing
Business Intelligence and Data Warehousing
Recruitment Authorisation Form
Recruitment Authorisation Form
Chapter 5 Concepts Old 10th Edition
Chapter 5 Concepts Old 10th Edition
Data Warehouse performance and maintenance
Data Warehouse performance and maintenance
Data Warehouse Developer- (ETL)
Data Warehouse Developer- (ETL)
ĎŽŗťš 1
ĎŽŗťš 1
Database Modeling and Implementation
Database Modeling and Implementation
Oracle Demo Database Sample Queries
Oracle Demo Database Sample Queries
Document
Document
Deliver Rich Analytics with Analysis Services SQL Server
Deliver Rich Analytics with Analysis Services SQL Server