Introduction To Security and Privacy Einführung in die IT-Sicherheit I
|
|
- Esmond Golden
- 6 years ago
- Views:
Transcription
1 Introduction To Security and Privacy Einführung in die IT-Sicherheit I Prof. Dr. rer. nat. Doğan Kesdoğan Institut für Wirtschaftsinformatik kesdogan@fb5.uni-siegen.de Source: William Stallings and Lawrie Brown 1
2 Summary Introduction to database and DBMS Statistical Database Inference Limit of Inference Protection Database encryption 2
3 Introduction to Database and DBMS 3
4 Database Security Database structured collection of data stored contains the relationships between data items Database man. system programs for constructing and maintaining database use database description tables to manage physical database interface to the database is through a file/transaction manager Data manipulation/query language uniform interface to the database Database definition lang. define logical structure and procedural properties represented by a set of database description tables 4
5 Relational Databases Constructed from tables of data each column holds a particular type of data each row contains a specific value these ideally has one column where all values are unique, forming an identifier/key for that row Have multiple tables linked by identifiers Use a query language to access data items meeting specified criteria 5
6 Relational Database Example Flat file one entry for each subscriber single two-dimensional data Query language allows user to request selected items of data from all records that fit a given set of criteria 6
7 Relational Database Elements Relation / table / file tuple / row / record attribute / column / field primary key uniquely identifies a row consists of one or more attributes to create a relationship between two tables, the attributes of primary key must be in second table foreign key links one table to attributes in another view / virtual table result of a query that returns selected rows and columns from one or more tables 7
8 Relational Database Elements Department table Did is primary key Employee table contain Did as foreign key relationship between the employee table and the department table View includes employee name, ID, phone number and department name 8
9 Structured Query Language Structure Query Language (SQL) originally developed by IBM in the mid-1970s standardized language to define, manipulate, and query data in a relational database several similar versions of ANSI/ISO standard CREATE TABLE department ( Did INTEGER PRIMARY KEY, Dname CHAR (30), Dacctno CHAR (6) ) CREATE VIEW newtable (Dname, Ename, Eid, Ephone) AS SELECT D.Dname E.Ename, E.Eid, E.Ephone FROM Department D Employee E WHERE E.Did = D.Did CREATE TABLE employee ( Ename CHAR (30), Did INTEGER, SalaryCode INTEGER, Eid INTEGER PRIMARY KEY, Ephone CHAR (10), FOREIGN KEY (Did) REFERENCES department (Did) ) 9
10 Database Access Control DBMS provide access control for database Assume have authenticated user DBMS provides specific access rights to portions of the database e.g. create, insert, delete, update, read, write to entire database, tables, selected rows or columns possibly dependent on contents of a table entry Can support a range of policies: centralized administration small number of privileged users may grant and revoke access rights ownership-based administration owner (creator) of a table may grant and revoke access rights to the table decentralized administration owner of the table may grant and revoke authorization to other users Allow users to grant and revoke access rights to the table 10
11 SQL Access Controls Managing access rights: GRANT { privileges role } [ON table] TO { user role PUBLIC } [IDENTIFIED BY password] [WITH GRANT OPTION] e.g. GRANT SELECT ON ANY TABLE TO ricflair REVOKE { privileges role } [ON table] FROM { user role PUBLIC } e.g. REVOKE SELECT ON ANY TABLE FROM ricflair Typical access rights: SELECT: Grantee may read entire database; individual tables; or specific columns INSERT: Grantee may insert rows in a table DELETE: Grantee may delete rows from a table. UPDATE, DELETE, REFERENCES 11
12 Cascading Authorizations Ann grants the access right to Bob at time t = 10 and to Chris at time t = 20 Bob is able to grant the access right to David at t = 30 Chris redundantly grants the access right to David at t = 50 Ann revokes the access right to Bob and Chris than access right is also revoked to David, Ellen, Jim, and Frank User receives access right multiple times Suppose that Bob revokes the privilege from David David still has the access right because it was granted by Chris at t = 50 Ellen removed, because when David granted the access right to Ellen, David only had the grant option to do this from Bob 12
13 Convention for Cascading Authorizations When a user A revokes an access right, any cascaded access right is also revoked unless that access right would exists even if the original grant from A had never occurred 13
14 Role-Based Access Control Role-based access control work well for DBMS eases admin burden, improves security Categories of database users: application owner end user administrator DB RBAC must manage roles and their users cf. RBAC on Microsoft s SQL Server 14
15 Statistical Database 15
16 Statistical Databases Provides data of a statistical nature e.g. counts, averages Two types: pure statistical database only stores statistical data ordinary database with statistical access some users have normal access, others statistical Access control objective to allow statistical use without revealing individual entries Security problem is one of inference prevent, or at least detect, the statistical user who attempts to gain individual information through one or a series of statistical queries 16
17 Statistical Database Security Characteristic formula C logical formula over the values of attributes e.g. (Sex=Male) AND ((Major=CS) OR (Major=EE)) Abbreviated Boolean operator: AND: OR: NOT: ~ Query set X(C) of characteristic formula C set of records (rows) matching C Statistical query query that produces a value calculated over a query set Example: count(c) = X(C) sum(c, A j ) = i X (C) xij : sum of attribute A j over records in X(C), where x ij is entry at i-th row and j-th column of view represented by X(C) max(c, A j ), min(c, A j ), avg(c, A j ), 17
18 Statistical Database: Query Statistical query: C = Female CS, X(C) consists of records 1 and 4 count(female CS) = 2 sum(female CS, SAT) =
19 Inference 19
20 Inference Inference process of performing authorized queries and deducing unauthorized information from the legitimate responses received arises when combination of a number of data items is more sensitive than the individual items Additional information Functional dependencies between attributes merging views with the same constraints 20
21 Inference: Example No functional relationship between Name and Salary E.g. knowing Name and perhaps other information is sufficient to deduce Salary Access constraint that Name and Salary cannot be access together Knowledge of structure view tables have same row order as Employee table thus able to merge the two views to construct the table (c) 21
22 Inference: Small & Large Query Set Attack Assume: Attacker knows some characteristics of a target (Baker) C = female EE Small size: count(c D) = 1, target has char. D count(c D) = 0, target does not have char. D Large size: count(~(c D))= N, target does not has characteris. D count(~(c D))= N-1, target Example (small size): count(ee Female) = 1, Baker uniquely identified by C sum(ee Female, GP) = 2.5, Baker s grade Example (large size): count(~(c SAT 500))=13, Baker does not have SAT
23 Inference: Small & Large Query Set Attack Query size restriction: Rejects a query that can lead to a compromise by small set or large query set attack Query q(c) is permitted if number records of X(C) satisfies: k X(C) N-k, where k is a fixed integer 23
24 Inference: Tracker Attack Circumventing query restriction Idea: Divide forbidden query into authorised parts Given any query X(C), where requesting characteristic C is forbidden C = C 1 C 2 = C 1 ~(C 1 ~C 2 ) = C 1 ~T, where X(C 1 ) and X(T) are authorised queries Usage: Learning if target has characteristic C count(c) = count(c 1 ) count(t) count(c) = 1 then target uniquely identified by C Can use C to learn other characteristics of target, i.e. D by query count(c D) Tracker: Combination of parts that can be used to track down characteristics Individual tracker: (C 1, T) 24
25 Inference: Tracker Attack Tracking additional characteristics Given: Characteristic of target C = C 1 C 2 = C 1 ~(C 1 ~C 2 ) = C 1 ~T Count(C 1 ), count(t) fulfils query size restriction count(c) = 1 Tracking characteristic D: count(c D) = count(t C 1 D) count(t) If count(c D) = 0 then target does not have characteristic D, else count(c D)=count(C) C 1 T C 1 D C C 2 C 1 T C C 1 D C 2 D D 25
26 Inference: Tracker Attack - Example Tracker (database with statistical access, N=13): Let k = 3 and C = EE Female, T=EE ~Female (Baker s characteristic) k X(EE) = 4 N-k and k X(T) = 3 N-k, thus EE and T are valid queries count(c) = count(ee) count(ee ~Female) = count(ee) count(t) = 1, i.e. Bakers uniquely identified by individual tracker (EE, T) C= EE ᴧ Female Tracking additional characteristics SAT: count(c SAT>600) = count(t EE SAT>600) count(t) = 0 GP: sum(c, GP) = sum(ee, GP) sum(count(t, GP) =
27 Inference: Tracker Attack Note: Tracker attack is possible because of overlapping of C 1 and T=(C 1 ~C 2 ) Query set overlap control: Limit overlap between new & previous queries Issue: Need to keep track of all user s queries is not practical Statistics for query set and its subset cannot be released, which is a restriction for the usability of the data Cannot prevent cooperated query of several users Query denial: Deny query, if it can leak sensitive information Issue: denials can leak information themselves Example: Allowed query: sum(x 1, x 2, x 3 )=15 Denied query: max(x 1, x 2, x 3 ), because max(x 1, x 2, x 3 )=5 would disclose value of each individual variable to be 5 However attack could conclude the same reason for denial by the denial itself 27
28 Inference: Perturbation Provides approximate answers to all queries Data perturbation: Data in SDB are modified (perturbed) to produce statistics that avoids the inference of values for individual records Example: data swapping Output perturbation: Generate statistics that are modified from those that the original database would provide Example: random-sample query, i.e. sample a subset X (C) of query set X(C) and provide statistic on X (C) Issue: Tradeoff between amount of errors and protection against inference 28
29 Inference: Real World Case (Sweeny 2002) Background knowledge: William Weld, governor of Massachusetts Live in Cambridge Massachusetts, 5-digti ZIP code Has records in medical database Inference on released database: Voter list (publicly released database): six people with his birth date; 3 were men; 1 with 5-digit ZIP code Medical data (publicly released database): Linkable by {birth date, Sex, ZIP} {birth date, Sex, ZIP} are called quasiidentifier 87% of US citizen uniquely identifiable by these 3 attributes 29
30 Inference Protection Protection by k-anonymity (Sweeney 2002): Assume all quasiidentifiers a-priori known to release of database Modify data, such that each quasiidentifier applies to at least k records in released database Note: All protection strategies provide are best practice approaches 30
31 Limit of Inference Protection 31
32 Limit of Inference Protection Perfect database security (Dalenius 1977): Access to statistical database should not enable one to learn anything about an individual that could not be learned without access Remember: similar to definition of unconditional security in cryptography Impossibility of perfect database security (Dwork 2006): Given background information it is impossible to provide perfect database security Background information: information of attacker other then provided by database access cannot be avoided and are mostly unknown to database designer a- priori 32
33 Limit of Inference Protection Proof sketch: With database access: Assume attacker has background information that Alice is 10 cm shorter than the average British woman can access statistical database about body size of British woman Thus learns exact height of Alice Without database access: Attacker would not be able to learn Alice s height, in spite of his background information Note: Attack applies regardless whether Alice is in database or not Perfect security cannot be provided for databases when background information is available 33
34 Database Encryption 34
35 Database Encryption Databases typical a valuable info resource protected by multiple layers of security: firewalls, authentication, O/S access control systems, DB access control systems, and database encryption Can encrypt entire database - very inflexible and inefficient individual fields - simple but inflexible records (rows) or columns (attributes) - best also need attribute indexes to help data retrieval Varying trade-offs 35
36 Database Encryption 1. User issues SQL query for fields with a specific value of the primary key. 2. Query processor at client encrypts the primary key, modifies the SQL query accordingly, and transmits the query to the server. 3. Server processes query using the encrypted value of the primary key and returns appropriate records. 4. Query processor decrypts the data and returns the results. 36
37 Literatur Sweeney. k-anonymity: A Model for Protecting Privacy. IJUFKS Volume: 10, Issue: 5(2002) pp Dwork. Differential Privacy. LNCS Volume 4052/2006, pp
CS419 Spring Computer Security. Vinod Ganapathy Lecture 15. Chapter 5: Database security
CS419 Spring 2010 Computer Security Vinod Ganapathy Lecture 15 Chapter 5: Database security Database Security Relational Databases constructed from tables of data each column holds a particular type of
More informationComputer Security: Principles and Practice
Computer Security: Principles and Practice Chapter 5 Database Security First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Database Security 2 Relational Databases constructed
More informationChapter 5: Database Security
i Chapter 5: Comp Sci 3600 Outline i 1 2 i 3 4 5 Outline i 1 2 i 3 4 5 What is a i Structured collection of data stored for use by one or more applications Contains the relationships between data items
More informationCSE 565 Computer Security Fall 2018
CSE 565 Computer Security Fall 2018 Lecture 12: Database Security Department of Computer Science and Engineering University at Buffalo 1 Review of Access Control Types We previously studied four types
More informationACS-3921/ Computer Security And Privacy. Chapter 5 Database and Data Centre Security
ACS-3921/4921-001 Computer Security And Privacy Chapter 5 Database and Data Centre Security ACS-3921/4921-001 Slides Used In The Course A note on the use of these slides: These slides has been adopted
More informationCHAPTER 5 SECURITY ADVANCED DATABASE SYSTEMS. Assist. Prof. Dr. Volkan TUNALI
CHAPTER 5 SECURITY ADVANCED DATABASE SYSTEMS Assist. Prof. Dr. Volkan TUNALI Topics 2 Introduction Discretionary Access Control Mandatory Access Control Statistical Databases Data Encryption SQL Facilities
More informationCOMPUTER NETWORK SECURITY
COMPUTER NETWORK SECURITY Prof. Dr. Hasan Hüseyin BALIK (5 th Week) 5. Database and Cloud Security 5.Outline The Need for Database Security Database Management Systems Relational Databases SQL Injection
More informationSecurity Control Methods for Statistical Database
Security Control Methods for Statistical Database Li Xiong CS573 Data Privacy and Security Statistical Database A statistical database is a database which provides statistics on subsets of records OLAP
More informationAnswers to the review questions can be found in the listed sections. What are the components of a workload description? (Section 20.1.
685 20.13 REVIEW QUESTIONS Answers to the review questions can be found in the listed sections. What are the components of a workload description? (Section 20.1.1) What decisions need to be made during
More informationUniversity of Massachusetts Amherst Department of Computer Science Prof. Yanlei Diao
University of Massachusetts Amherst Department of Computer Science Prof. Yanlei Diao CMPSCI 445 Midterm Practice Questions NAME: LOGIN: Write all of your answers directly on this paper. Be sure to clearly
More informationDatabase Security Lecture 10
Database Security Lecture 10 Database security Grant-Revoke Model Elisa Bertino bertino@cs.purdue.edu Access Control in Commercial DBMSs Most commercial systems adopt DAC Current discretionary authorization
More informationNetworks and security Data bases
Networks and security Data bases Networks Concepts Threats Controls Firewalls Protocols A protocol abstracts the communication to a higher level. A layered architecture, a so called protocol stack is used:
More informationAccountability in Privacy-Preserving Data Mining
PORTIA Privacy, Obligations, and Rights in Technologies of Information Assessment Accountability in Privacy-Preserving Data Mining Rebecca Wright Computer Science Department Stevens Institute of Technology
More informationChapter 9: Database Security: An Introduction. Nguyen Thi Ai Thao
Chapter 9: Database Security: An Introduction Nguyen Thi Ai Thao thaonguyen@cse.hcmut.edu.vn Spring- 2016 Outline Introduction to Database Security Issues Types of Security Threats to databases Database
More informationAccess Control. Protects against accidental and malicious threats by
Access Control 1 Access Control Access control: ensures that all direct accesses to object are authorized a scheme for mapping users to allowed actions Protection objects: system resources for which protection
More informationDatabase Security Overview. Murat Kantarcioglu
UT DALLAS Erik Jonsson School of Engineering & Computer Science Database Security Overview Murat Kantarcioglu Topics The access control model of System R Extensions to the System R model Views and content-based
More informationDatabase Security. Authentification: verifying the id of a user. Authorization: checking the access privileges
Database Security Security Tasks Authentification: verifying the id of a user Authorization: checking the access privileges Auditing: looking for violations (in the past) 1 Data Security Dorothy Denning,
More informationDATABASE SECURITY AND PRIVACY. Some slides were taken from Database Access Control Tutorial, Lars Olson, UIUC CS463, Computer Security
DATABASE SECURITY AND PRIVACY Some slides were taken from 463.5.1 Database Access Control Tutorial, Lars Olson, UIUC CS463, Computer Security Database Security Protect Sensitive Data from Unauthorized
More informationChapter 6: Integrity and Security.! Domain Constraints! Referential Integrity! Assertions! Triggers! Security! Authorization! Authorization in SQL
Chapter 6: Integrity and Security! Domain Constraints! Referential Integrity! Assertions! Triggers! Security! Authorization! Authorization in SQL 6.1 Domain Constraints! Integrity constraints guard against
More informationData Anonymization. Graham Cormode.
Data Anonymization Graham Cormode graham@research.att.com 1 Why Anonymize? For Data Sharing Give real(istic) data to others to study without compromising privacy of individuals in the data Allows third-parties
More informationAchieving k-anonmity* Privacy Protection Using Generalization and Suppression
UT DALLAS Erik Jonsson School of Engineering & Computer Science Achieving k-anonmity* Privacy Protection Using Generalization and Suppression Murat Kantarcioglu Based on Sweeney 2002 paper Releasing Private
More informationCOSC 304 Introduction to Database Systems. Views and Security. Dr. Ramon Lawrence University of British Columbia Okanagan
COSC 304 Introduction to Database Systems Views and Security Dr. Ramon Lawrence University of British Columbia Okanagan ramon.lawrence@ubc.ca Views A view is a named query that is defined in the database.
More informationSecure Multiparty Computation
CS573 Data Privacy and Security Secure Multiparty Computation Problem and security definitions Li Xiong Outline Cryptographic primitives Symmetric Encryption Public Key Encryption Secure Multiparty Computation
More informationThe Relational Model. Outline. Why Study the Relational Model? Faloutsos SCS object-relational model
The Relational Model CMU SCS 15-415 C. Faloutsos Lecture #3 R & G, Chap. 3 Outline Introduction Integrity constraints (IC) Enforcing IC Querying Relational Data ER to tables Intro to Views Destroying/altering
More informationCOMP7640 Assignment 2
COMP7640 Assignment 2 Due Date: 23:59, 14 November 2014 (Fri) Description Question 1 (20 marks) Consider the following relational schema. An employee can work in more than one department; the pct time
More informationChapter 4. Basic SQL. SQL Data Definition and Data Types. Basic SQL. SQL language SQL. Terminology: CREATE statement
Chapter 4 Basic SQL Basic SQL SQL language Considered one of the major reasons for the commercial success of relational databases SQL Structured Query Language Statements for data definitions, queries,
More informationAccess Control. Access control: ensures that all direct accesses to object are authorized a scheme for mapping users to allowed actions
Access Control 1 Access Control Access control: ensures that all direct accesses to object are authorized a scheme for mapping users to allowed actions Protection objects: system resources for which protection
More informationRelational Databases BORROWED WITH MINOR ADAPTATION FROM PROF. CHRISTOS FALOUTSOS, CMU /615
Relational Databases BORROWED WITH MINOR ADAPTATION FROM PROF. CHRISTOS FALOUTSOS, CMU 15-415/615 Roadmap 3 Introduction Integrity constraints (IC) Enforcing IC Querying Relational Data ER to tables Intro
More information0x1A Great Papers in Computer Security
CS 380S 0x1A Great Papers in Computer Security Vitaly Shmatikov http://www.cs.utexas.edu/~shmat/courses/cs380s/ C. Dwork Differential Privacy (ICALP 2006 and many other papers) Basic Setting DB= x 1 x
More informationK ANONYMITY. Xiaoyong Zhou
K ANONYMITY LATANYA SWEENEY Xiaoyong Zhou DATA releasing: Privacy vs. Utility Society is experiencing exponential growth in the number and variety of data collections containing person specific specific
More informationStatistical Databases: Query Restriction
Statistical Databases: Query Restriction Nina Mishra January 21, 2004 Introduction A statistical database typically contains information about n individuals where n is very large. A statistical database
More informationData Security and Privacy. Topic 18: k-anonymity, l-diversity, and t-closeness
Data Security and Privacy Topic 18: k-anonymity, l-diversity, and t-closeness 1 Optional Readings for This Lecture t-closeness: Privacy Beyond k-anonymity and l-diversity. Ninghui Li, Tiancheng Li, and
More informationAccess Control Models
Access Control Models Dr. Natarajan Meghanathan Associate Professor of Computer Science Jackson State University E-mail: natarajan.meghanathan@jsums.edu Access Control Models Access Control to regulate
More informationRelational Data Structure and Concepts. Structured Query Language (Part 1) The Entity Integrity Rules. Relational Data Structure and Concepts
Relational Data Structure and Concepts Structured Query Language (Part 1) Two-dimensional tables whose attributes values are atomic. At every row-and-column position within the table, there always exists
More informationPrivacy in Statistical Databases
Privacy in Statistical Databases CSE 598D/STAT 598B Fall 2007 Lecture 2, 9/13/2007 Aleksandra Slavkovic Office hours: MW 3:30-4:30 Office: Thomas 412 Phone: x3-4918 Adam Smith Office hours: Mondays 3-5pm
More informationChapter 4. Basic SQL. Copyright 2011 Pearson Education, Inc. Publishing as Pearson Addison-Wesley
Chapter 4 Basic SQL Copyright 2011 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Chapter 4 Outline SQL Data Definition and Data Types Specifying Constraints in SQL Basic Retrieval Queries
More informationDatabase Technology Introduction. Heiko Paulheim
Database Technology Introduction Outline The Need for Databases Data Models Relational Databases Database Design Storage Manager Query Processing Transaction Manager Introduction to the Relational Model
More informationDatabases. Jörg Endrullis. VU University Amsterdam
Databases Jörg Endrullis VU University Amsterdam The Relational Model Overview 1. Relational Model Concepts: Schema, State 2. Null Values 3. Constraints: General Remarks 4. Key Constraints 5. Foreign Key
More informationINSE 6160 Database Security and Privacy
INSE 6160 Database Security and Privacy Discretionary Access Control in DBMS Prof. Lingyu Wang 1 Outline Grant Revoke Model Meta-Policy and FAF Security By Views 2 Grant-Revoke Grant-Revoke Model (Griffith&Wade
More informationIntroduction to Data Management. Lecture #4 (E-R Relational Translation)
Introduction to Data Management Lecture #4 (E-R Relational Translation) Instructor: Mike Carey mjcarey@ics.uci.edu Database Management Systems 3ed, R. Ramakrishnan and J. Gehrke 1 Announcements v Today
More informationChapter 13. Digital Cash. Information Security/System Security p. 570/626
Chapter 13 Digital Cash Information Security/System Security p. 570/626 Introduction While cash is used in illegal activities such as bribing money laundering tax evasion it also protects privacy: not
More informationAutomated Information Retrieval System Using Correlation Based Multi- Document Summarization Method
Automated Information Retrieval System Using Correlation Based Multi- Document Summarization Method Dr.K.P.Kaliyamurthie HOD, Department of CSE, Bharath University, Tamilnadu, India ABSTRACT: Automated
More informationSurvey Result on Privacy Preserving Techniques in Data Publishing
Survey Result on Privacy Preserving Techniques in Data Publishing S.Deebika PG Student, Computer Science and Engineering, Vivekananda College of Engineering for Women, Namakkal India A.Sathyapriya Assistant
More informationKey Protection for Endpoint, Cloud and Data Center
Key Protection for Endpoint, Cloud and Data Center ENCRYPTION IS ONLY AS SECURE AS ITS LEAST SECURE KEY Encryption is undoubtedly one of the pillars of information security. It is used everywhere today:
More informationData Security and Privacy. Topic 11: Virtual Private Databases Based on Prof. Bertino s Slides
Data Security and Privacy Topic 11: Virtual Private Databases Based on Prof. Bertino s Slides 1 Announcements Next Quiz on Feb 15 2 Oracle VPD Virtual Private Database (VPD) Fine-grained access control:
More informationSecurity and Authorization
Security and Authorization Sub-sets of SQL Data retrieval: SELECT Data Manipulation Language (DML): INSERT, UPDATE, DELETE Data Definition Language (DDL): CREATE, ALTER, DROP, RENAME Transaction control:
More informationPrivacy Preserving Data Publishing: From k-anonymity to Differential Privacy. Xiaokui Xiao Nanyang Technological University
Privacy Preserving Data Publishing: From k-anonymity to Differential Privacy Xiaokui Xiao Nanyang Technological University Outline Privacy preserving data publishing: What and Why Examples of privacy attacks
More informationEmerging Measures in Preserving Privacy for Publishing The Data
Emerging Measures in Preserving Privacy for Publishing The Data K.SIVARAMAN 1 Assistant Professor, Dept. of Computer Science, BIST, Bharath University, Chennai -600073 1 ABSTRACT: The information in the
More informationPrivacy Preserving Data Mining. Danushka Bollegala COMP 527
Privacy Preserving ata Mining anushka Bollegala COMP 527 Privacy Issues ata mining attempts to ind mine) interesting patterns rom large datasets However, some o those patterns might reveal inormation that
More informationThe Relational Model. Chapter 3. Comp 521 Files and Databases Fall
The Relational Model Chapter 3 Comp 521 Files and Databases Fall 2012 1 Why Study the Relational Model? Most widely used model by industry. IBM, Informix, Microsoft, Oracle, Sybase, etc. It is simple,
More informationMobile and Heterogeneous databases Security. A.R. Hurson Computer Science Missouri Science & Technology
Mobile and Heterogeneous databases Security A.R. Hurson Computer Science Missouri Science & Technology 1 Note, this unit will be covered in two lectures. In case you finish it earlier, then you have the
More informationSlides by: Ms. Shree Jaswal
Slides by: Ms. Shree Jaswal Overview of SQL, Data Definition Commands, Set operations, aggregate function, null values, Data Manipulation commands, Data Control commands, Views in SQL, Complex Retrieval
More informationThe Relational Model. Roadmap. Relational Database: Definitions. Why Study the Relational Model? Relational database: a set of relations
The Relational Model CMU SCS 15-415/615 C. Faloutsos A. Pavlo Lecture #3 R & G, Chap. 3 Roadmap Introduction Integrity constraints (IC) Enforcing IC Querying Relational Data ER to tables Intro to Views
More informationOperating Systems Security Access Control
Authorization and access control Operating Systems Security Access Control Ozalp Babaoglu From authentication to authorization Once subjects have been authenticated, the next problem to confront is authorization
More informationD B M G. SQL language: basics. Managing tables. Creating a table Modifying table structure Deleting a table The data dictionary Data integrity
SQL language: basics Creating a table Modifying table structure Deleting a table The data dictionary Data integrity 2013 Politecnico di Torino 1 Creating a table Creating a table (1/3) The following SQL
More informationOS security mechanisms:
OS security mechanisms: Memory Protection: One of the important aspects of Operating system security is Memory Protection. Memory provides powerful indirect way for an attacker to circumvent security mechanism,
More informationCSC 261/461 Database Systems Lecture 6. Fall 2017
CSC 261/461 Database Systems Lecture 6 Fall 2017 Use of WITH The WITH clause allows a user to define a table that will only be used in a particular query (not available in all SQL implementations) Used
More informationSensitive Data and Database Inference
Sensitive Data and Database Inference Tom Kelliher, CS 325 Nov. 8, 2006 1 Administrivia Announcements Collect assignment. Assignment Read 7.1. From Last Time Database security and reliability. Outline
More informationSpatial Databases by Open Standards and Software 3.
Spatial Databases by Open Standards and Software 3. Gábor Nagy Spatial Databases by Open Standards and Software 3.: Advanced features in PostgreSQL Gábor Nagy Lector: Zoltán Siki This module was created
More informationCS W Introduction to Databases Spring Computer Science Department Columbia University
CS W4111.001 Introduction to Databases Spring 2018 Computer Science Department Columbia University 1 in SQL 1. Key constraints (PRIMARY KEY and UNIQUE) 2. Referential integrity constraints (FOREIGN KEY
More informationViews. COSC 304 Introduction to Database Systems. Views and Security. Creating Views. Views Example. Removing Views.
COSC 304 Introduction to Database Systems Views and Security Dr. Ramon Lawrence University of British Columbia Okanagan ramon.lawrence@ubc.ca Views A view is a named query that is defined in the database.
More informationCOGS 121 HCI Programming Studio. Week 03 - Tech Lecture
COGS 121 HCI Programming Studio Week 03 - Tech Lecture Housekeeping Assignment #1 extended to Monday night 11:59pm Assignment #2 to be released on Tuesday during lecture Database Management Systems and
More informationDatabase Management System Dr. S. Srinath Department of Computer Science & Engineering Indian Institute of Technology, Madras Lecture No.
Database Management System Dr. S. Srinath Department of Computer Science & Engineering Indian Institute of Technology, Madras Lecture No. # 13 Constraints & Triggers Hello and welcome to another session
More informationIntegrity and Security
C H A P T E R 6 Integrity and Security This chapter presents several types of integrity constraints, including domain constraints, referential integrity constraints, assertions and triggers, as well as
More informationQUERY OPTIMIZATION [CH 15]
Spring 2017 QUERY OPTIMIZATION [CH 15] 4/12/17 CS 564: Database Management Systems; (c) Jignesh M. Patel, 2013 1 Example SELECT distinct ename FROM Emp E, Dept D WHERE E.did = D.did and D.dname = Toy EMP
More informationMore crypto and security
More crypto and security CSE 199, Projects/Research Individual enrollment Projects / research, individual or small group Implementation or theoretical Weekly one-on-one meetings, no lectures Course grade
More informationAuthorization, Database Security
Authorization, Database Security FCDB 10.1 Dr. Chris Mayfield Department of Computer Science James Madison University Mar 26, 2018 Database security 101 Access control, users/groups Views (for limiting
More informationThe Relational Model. Chapter 3. Comp 521 Files and Databases Fall
The Relational Model Chapter 3 Comp 521 Files and Databases Fall 2014 1 Why the Relational Model? Most widely used model by industry. IBM, Informix, Microsoft, Oracle, Sybase, MySQL, Postgres, Sqlite,
More informationSurvey of k-anonymity
NATIONAL INSTITUTE OF TECHNOLOGY ROURKELA Survey of k-anonymity by Ankit Saroha A thesis submitted in partial fulfillment for the degree of Bachelor of Technology under the guidance of Dr. K. S. Babu Department
More informationInstructor: Jinze Liu. Fall 2008
Instructor: Jinze Liu Fall 2008 http://www.securityfocus.com/news/11455 Jinze Liu @ University of Kentucky 9/22/2008 2 Source: http://www.gocsi.com/ Database Security - Farkas 3 Almost all corporate/organizational
More informationSECURITY IN COMPUTING, FIFTH EDITION
1 SECURITY IN COMPUTING, FIFTH EDITION Chapter 7: Database Security 2 Database Terms Database administrator Database management system (DBMS) Record Field/element Schema Subschema Attribute Relation 3
More informationThe Relational Model. Chapter 3
The Relational Model Chapter 3 Why Study the Relational Model? Most widely used model. Systems: IBM DB2, Informix, Microsoft (Access and SQL Server), Oracle, Sybase, MySQL, etc. Legacy systems in older
More informationCopyright 2016 Ramez Elmasri and Shamkant B. Navathe
CHAPTER 6 Basic SQL Slide 6-2 Chapter 6 Outline SQL Data Definition and Data Types Specifying Constraints in SQL Basic Retrieval Queries in SQL INSERT, DELETE, and UPDATE Statements in SQL Additional Features
More informationSQL STRUCTURED QUERY LANGUAGE
STRUCTURED QUERY LANGUAGE SQL Structured Query Language 4.1 Introduction Originally, SQL was called SEQUEL (for Structured English QUery Language) and implemented at IBM Research as the interface for an
More informationEGCI 321: Database Systems. Dr. Tanasanee Phienthrakul
1 EGCI 321: Database Systems Dr. Tanasanee Phienthrakul 2 Chapter 10 Data Definition Language (DDL) 3 Basic SQL SQL language Considered one of the major reasons for the commercial success of relational
More informationAPPLICATIONS AND PROTOCOLS. Mihir Bellare UCSD 1
APPLICATIONS AND PROTOCOLS Mihir Bellare UCSD 1 Some applications and protocols Internet Casino Commitment Shared coin flips Threshold cryptography Forward security Program obfuscation Zero-knowledge Certified
More informationCS Computer Networks 1: Authentication
CS 3251- Computer Networks 1: Authentication Professor Patrick Traynor 4/14/11 Lecture 25 Announcements Homework 3 is due next class. Submit via T-Square or in person. Project 3 has been graded. Scores
More informationMULTILEVEL POLICY BASED SECURITY IN DISTRIBUTED DATABASE
MULTILEVEL POLICY BASED SECURITY IN DISTRIBUTED DATABASE CHAPTER 8 Addressing security demands under fixed budgets and deadline constraints are becoming extremely challenging, time consuming and resource
More informationThe Relational Model. Chapter 3. Database Management Systems, R. Ramakrishnan and J. Gehrke 1
The Relational Model Chapter 3 Database Management Systems, R. Ramakrishnan and J. Gehrke 1 Why Study the Relational Model? Most widely used model. Vendors: IBM, Informix, Microsoft, Oracle, Sybase, etc.
More informationCS 161 Multilevel & Database Security. Military models of security
CS 161 Multilevel & Database Security 3 October 26 CS 161 3 October 26 Military models of security Need to know Three models of security Classification unclassified, classified, secret, top secret Compartmentalization
More informationPhysical Database Design and Tuning. Chapter 20
Physical Database Design and Tuning Chapter 20 Introduction We will be talking at length about database design Conceptual Schema: info to capture, tables, columns, views, etc. Physical Schema: indexes,
More informationCS 494/594 Computer and Network Security
CS 494/594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010 1 Real-Time Communication Security Network layers
More informationHash-Based Indexing 165
Hash-Based Indexing 165 h 1 h 0 h 1 h 0 Next = 0 000 00 64 32 8 16 000 00 64 32 8 16 A 001 01 9 25 41 73 001 01 9 25 41 73 B 010 10 10 18 34 66 010 10 10 18 34 66 C Next = 3 011 11 11 19 D 011 11 11 19
More informationA Theory of Privacy and Utility for Data Sources
A Theory of Privacy and Utility for Data Sources Lalitha Sankar Princeton University 7/26/2011 Lalitha Sankar (PU) Privacy and Utility 1 Electronic Data Repositories Technological leaps in information
More informationCS573 Data Privacy and Security. Cryptographic Primitives and Secure Multiparty Computation. Li Xiong
CS573 Data Privacy and Security Cryptographic Primitives and Secure Multiparty Computation Li Xiong Outline Cryptographic primitives Symmetric Encryption Public Key Encryption Secure Multiparty Computation
More informationSlides by: Ms. Shree Jaswal
Slides by: Ms. Shree Jaswal A trigger is a statement that is executed automatically by the system as a side effect of a modification to the database. To design a trigger mechanism, we must: Specify the
More informationEXAMINATION [The sum of points equals to 100]
Student name and surname: Student ID: EXAMINATION [The sum of points equals to 100] PART I: Meeting Scheduling example Description: Electronic meeting Scheduling system helps meeting initiator to schedule
More informationThe Relational Data Model. Data Model
The Relational Data Model Davood Rafiei *Disclaimer: The slides used in the course may contain some of the slides provided by the authors of the adopted textbook (present and past) and those used in previous
More informationAccess Control Mechanisms
Access Control Mechanisms Week 11 P&P: Ch 4.5, 5.2, 5.3 CNT-4403: 26.March.2015 1 In this lecture Access matrix model Access control lists versus Capabilities Role Based Access Control File Protection
More informationSQL Fundamentals. Chapter 3. Class 03: SQL Fundamentals 1
SQL Fundamentals Chapter 3 Class 03: SQL Fundamentals 1 Class 03: SQL Fundamentals 2 SQL SQL (Structured Query Language): A language that is used in relational databases to build and query tables. Earlier
More informationFrom ER to Relational Model. Book Chapter 3 (part 2 )
From ER to Relational Model Book Chapter 3 (part 2 ) Logical DB Design: ER to Relational Translate Entity sets to tables: ssn name Employees lot CREATE TABLE Employees (ssn CHAR(11), name CHAR(20), lot
More informationThe Relational Model 2. Week 3
The Relational Model 2 Week 3 1 We have seen how to create a database schema, how do we create an actual database on our computers? professor(pid : string, name : string) course(pid : string, number :
More informationUnit 14 Security and Integrity
Unit 14 Security and Integrity 14-1 Contents 14.1 Introduction 14.2 Security 14.3 Integrity 14.4 Security and Integrity in INGRES 14.5 Security in Statistical Databases user 14.6 Data Encryption DBMS user
More informationComp 5311 Database Management Systems. 4b. Structured Query Language 3
Comp 5311 Database Management Systems 4b. Structured Query Language 3 1 SQL as Data Definition Language Creates the Students relation. The type (domain) of each field is specified, and enforced by the
More informationOverview of Information Security
Overview of Information Security Lecture By Dr Richard Boateng, UGBS, Ghana Email: richard@pearlrichards.org Original Slides by Elisa Bertino CERIAS and CS &ECE Departments, Pag. 1 and UGBS Outline Information
More informationThe Relational Model. Week 2
The Relational Model Week 2 1 Relations A relation is a more concrete construction, of something we have seen before, the ER diagram. name S.S.N students street city A relation is (just!) a table! We will
More informationOuter Join, More on SQL Constraints
Outer Join, More on SQL Constraints CS430/630 Lecture 10 Slides based on Database Management Systems 3 rd ed, Ramakrishnan and Gehrke Outer Joins Include in join result non-matching tuples Result tuple
More informationCryptography and Network Security Chapter 14
Cryptography and Network Security Chapter 14 Fifth Edition by William Stallings Lecture slides by Lawrie Brown Chapter 14 Key Management and Distribution No Singhalese, whether man or woman, would venture
More informationSolution of Exercise Sheet 11
Foundations of Cybersecurity (Winter 16/17) Prof. Dr. Michael Backes CISPA / Saarland University saarland university computer science Solution of Exercise Sheet 11 1 Breaking Privacy By Linking Data The
More informationECEN Security and Privacy for Big Data. Introduction Professor Yanmin Gong 08/22/2017
ECEN 5060 - Security and Privacy for Big Data Introduction Professor Yanmin Gong 08/22/2017 Administrivia Course Hour: T/R 3:30-4:45 pm @ CLB 101 Office Hour: T/R 2:30-3:30 pm Any question besides assignment
More information