Download Database Security

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
Document related concepts

Microsoft Access wikipedia , lookup

Relational model wikipedia , lookup

Database wikipedia , lookup

Concurrency control wikipedia , lookup

Clusterpoint wikipedia , lookup

Microsoft Jet Database Engine wikipedia , lookup

Database model wikipedia , lookup

Object-relational impedance mismatch wikipedia , lookup

Transcript 
Database Security
By Bei Yuan
Why do we need DB Security?
• Make data arranged and secret
• Secure other’s DB
Security Issues:
• Security Policy
• Access Control
• Encryption
• Internet Security
• Threat Monitoring (Auditing)
Security Policy
• Exposures: A form of possible loss of a firm.
• Vulnerabilities: Weakness in an enterprise’s system.
• Threats: Specific, potential attack on the enterprise.
• Controls: Eliminate threats, vulnerabilities and
exposures
A security system is a system.
Access Control
♦ Access Control Models
♦ User Authentication
Access Control Models
• Discretionary Access Control (DAC) Model
• Mandatory Access Control (MAC) Model
• Role-Based Access Control (RABC) Model
Discretionary Access Control
• Ownership-based, flexible, most widely
used, low assurance
• Privileged users: DBA and owners of the
tables
Limitations of DAC
Mandatory Access Control
• Administration-based
• Data flow control rules
• High level of security, but less flexible
MAC Policy
Role-Based Access Control
• Flexible
• Separation of duty
• Able to express DAC, MAC, and userspecific policies using role constraints
• Easy to incorporated into current tech
User Authentication
• Password-Based Authentication
• Host-Based Authentication
• Third Party-Based Authentication
Encryption
• Full Database Encryption
• Partial Database Encryption
• Off-Line Database Encryption
Full Database Encryption
• Limit readability of DB files in the OS
• Redundance
• Time-consuming in changing encryption key
Off-line Database Encryption
A note of caution:
Organizations considering this should thoroughly
test that data which is encrypted before storage offline can be decrypted and re-imported successfully
before embarking on large-scale encryption of
backup data.
Internet Security
• Server Security
— Static Web Pages
— Dynamic Page Generation
• Session Security
Session Security
• Secret-key Security (Using single key)
• Public-key Security (Using two keys)
— SSL protocol
Auditing
• Audit via the database or operating system
• The DBA must be able to log every relevant
user action in order to recreate a series of
actions.
• The series of user actions is called the audit
trail.
Conclusion
Database security will always be the critical
component of every information system.
“Security costs. Pay for it, or pay for not having it.”
Related documents
All Definitions for
All Definitions for
Chapter 12 - Key Terms
Chapter 12 - Key Terms
security leaflet
security leaflet
50 Word Company Description 100 Word
50 Word Company Description 100 Word
a common digital Europe
a common digital Europe
Are you looking for an easier way to initiate and
Are you looking for an easier way to initiate and
Remote Access - York Technical College
Remote Access - York Technical College
BitLocker Drive Encryption Self
BitLocker Drive Encryption Self
Shouting from the Rooftops: Improving Email
Shouting from the Rooftops: Improving Email
Network Security: It`s Time to Take It Seriously
Network Security: It`s Time to Take It Seriously
Pr sentation PowerPoint
Pr sentation PowerPoint
Database Confidentiality
Database Confidentiality