INSE 6160 Database Security and Privacy
|
|
- Delphia Lynch
- 5 years ago
- Views:
Transcription
1 INSE 6160 Database Security and Privacy Discretionary Access Control in DBMS Prof. Lingyu Wang 1
2 Outline Grant Revoke Model Meta-Policy and FAF Security By Views 2
3 Grant-Revoke Grant-Revoke Model (Griffith&Wade 76, Fagin 78) Widely supported, e.g., Oracle, mysql, etc. Basic syntax GRANT rights ON objects TO subjects [WITH GRANT OPTIONS] REVOKE rights ON objects FROM subjects [CASCADE] What can be rights? Objects? And subjects in a DBMS? 3
4 Grant-Revoke user rights select, insert, update, drop, ALL, etc. objects user, post, user.id (may also be databases, stored procedures, etc.) subjects: Bob, Alice, students, etc. post ID password Reg_Date No ID Topic Date Bob f70b082f Oct Bob About the random numbers Nov Alice 2bcc1da0 Sep Bob A question in implementation of RSA Oct Eve 4f54aa2e Aug Bob About BIBA with Categories Sep Alice Breaking Caesar Cipher Problem Oct Eve Welcome to ISA 662 class discussion! Aug
5 Grant-Revoke Example: GRANT select ON user TO Bob WITH GRANT OPTION REVOKE select ON user FROM Bob CASCADE Almost exactly matches the ACM model WITH GRANT is copy flag (right of granting rights) sys Bob Alice user post user.id sys Bob {select, insert} Alice 5
6 Grant Option and Cascading Revoke The Grant-Revoke model requires If a right is revoked, the system should reverse to a state in which the right is never granted Easier said then done With timestamps (auditing) What if B revokes D at 5:00? Case 1 Case 2 2:30 2:45 3:00 4:00 2:30 2:40 2:45 4: :00 B 2:30 2: E 1:00 B 2:30 2:45 A D A D 1:30 C 3:00 4:00 F 1:30 C 2:40 4:00 E F 6
7 Cont d What if no timestamp? What would have happened if B never grants D the right? A B C D E F Non-Cascading revoke Need to add new right (to compose a story) 2:00 B 2:30 A 230 2:30 D 7
8 Negative Authorizations You may decide to prohibit a right It s not sufficient simply not to grant that right Because someone else may grant it Solution: Negative right Complications Need meta-policy to resolve potential conflicts between negative and positive rights For example, denials takes precedence How to represent the effect of negative rights on positive ones? Later negative rights can be revoked, too 8
9 Cont d Negative right interacting with positive right A 1:00+ What if B gives D a negative right at 5:00? 1:30+ B 2:30-5:00-3:00+ D 4:00+ C Delete A D (denials take precedence) and D F? What if later this negative right is revoked? Solution: mark A DandD D Fasblocked But do not delete them F E 9
10 Cont d Another example A What if A revokes B at 6:00? Should reverse to a state in which A never grants B 1:00+ B 230 2:30-5:00-3:00+(Blocked) D 4:00+ 1:30+ (Blocked) C F E cascading A 130 1:30+ D 3:00+ 4:00+ C F noncascading A 230 2:30-5:00-3:00+(Blocked) 1:30+ C D 4:00+ E (Blocked) F 10
11 Outline Grant Revoke Model Meta-Policy and FAF Security By Views 11
12 Meta-Policy Policy and meta-policy Policy: Bob can select on user, and Alice can t Meta-policy: If a user is given both positive and negative right, his positive right is blocked (denials take precedence) policy about policies A system usually has an implicit meta-policy Meta-policies are needed because of Under specification: what if no policy is found Over specification: what if policies conflict 12
13 Typical Meta-Policies Closed policy: deny if no policy is found GRANT select ON user TO jim Jim: select * from post (denied) Open policy: allow if no policy is found DENY select ON user TO jim Jim: select * from post (allowed) Separation of duties (static vs dynamic) Taking money/depositing account need two users 13
14 Typical Meta-Policies Permission/Denial/Most specific takes precedence Most specific: User s right overrides group s Chinese Wall policy Different types of meta-policies may co-exist We may need to apply different meta-policies i on different object/subject/rights E.g., open policy for SELECT, closed policy for DROP Hard-coded meta-policies are not sufficient Can we deal with meta-policies just like policies? 14
15 Learn Logic programming in 2 Slides Predicate logic programs are composed of: job(user,job): A predicate says user has a job, where user and job are variables that can be instantiated D A&B&C : D is true if A,B, and C are all true The following says D is true if either (A&B&C=true) or (E&F=true) D A&B&C D E&F 15
16 Learn Logic programming in 2 Slides Predicate logic programs job(user,job) job) righteducation(user,job)& goodpersonality(user)& goodcommunicationskills(user) goodjob(user,job2) job(user,job1) & workhard(user,job1) & luck(user) hasmoney(user) goodjob(user,job) & workhard(user,job) rich(user) hasmoney(user)& workhard(user,job) & knowtobecontent(user) rich(user1) marry(user1,user2) & rich(user2) corruptedmind(user) rich(user)& knowtobecontent(user) corruptedmind(user) losepride(user) happylife(user) hasmoney(user)& corruptedmind(user) & healthy(user) happylife(bob)? 16
17 Flexible Authorization Framework A policy neutral logic language That can be used to specify different meta-policies That can help to enforce any mixture of meta-policies Basics Predicates: cando(user,bob,+select) states a positive right: GRANT select ON user to Bob Rules: cando(user,bob,+select) cando(user,bob,-select) a positive right is given if no corresponding negative right exists A collection of rules form a logic program, which can be run to derive authorization results from given facts 17
18 FAF-Predicates Enough to describe any meta-policy! cando(o,s,<sign>a) states a granted right dercando(o,s,<sign>a) states a derived right do(o,s,<sign>a), states a decision done(o,s,a) states a previously executed right error(o,s,a) states an exception Let s talk English: cando are facts (Bob is nice guy; Nice guys don t get rich) dercandod are derived d facts (Bob isn t rich) do are decisions based on all facts done means history error means something is wrong 18
19 FAF-Predicates Simpler facts for subject/object hierarchies: dirin(bob,cs_dept), dirin(cs_dept,encs), dirin(ciise,encs), in(bob,encs) typeof(oracle,dbms) owner(bob, Bob_record) cando(o,s,<sign>a), dercando(o,s,<sign>a), do(o,s,<sign>a) Each o, s, a can be a constant or a variable <sign> is either + or Positive right or negative right 19
20 FAF-Rules Layers of rules to avoid loops Authorization rule: Facts cando(o,s,<sign>a) L1&L2& Ln Each Li is in, dirin, i or typeof Examples: cando(post,cs _ dept,+select). cando(post,s,+insert) in(s,cs_dept) cando(o,bob,+insert) typeof(o,post_attributes) cando(o,s,-insert) in(s,cs_dept) & typeof(o,post_attributes) These are facts given by administrators Can only have simpler facts as conditions 20
21 FAF-Rules Cont d Derivation rule: Derived facts dercando(o,s,<sign>a) L1&L2& Ln Each Li is cando, dercando, done, in, dirin, or typeof Examples: dercando(o,s,-a) cando(o,s,-a) & in(s,s ) dercando(o,s,-insert) d dercando(o,s,-d insert) & in(s,s ) We can derive facts from given facts, or derived facts Recursive - 2 nd example can be run many times! 21
22 FAF-Rules Cont d Done rule: History done(o,s,a) Examples: done(post,bob,select) select) History typically y has no condition Or, maybe the only condition: You believe it 22
23 FAF-Rules Cont d Resolution rule: Decision do(o,s,<sign>a) L1&L2& Ln Each Li is do, cando, dercando, done, in, dirin, or typeof Examples: do(o,s,+a) cando(o,s,+a) do(o,s,-insert) dercando(o,s,-insert) d A final decision is made based on given facts, derived facts, history, or simpler facts 23
24 FAF-Rules Cont d Integrity rule: Error States exceptions that should never happen error() L1&L2& Ln Each Li is do, cando, dercando, done, in, dirin, or typeof Example: error() dercando(nice,bob,+is) & dercando(rich,bob,+is) 24
25 FAF Examples Closed policy dercando(o,u,+a) cando(o,s,+a)&in(u,s) do(o,u,+a) dercando(o,u,+a) error() cando(o,s,-a) d ( ) do(o,u,-a) do(o,u,+a) cando(exam, TA, +grading), in(bob, TA) do(exam, Bob, +grading)? do(exam, Alice, +grading)? 25
26 FAF Examples Open policy dercando(o,u,-a) cando(o,s,-a)&in(u,s) do(o,u,+a) dercando(o,u,-a) error() cando(o,s,+a) d ( + ) do(o,u,-a) do(o,u,+a) cando(exam, TA, -taking), in(bob, TA) do(exam, Bob, +taking)? do(exam, Alice, +taking)? 26
27 FAF Examples Cont d Denials take precedence do(o,u,+a) dercando(o,u,+a) & dercando(o,u,-a) do(o,u, -a) do(o,u,+a) dercando(exam, Alice, +taking), dercando(exam, Bob, +taking), dercando(exam, Bob, -taking), dercando(exam, Eve, -taking) do(exam, Alice, +taking)? do(exam, Bob, +taking)? do(exam, Eve, +taking)? 27
28 FAF Examples Cont d Permissions take precedence do(o,u,+a) dercando(o,u,+a) do(o,u,-a) do(o,u,+a) No conflict do(o,u,+a) dercando(o,u,+a) error() dercando(o,u,+a) u & dercando(o,u,-a) 28
29 FAF Examples Cont d Static separation of duty error do(course,s,taking)&do(course,s,taing) Dynamic separation of duty error done(course,s,taking) & done(course,s,taing) Chinese Wall policy error() done(o,s,r) & done(o,s,r) & typeof(o,company) & typeof(o,competitor) 29
30 Outline Grant Revoke Model Meta-Policy and FAF Security By Views user ID password Reg_Date Bob f70b082f Oct Alice 2bcc1da0 Sep post No ID Topic Date 1 Bob About the random numbers Nov Bob A question in implementation of RSA Oct Eve 4f54aa2e Aug Bob About BIBA with Categories Sep Alice Breaking Caesar Cipher Problem Oct Eve Welcome to ISA 662 class discussion! Aug
31 Fine-Grained Access Control Grant-revoke provides no fine-grained control For example, tuple level, attribute level Why fine-grained access control? Table or attribute-level l access control can t satisfy application s requirements, e.g., myconcordia Application-enforced access control is error prone For example, SQL injection attack attacker Application SELECT * FROM user WHERE ID= &input sys Database SELECT * FROM user WHERE ID= Bob ; DELETE * FROM user; Bob ; DELETE * FROM user;-- 31
32 Fine-Grained Access Control By Views View: a virtual relation as the result of a query Not materialized A query on views can be optimized eg e.g., SELECT ID FROM Bob_post Grant-revoke works on views CREATE VIEW Bob_post AS SELECT * FROM post WHERE ID= Bob GRANT ALL ON Bob_post TO Bob Bob_post (not materialized) No ID Topic Date 1 Bob About the random numbers Nov Bob A question in implementation of RSA Oct Bob About BIBA with Categories Sep
33 Query Modification E.g., Oracle VPD Transparently add WHERE clause to user s query before executing it Bob asks s query: SELECT topic FROM post He got answer for: SELECT topic FROM post WHERE ID= Bob Different from security by views 33
34 Truman and Nontruman model Truman model (Rizvi 04) Bob asks query: SELECT COUNT(topic) FROM post He gets 3 as answer, a misleading result Nontruman Model A query is either answered without change, if it can be rewritten using authorized views, or it is rejected Example SELECT COUNT(topic) FROM post will be rejected, because it cannot be rewritten using SELECT * FROM post WHERE ID= Bob However, to determine whether a query can be rewritten using authorized views is a hard problem 34
35 Unconditional Validity Get a sense why query rewritten using authorized views is a hard problem: Unconditional validity: whether the query can be rewritten doesn t depend on the underlying data For example Authorized view post_count: select id,count(*) as c from post group by id Query: select count(*) from post where id= Bob The query can be rewritten as: select c from post_count where id= Bob, regardless of the underlying data Simple, huh? 35
36 Conditional Validity Conditional validity: whether the query can be rewritten depends d on the underlying data For example Authorized view post_count: select id,count( count(*) as c from post group by id where c>2 Query: select count(*) from post where id= Bob Whether the query can be rewritten as: select c from post_count where id= Bob now depends on whether Bob has more than 2 posts And if we reject the query, then Bob is known to have 2 or less posts To have a complete set of inferences rules for checking for conditional validity is still open 36
37 INSE 691A Database Security and Privacy Grant and Revoke in Oracle Prof. Lingyu Wang 37
38 Grant and Revoke in Oracle A privilege is a method to permit or deny access to data or to perform database operations Another word for right In Oracle there are two type of privileges: System privileges Schema Object Privileges Table Privileges View Privileges Procedure Privileges Type Privileges 38
39 System Privileges Granted only by a database administrator a user with administration privileges Some system privileges: il create session, alter any role, alter any table, alter any trigger, alter any type, alter any procedure, alter database, alter profile, alter any, create any cluster, create any index, create any view, create any table, create any procedure, 39
40 Object Privileges Granted to a user by the schema owner Granted by a user with GRANT privileges Examples: select, insert, update, delete, alter, debug, execute, flashback, index, query rewrite, read, references Some schema objects, such as clusters, s indexes, triggers, and database links, do not have associated object privileges Can only use system privileges 40
41 ADMIN and GRANT Options Grant a privilege using the DCL GRANT statement SQL> grant select any table to Linda with admin option; (by DBA) SQL> grant select any table to George; (by Linda) Revoke a privilege using the DCL REVOKE statement: SQL> revoke select any table from Linda (by DBA) George still has select any table privilege! 41
42 ADMIN Option and GRANT Option 42
43 ADMIN Option and GRANT Option 43
44 Data Dictionary Oracle provides some data dictionary views to view privileges, il they are DBA_SYS_PRIVS ALL_SYS_PRIVS USER_SYS_PRIVS 44
45 Data Dictionary Example Example: SQL> DESC DBA_SYS_PRIVS; Name Null? Type GRANTEE NOT NULL VARCHAR2(30) PRIVILEGE NOT NULL VARCHAR2(40) ADMIN_OPTION VARCHAR2(3) SQL> SELECT * 2 FROM DBA_SYS_PRIVS 3 WHERE GRANTEE= SCOTT ; Grantee Privilege Admin SCOTT UNLIMITED TABLESPACE NO 45
46 GUI 46
47 Roles Role: Used to organize and administer privileges It is like a user, except it cannot own object Can be assigned privileges Can be assigned to users Intermediate between privileges and users 47
48 Roles in Oracle In Oracle: Create a role using CREATE ROLE statement Assign a role using GRANT statement Oracle Enterprise Manager Roles tool Revoke a role using REVOKE statement Drop a role using DROP statement These can be done by Any user with the GRANT ANY ROLE system privilege Any user granted a role with ADMIN option 48
49 Examples Create roles: SQL> CREATE ROLE DEV_ROLE; SQL> CREATE ROLE QA_ROLE; Assign a privilege to a role SQL> GRANT CREATE SESSION TO DEV_ROLE; Assign a role to a user SQL> GRANT DEV_ROLE to Bob; 49
CSE 565 Computer Security Fall 2018
CSE 565 Computer Security Fall 2018 Lecture 12: Database Security Department of Computer Science and Engineering University at Buffalo 1 Review of Access Control Types We previously studied four types
More informationOracle Database Vault
Oracle Database Vault DBA Administrative Best Practices ORACLE WHITE PAPER MAY 2015 Table of Contents Introduction 2 Database Administration Tasks Summary 3 General Database Administration Tasks 4 Managing
More informationOracle User Administration
Oracle User Administration Creating user accounts User accounts consist of two components. These are: 1. User name - The name of the account. 2. Password - The password associated with the user account.
More informationFine-Grained Access Control
Fine-Grained Access Control Fine Grained Access Control Fine-grained access control examples: Students can see their own grades Students can see grades of all students in courses they registered for Variant:
More informationData Security and Privacy. Topic 11: Virtual Private Databases Based on Prof. Bertino s Slides
Data Security and Privacy Topic 11: Virtual Private Databases Based on Prof. Bertino s Slides 1 Announcements Next Quiz on Feb 15 2 Oracle VPD Virtual Private Database (VPD) Fine-grained access control:
More informationReal Application Security Administration
Oracle Database Real Application Security Administration Console (RASADM) User s Guide 12c Release 2 (12.2) E85615-01 June 2017 Real Application Security Administration Oracle Database Real Application
More informationAccess Control Models
Access Control Models Dr. Natarajan Meghanathan Associate Professor of Computer Science Jackson State University E-mail: natarajan.meghanathan@jsums.edu Access Control Models Access Control to regulate
More informationSecurity and Authorization
Security and Authorization Sub-sets of SQL Data retrieval: SELECT Data Manipulation Language (DML): INSERT, UPDATE, DELETE Data Definition Language (DDL): CREATE, ALTER, DROP, RENAME Transaction control:
More informationUnit 5.2b - Security 1. Security. Unit 5.2b
Security Unit 5.2b Unit 5.2b - Security 1 Security Database Security involves protection against: unauthorised disclosures alteration destruction The protection which security gives is usually directed
More informationLets start with the standard disclaimer. Please go to the next slide
DB2 10 for z/os Security Enhancements James Click Pickel to edit Master text styles IBM Silicon Valley Laboratory DB2 for z/os Second Security level Architect Session: A05 Time: 9 November 2010 11:00 am
More informationDatabase System Concepts
Chapter 4(+8): Advanced SQL Departamento de Engenharia Informática Instituto Superior Técnico 1 st Semester 2007/2008 Slides (fortemente) baseados nos slides oficiais do livro c Silberschatz, Korth and
More informationChapter 1 SQL and Data
Chapter 1 SQL and Data What is SQL? Structured Query Language An industry-standard language used to access & manipulate data stored in a relational database E. F. Codd, 1970 s IBM 2 What is Oracle? A relational
More informationOracle Way To Grant Schema Privileges All Tables
Oracle Way To Grant Schema Privileges All Tables Here in this article we will discuss on how to grant access to all tables in a schema in oracle database as well as we will focus on schema owners. From
More informationMTAT Introduction to Databases
MTAT.03.105 Introduction to Databases Lecture #12 DB Administration Ljubov Jaanuska (ljubov.jaanuska@ut.ee) Lecture 11. Summary Functions Procedures Lecture 11. What will you learn Users User rights Revision
More informationDatabase Security. Authentification: verifying the id of a user. Authorization: checking the access privileges
Database Security Security Tasks Authentification: verifying the id of a user Authorization: checking the access privileges Auditing: looking for violations (in the past) 1 Data Security Dorothy Denning,
More informationSecurity Benefits of Implementing Database Vault. -Arpita Ghatak
Security Benefits of Implementing Database Vault -Arpita Ghatak Topics to be covered Why Do we need Database Vault? The Benefits Components of Database Vault Oracle Database access control Components Other
More informationChapter 10 Advanced topics in relational databases
Chapter 10 Advanced topics in relational databases Security and user authorization in SQL Recursion in SQL Object-relational model 1. User-defined types in SQL 2. Operations on object-relational data Online
More informationDatabase System Concepts"
Database System Concepts! Silberschatz, Korth and Sudarshan See www.db-book.com for conditions on re-use " Database System Concepts" User Interfaces and Tools! Web Interfaces to Databases! Web Fundamentals!
More informationOracle Database. Installation and Configuration of Real Application Security Administration (RASADM) Prerequisites
Oracle Database Real Application Security Administration 12c Release 1 (12.1) E61899-04 May 2015 Oracle Database Real Application Security Administration (RASADM) lets you create Real Application Security
More informationAccess Control. Protects against accidental and malicious threats by
Access Control 1 Access Control Access control: ensures that all direct accesses to object are authorized a scheme for mapping users to allowed actions Protection objects: system resources for which protection
More informationIntroduction to database administration
Introduction to database administration 1 Database A database is a collection of schemas (user accounts) A database is created by a database administrator after installation of a database server A schema
More informationDatabase Security Overview. Murat Kantarcioglu
UT DALLAS Erik Jonsson School of Engineering & Computer Science Database Security Overview Murat Kantarcioglu Topics The access control model of System R Extensions to the System R model Views and content-based
More informationINSE 6130 Operating System Security
INSE 6130 Operating System Security Access Control Mechanisms Prof. Lingyu Wang 1 Recap ACM: modeling access control in any system Who can do what to whom 6 primitive operations Commands, special ones
More informationDatabase Security Lecture 10
Database Security Lecture 10 Database security Grant-Revoke Model Elisa Bertino bertino@cs.purdue.edu Access Control in Commercial DBMSs Most commercial systems adopt DAC Current discretionary authorization
More informationChapter 9: Database Security: An Introduction. Nguyen Thi Ai Thao
Chapter 9: Database Security: An Introduction Nguyen Thi Ai Thao thaonguyen@cse.hcmut.edu.vn Spring- 2016 Outline Introduction to Database Security Issues Types of Security Threats to databases Database
More informationOracle Database 10g: Introduction to SQL
ORACLE UNIVERSITY CONTACT US: 00 9714 390 9000 Oracle Database 10g: Introduction to SQL Duration: 5 Days What you will learn This course offers students an introduction to Oracle Database 10g database
More informationSQL Fundamentals. Chapter 3. Class 03: SQL Fundamentals 1
SQL Fundamentals Chapter 3 Class 03: SQL Fundamentals 1 Class 03: SQL Fundamentals 2 SQL SQL (Structured Query Language): A language that is used in relational databases to build and query tables. Earlier
More informationTextbook: Chapter 4. Chapter 5: Intermediate SQL. CS425 Fall 2016 Boris Glavic. Chapter 5: Intermediate SQL. View Definition.
Chapter 5: Intermediate SQL Views CS425 Fall 2013 Boris Glavic Chapter 5: Intermediate SQL Transactions Integrity Constraints SQL Data Types and Schemas Access Control Textbook: Chapter 4 5.2 Views View
More informationDebapriyo Majumdar DBMS Fall 2016 Indian Statistical Institute Kolkata
SQL 4 Debapriyo Majumdar DBMS Fall 2016 Indian Statistical Institute Kolkata Slides re-used, with minor modification, from Silberschatz, Korth and Sudarshan www.db-book.com Outline Join Expressions Views
More informationAccess Control. Access control: ensures that all direct accesses to object are authorized a scheme for mapping users to allowed actions
Access Control 1 Access Control Access control: ensures that all direct accesses to object are authorized a scheme for mapping users to allowed actions Protection objects: system resources for which protection
More informationCS425 Fall 2017 Boris Glavic Chapter 5: Intermediate SQL
CS425 Fall 2017 Boris Glavic Chapter 5: Intermediate SQL modified from: Database System Concepts, 6 th Ed. See www.db-book.com for conditions on re-use Chapter 5: Intermediate SQL Views Transactions Integrity
More informationLesson 14 Transcript: Triggers
Lesson 14 Transcript: Triggers Slide 1: Cover Welcome to Lesson 14 of DB2 on Campus Lecture Series. Today, we are going to talk about Triggers. My name is Raul Chong, and I'm the DB2 on Campus Program
More informationMySQL for Database Administrators Ed 4
Oracle University Contact Us: (09) 5494 1551 MySQL for Database Administrators Ed 4 Duration: 5 Days What you will learn The MySQL for Database Administrators course teaches DBAs and other database professionals
More informationInstalling and Configuring Oracle 10g Express Edition. for use with the ETM System
Installing and Configuring Oracle 10g Express Edition for use with the ETM System Contents Oracle 10g XE Installation and Configuration 1 Preparing Oracle 10g XE for use with the ETM System...1 Installation...1
More informationAccess Control. Tom Chothia Computer Security, Lecture 5
Access Control Tom Chothia Computer Security, Lecture 5 The Crypto Wars 1993-1996: Clipper chip considered in US congress and rejected. Due partly to Matt Blaze s analysis and strongly attack by John Kerry
More informationCore Role Based Access Control (RBAC) mechanism for MySQL
Core Role Based Access Control (RBAC) mechanism for MySQL by Ian Molloy Radu Dondera Umang Sharan CS541 Project Report Under the Guidance of Prof. Elisa Bertino With the Department of Computer Science
More informationAutomated SQL Ownage Techniques. OWASP October 30 th, The OWASP Foundation
Automated SQL Ownage Techniques October 30 th, 2009 Sebastian Cufre Developer Core Security Technologies sebastian.cufre@coresecurity.com Copyright The Foundation Permission is granted to copy, distribute
More informationThe Relational Model 2. Week 3
The Relational Model 2 Week 3 1 We have seen how to create a database schema, how do we create an actual database on our computers? professor(pid : string, name : string) course(pid : string, number :
More informationDeveloping Integrated Engine for Database Administrator and Developer
Developing Integrated Engine for Database Administrator and Developer Alan Seelan, Jeongkyu Lee Department of Computer Science and Engineering University of Bridgeport, CT {aseelan,jelee}@bridgeport.edu
More informationCSC 261/461 Database Systems Lecture 6. Fall 2017
CSC 261/461 Database Systems Lecture 6 Fall 2017 Use of WITH The WITH clause allows a user to define a table that will only be used in a particular query (not available in all SQL implementations) Used
More informationAssorted Topics Stored Procedures and Triggers Pg 1
Assorted Topics Stored Procedures and Triggers Pg 1 Stored Procedures and Triggers Ray Lockwood Points: A Stored Procedure is a user-written program stored in the database. A Trigger is a stored procedure
More informationOracle Database 12c R2: New Features for Administrators Part 2 Ed 1
Oracle Database 12c R2: New Features for Administrators Part 2 Ed 1 Duration 5 Days What you will learn Throughout the lessons of the Oracle Database 12c R2: New Features for Administrators Part 2 course
More informationCreating and Managing Tables Schedule: Timing Topic
9 Creating and Managing Tables Schedule: Timing Topic 30 minutes Lecture 20 minutes Practice 50 minutes Total Objectives After completing this lesson, you should be able to do the following: Describe the
More informationChapter 4. Basic SQL. Copyright 2011 Pearson Education, Inc. Publishing as Pearson Addison-Wesley
Chapter 4 Basic SQL Copyright 2011 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Chapter 4 Outline SQL Data Definition and Data Types Specifying Constraints in SQL Basic Retrieval Queries
More informationOracle Database 12c R2: New Features for Administrators Part 2 Ed 1 -
Oracle University Contact Us: Local: 0845 777 7 711 Intl: +44 845 777 7 711 Oracle Database 12c R2: New Features for Administrators Part 2 Ed 1 - Duration: 5 Days What you will learn Throughout the lessons
More informationShariq Rizvi, Alberto Mendelzon, S. Sudarshan, Prasan Roy. Presenter: Thao N. Pham
Shariq Rizvi, Alberto Mendelzon, S. Sudarshan, Prasan Roy Presenter: Thao N. Pham Fine-grained access control for databases Views and role-based access control Oracle s Virtual Private Database Hippocratic
More informationRelational Data Structure and Concepts. Structured Query Language (Part 1) The Entity Integrity Rules. Relational Data Structure and Concepts
Relational Data Structure and Concepts Structured Query Language (Part 1) Two-dimensional tables whose attributes values are atomic. At every row-and-column position within the table, there always exists
More informationORACLE DATABASE 12C INTRODUCTION
SECTOR / IT NON-TECHNICAL & CERTIFIED TRAINING COURSE In this training course, you gain the skills to unleash the power and flexibility of Oracle Database 12c, while gaining a solid foundation of database
More informationOracle Database 10g: Administration I. Course Outline. Oracle Database 10g: Administration I. 20 Jul 2018
Course Outline Oracle Database 10g: Administration I 20 Jul 2018 Contents 1. Course Objective 2. Pre-Assessment 3. Exercises, Quizzes, Flashcards & Glossary Number of Questions 4. Expert Instructor-Led
More informationEnabling Seamless Data Access for JD Edwards EnterpriseOne
Enabling Seamless Data Access for JD Edwards EnterpriseOne 2013 Informatica Corporation. No part of this document may be reproduced or transmitted in any form, by any means (electronic, photocopying, recording
More informationSQL: Data Definition Language. csc343, Introduction to Databases Diane Horton Fall 2017
SQL: Data Definition Language csc343, Introduction to Databases Diane Horton Fall 2017 Types Table attributes have types When creating a table, you must define the type of each attribute. Analogous to
More informationOracle Database 11g: New Features for Oracle 9i DBAs
Oracle University Contact Us: 1.800.529.0165 Oracle Database 11g: New Features for Oracle 9i DBAs Duration: 5 Days What you will learn This course introduces students to the new features of Oracle Database
More informationDatabase Applications (15-415)
Database Applications (15-415) The Relational Model Lecture 3, January 18, 2015 Mohammad Hammoud Today Last Session: The entity relationship (ER) model Today s Session: ER model (Cont d): conceptual design
More informationLab # 4. Data Definition Language (DDL)
Islamic University of Gaza Faculty of Engineering Department of Computer Engineering ECOM 4113: Lab # 4 Data Definition Language (DDL) Eng. Haneen El-Masry November, 2014 2 Objective To be familiar with
More informationYou Don t Have Database Vault
You Don t Have Database Vault So, What Can You Do Instead? 1 Legal Notice Database Vault Or Not! Published by PeteFinnigan.com Limited 9 Beech Grove Acomb York England, YO26 5LD Copyright 2018 by PeteFinnigan.com
More informationDatabase Management System 9
Database Management System 9 School of Computer Engineering, KIIT University 9.1 Relational data model is the primary data model for commercial data- processing applications A relational database consists
More informationLab # 2. Data Definition Language (DDL) Eng. Alaa O Shama
The Islamic University of Gaza Faculty of Engineering Department of Computer Engineering ECOM 4113: Database Lab Lab # 2 Data Definition Language (DDL) Eng. Alaa O Shama October, 2015 Objective To be familiar
More informationGrant permissions sql server Grant permissions sql server 2008.zip
Grant permissions sql server 2008 Grant permissions sql server 2008.zip 12/01/2011 I am trying to set column level permissions on a table in SQL Server 2008. These are the steps I took: Right-click on
More informationEbook : Overview of application development. All code from the application series books listed at:
Ebook : Overview of application development. All code from the application series books listed at: http://www.vkinfotek.com with permission. Publishers: VK Publishers Established: 2001 Type of books: Develop
More informationDATABASE SECURITY AND PRIVACY. Some slides were taken from Database Access Control Tutorial, Lars Olson, UIUC CS463, Computer Security
DATABASE SECURITY AND PRIVACY Some slides were taken from 463.5.1 Database Access Control Tutorial, Lars Olson, UIUC CS463, Computer Security Database Security Protect Sensitive Data from Unauthorized
More informationRBAC: Motivations. Users: Permissions:
Role-based access control 1 RBAC: Motivations Complexity of security administration For large number of subjects and objects, the number of authorizations can become extremely large For dynamic user population,
More informationDatabase Programming with PL/SQL
Database Programming with PL/SQL 9-5 Objectives This lesson covers the following objectives: List and explain several object privileges Explain the function of the EXECUTE object privilege Write SQL statements
More informationCopyright 2012, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 13
1 What s New in Security in the Latest Generation of Database Technology Thomas Kyte http://asktom.oracle.com 2 The following is intended to outline our general product direction. It is intended for information
More informationThe Relational Model. Roadmap. Relational Database: Definitions. Why Study the Relational Model? Relational database: a set of relations
The Relational Model CMU SCS 15-415/615 C. Faloutsos A. Pavlo Lecture #3 R & G, Chap. 3 Roadmap Introduction Integrity constraints (IC) Enforcing IC Querying Relational Data ER to tables Intro to Views
More information"Charting the Course... Oracle 18c DBA I (5 Day) Course Summary
Course Summary Description This course provides a complete, hands-on introduction to Oracle Database Administration including the use of Enterprise Manager Database Express (EMDE), SQL Developer and SQL*Plus.
More informationCourse Outline and Objectives: Database Programming with SQL
Introduction to Computer Science and Business Course Outline and Objectives: Database Programming with SQL This is the second portion of the Database Design and Programming with SQL course. In this portion,
More informationOracle Database: Introduction to SQL
Oracle Database: Introduction to SQL What you will learn Understanding the basic concepts of relational databases ensure refined code by developers. This course helps the participants to write subqueries,
More informationAlter Change Default Schema Oracle Sql Developer
Alter Change Default Schema Oracle Sql Developer Set default schema in Oracle Developer Tools in Visual STudio 2013 any other schema's. I can run alter session set current_schema=xxx Browse other questions
More information1 Prepared By Heena Patel (Asst. Prof)
Topic 1 1. What is difference between Physical and logical data 3 independence? 2. Define the term RDBMS. List out codd s law. Explain any three in detail. ( times) 3. What is RDBMS? Explain any tow Codd
More informationAccess Control Policies and Languages in Open Environments
Access Control Policies and Languages in Open Environments S. De Capitani di Vimercati 1, S. Foresti 1, S. Jajodia 2, and P. Samarati 1 1 Università degli Studi di Milano, 26013 Crema, Italia {decapita,
More informationOracle Database 11g: Security Release 2
Oracle University Contact Us: + 38516306373 Oracle Database 11g: Security Release 2 Duration: 5 Days What you will learn In this course, students learn how they can use Oracle Database features to meet
More informationSQL Interview Questions
SQL Interview Questions SQL stands for Structured Query Language. It is used as a programming language for querying Relational Database Management Systems. In this tutorial, we shall go through the basic
More information"Charting the Course... Oracle 18c DBA I (3 Day) Course Summary
Oracle 18c DBA I (3 Day) Course Summary Description This course provides a complete, hands-on introduction to Oracle Database Administration including the use of Enterprise Manager (EMDE), SQL Developer
More informationOracle 12C DBA Online Training. Course Modules of Oracle 12C DBA Online Training: 1 Oracle Database 12c: Introduction to SQL:
Course Modules of Oracle 12C DBA Online Training: 1 Oracle Database 12c: Introduction to SQL: A. Introduction Course Objectives, Course Agenda and Appendixes Used in this Course Overview of Oracle Database
More informationRelational Databases BORROWED WITH MINOR ADAPTATION FROM PROF. CHRISTOS FALOUTSOS, CMU /615
Relational Databases BORROWED WITH MINOR ADAPTATION FROM PROF. CHRISTOS FALOUTSOS, CMU 15-415/615 Roadmap 3 Introduction Integrity constraints (IC) Enforcing IC Querying Relational Data ER to tables Intro
More informationOracle Database 11g: Administration Workshop I
Oracle Database 11g: Administration Workshop I Duration: 5 Days What you will learn This course is designed to give students a firm foundation in basic administration of Oracle Database 11g. In this class,
More informationOverview of the Class and Introduction to DB schemas and queries. Lois Delcambre
Overview of the Class and Introduction to DB schemas and queries Lois Delcambre 1 CS 386/586 Introduction to Databases Instructor: Lois Delcambre lmd@cs.pdx.edu 503 725-2405 TA: TBA Office Hours: Immediately
More informationOracle Database: SQL and PL/SQL Fundamentals
Oracle University Contact Us: 001-855-844-3881 & 001-800-514-06-9 7 Oracle Database: SQL and PL/SQL Fundamentals Duration: 5 Days What you will learn This Oracle Database: SQL and PL/SQL Fundamentals training
More informationDatabasesystemer, forår 2006 IT Universitetet i København. Forelæsning 9: Mere om SQL. 30. marts Forelæser: Esben Rune Hansen
Databasesystemer, forår 2006 IT Universitetet i København Forelæsning 9: Mere om SQL 30. marts 2006 Forelæser: Esben Rune Hansen Today s lecture Subqueries in SQL. Set operators in SQL. Security and authorization
More informationT-sql Grant View Definition Example
T-sql Grant View Definition Example View the Definition of a Stored Procedure View the For more information, see GRANT Object Permissions (Transact-SQL). Arrow icon used with Back This example grants EXECUTE
More informationA7-R3: INTRODUCTION TO DATABASE MANAGEMENT SYSTEMS
A7-R3: INTRODUCTION TO DATABASE MANAGEMENT SYSTEMS NOTE: 1. There are TWO PARTS in this Module/Paper. PART ONE contains FOUR questions and PART TWO contains FIVE questions. 2. PART ONE is to be answered
More informationIntroduction to Computer Science and Business
Introduction to Computer Science and Business This is the second portion of the Database Design and Programming with SQL course. In this portion, students implement their database design by creating a
More informationDatabase access control, activity monitoring and real time protection
Omega Core Audit Whitepaper 2.8 Whitepaper Omega Core Audit For Oracle Database July, 2016 Database access control, activity monitoring and real time protection Introduction The database is usually the
More informationDebapriyo Majumdar DBMS Fall 2016 Indian Statistical Institute Kolkata
SQL 3 Debapriyo Majumdar DBMS Fall 2016 Indian Statistical Institute Kolkata Slides re-used, with minor modification, from Silberschatz, Korth and Sudarshan www.db-book.com Outline Join Expressions Views
More informationCSC 474/574 Information Systems Security
CSC 474/574 Information Systems Security Topic 4.4 Role-Based Access Control (RBAC) 1 OUTLINE Role-based Access Control Motivation Features Models Issues 2 1 OWNER-BASED DAC owner has all-or-nothing power
More informationOracle Database 11g: Security Release 2
Oracle University Contact Us: 001-855-844-3881 & 001-800-514-06-97 Oracle Database 11g: Security Release 2 Duration: 5 Days What you will learn In this course, you'll learn how to use Oracle Database features
More informationRelational Model. Topics. Relational Model. Why Study the Relational Model? Linda Wu (CMPT )
Topics Relational Model Linda Wu Relational model SQL language Integrity constraints ER to relational Views (CMPT 354 2004-2) Chapter 3 CMPT 354 2004-2 2 Why Study the Relational Model? Most widely used
More informationOracle Syllabus Course code-r10605 SQL
Oracle Syllabus Course code-r10605 SQL Writing Basic SQL SELECT Statements Basic SELECT Statement Selecting All Columns Selecting Specific Columns Writing SQL Statements Column Heading Defaults Arithmetic
More informationCSE 344 Final Examination
CSE 344 Final Examination December 12, 2012, 8:30am - 10:20am Name: Question Points Score 1 30 2 20 3 30 4 20 Total: 100 This exam is open book and open notes but NO laptops or other portable devices.
More informationCourse Description. Audience. Prerequisites. At Course Completion. : Course 40074A : Microsoft SQL Server 2014 for Oracle DBAs
Module Title Duration : Course 40074A : Microsoft SQL Server 2014 for Oracle DBAs : 4 days Course Description This four-day instructor-led course provides students with the knowledge and skills to capitalize
More informationOracle Database 11g: Introduction to SQLRelease 2
Oracle University Contact Us: 0180 2000 526 / +49 89 14301200 Oracle Database 11g: Introduction to SQLRelease 2 Duration: 5 Days What you will learn In this course students learn the concepts of relational
More informationOracle Flashback Data Archive (FDA) O R A C L E W H I T E P A P E R M A R C H
Oracle Flashback Data Archive (FDA) O R A C L E W H I T E P A P E R M A R C H 2 0 1 8 Table of Contents Disclaimer 1 Introduction 2 Tracking/Viewing Changes is Complicated 3 Enabling Flashback Data Archive
More informationCopyright 2016 Ramez Elmasri and Shamkant B. Navathe
CHAPTER 6 Basic SQL Slide 6-2 Chapter 6 Outline SQL Data Definition and Data Types Specifying Constraints in SQL Basic Retrieval Queries in SQL INSERT, DELETE, and UPDATE Statements in SQL Additional Features
More informationAO3 - Version: 2. Oracle Database 11g SQL
AO3 - Version: 2 Oracle Database 11g SQL Oracle Database 11g SQL AO3 - Version: 2 3 days Course Description: This course provides the essential SQL skills that allow developers to write queries against
More informationOracle Database: Introduction to SQL
Oracle University Contact Us: (+202) 35 35 02 54 Oracle Database: Introduction to SQL Duration: 5 Days What you will learn View a newer version of this course This Oracle Database: Introduction to SQL
More informationThe Relational Model. Outline. Why Study the Relational Model? Faloutsos SCS object-relational model
The Relational Model CMU SCS 15-415 C. Faloutsos Lecture #3 R & G, Chap. 3 Outline Introduction Integrity constraints (IC) Enforcing IC Querying Relational Data ER to tables Intro to Views Destroying/altering
More informationChapter 4: Intermediate SQL
Chapter 4: Intermediate SQL Chapter 4: Intermediate SQL Join Expressions Views Transactions Integrity Constraints SQL Data Types and Schemas Authorization Joined Relations Join operations take two relations
More informationInstallation and Configuration Guide
Installation and Configuration Guide 2013 DataNet Quality Systems. All rights reserved. Printed in U.S.A. WinSPC and QualTrend are registered trademarks of DataNet Quality Systems. All other trademarks
More informationCHAPTER. Oracle Database 11g Architecture Options
CHAPTER 1 Oracle Database 11g Architecture Options 3 4 Part I: Critical Database Concepts Oracle Database 11g is a significant upgrade from prior releases of Oracle. New features give developers, database
More informationOracle Database: Introduction to SQL
Oracle University Contact Us: +27 (0)11 319-4111 Oracle Database: Introduction to SQL Duration: 5 Days What you will learn This Oracle Database: Introduction to SQL training helps you write subqueries,
More information