CHAPTER 5 SECURITY ADVANCED DATABASE SYSTEMS. Assist. Prof. Dr. Volkan TUNALI

Similar documents
Unit 14 Security and Integrity

CHAPTER 4 MISSING INFORMATION ADVANCED DATABASE SYSTEMS. Assist. Prof. Dr. Volkan TUNALI

Chapter 9: Database Security: An Introduction. Nguyen Thi Ai Thao

Chapter 8 INTEGRITY 1

Database Security. Authentification: verifying the id of a user. Authorization: checking the access privileges

Chapter 7 Relational Calculus

CSE 565 Computer Security Fall 2018

Discretionary Vs. Mandatory

Security and Authorization

Unit 3 The Relational Model

Access Control. Protects against accidental and malicious threats by

Unit 5.2b - Security 1. Security. Unit 5.2b

Relational Data Structure and Concepts. Structured Query Language (Part 1) The Entity Integrity Rules. Relational Data Structure and Concepts

Introduction To Security and Privacy Einführung in die IT-Sicherheit I

CPS510 Database System Design Primitive SYSTEM STRUCTURE

Access Control. Access control: ensures that all direct accesses to object are authorized a scheme for mapping users to allowed actions

Information Systems. Relational Databases. Nikolaj Popov

Database Security Lecture 10

CPS 510 Data Base I. There are 3 forms of database descriptions the ANSI/SPARK, 1975 and so on

Instructor: Jinze Liu. Fall 2008

Ders # 7. Veri Bütünlüğü Programlama ve Güvenlik. From Elmasri/Navathe textbook Ch9,26 Sciore textbook, Ch 9-10

Database Redesign. 1. Additional SQL Statements 3 1) Correlated Sub-Query 3 2) EXISTS 4 3) NOT EXISTS 7 4) double NOT EXISTS (FOR ALL) 9.

CS5300 Database Systems

CS419 Spring Computer Security. Vinod Ganapathy Lecture 15. Chapter 5: Database security

UNIT 11. Query Optimization

Protecting Information Assets - Week 10 - Identity Management and Access Control. MIS 5206 Protecting Information Assets

Access Control. Discretionary Access Control

UFCEKG 20 2 : Data, Schemas and Applications

Multilevel relations: Schema and multiple instances based on each access class. A multilevel relation consists of two parts:

IT Service Delivery and Support Week Three. IT Auditing and Cyber Security Fall 2016 Instructor: Liang Yao

Database Applications (15-415)

Database Security Overview. Murat Kantarcioglu

Post-Class Quiz: Access Control Domain

Data Science 100. Databases Part 2 (The SQL) Slides by: Joseph E. Gonzalez & Joseph Hellerstein,

Introduction The SELECT statement: basics Nested queries Set operators Update commands Table management

Chapter 6: Integrity and Security.! Domain Constraints! Referential Integrity! Assertions! Triggers! Security! Authorization! Authorization in SQL

(All chapters begin with an Introduction end with a Summary, Exercises, and Reference and Bibliography) Preliminaries An Overview of Database

Data Science 100 Databases Part 2 (The SQL) Previously. How do you interact with a database? 2/22/18. Database Management Systems

Access Control Models

Chapter 5: Database Security

Mobile and Heterogeneous databases Security. A.R. Hurson Computer Science Missouri Science & Technology

Introduction to Data Management CSE 344. Lectures 8: Relational Algebra

Copyright 2016 Ramez Elmasri and Shamkant B. Navathe

CS 356 Lecture 7 Access Control. Spring 2013

The Relational Model. Chapter 3. Comp 521 Files and Databases Fall

Concepts of Database Management Seventh Edition. Chapter 4 The Relational Model 3: Advanced Topics

Computer Security: Principles and Practice

Unit 4 SQL language: other definitions

Discretionary Access Control (DAC)

FOREWARD. Keith F. Brewster May 1996 Acting Chief, Partnerships and Processes

Relational Database Languages

History of SQL. Relational Database Languages. Tuple relational calculus ALPHA (Codd, 1970s) QUEL (based on ALPHA) Datalog (rule-based, like PROLOG)

Chapter 4. Basic SQL. SQL Data Definition and Data Types. Basic SQL. SQL language SQL. Terminology: CREATE statement

The Relational Model. Outline. Why Study the Relational Model? Faloutsos SCS object-relational model

Relational Databases BORROWED WITH MINOR ADAPTATION FROM PROF. CHRISTOS FALOUTSOS, CMU /615

WEEK 3. EE562 Slides and Modified Slides from Database Management Systems, R.Ramakrishnan 1

Copyright 2016 Ramez Elmasri and Shamkant B. Navathe

Chapter 4. Basic SQL. Copyright 2011 Pearson Education, Inc. Publishing as Pearson Addison-Wesley

Relational Databases

DATABASE SECURITY AND PRIVACY. Some slides were taken from Database Access Control Tutorial, Lars Olson, UIUC CS463, Computer Security

The Relational Model. Chapter 3

A Sample Solution to the Midterm Test

Relational Database Systems Part 01. Karine Reis Ferreira

The Relational Model. Chapter 3. Database Management Systems, R. Ramakrishnan and J. Gehrke 1

MULTILEVEL POLICY BASED SECURITY IN DISTRIBUTED DATABASE

CSC 261/461 Database Systems Lecture 6. Fall 2017

CPS 510 Data Base I. Query: find all SNRs whose scodes are greater than some SNRs whose name is CB.

Fundamentals of Database Systems

Acten (Action Entity) Model

FUNDAMENTALS OF. Database S wctpmc. Shamkant B. Navathe College of Computing Georgia Institute of Technology. Addison-Wesley

Chapter 4: Access Control

The Relational Model. Chapter 3. Comp 521 Files and Databases Fall

Chapter 6 5/2/2008. Chapter Outline. Database State for COMPANY. The Relational Algebra and Calculus

Fundamentals of. Database Systems. Shamkant B. Navathe. College of Computing Georgia Institute of Technology PEARSON.

Systems:;-'./'--'.; r. Ramez Elmasri Department of Computer Science and Engineering The University of Texas at Arlington

Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls

Asset Analysis -I. 1. Fundamental business processes 2.Critical ICT resources for these processes 3.The impact for the organization if

Unix, History

CSC 474/574 Information Systems Security

Introduction to Database Management Systems

CT13 DATABASE MANAGEMENT SYSTEMS DEC 2015

Database Management Systems Triggers

Essay Question: Explain 4 different means by which constrains are represented in the Conceptual Data Model (CDM).

CompTIA Security+ (Exam SY0-401) Course 01 Security Fundamentals

The Relational Model 2. Week 3

Introduction to the Structured Query Language [ SQL ] (Significant Concepts)

Last time. User Authentication. Security Policies and Models. Beyond passwords Biometrics

SQL STRUCTURED QUERY LANGUAGE

Total points: 71. Total time: 75 minutes. 9 problems over 7 pages. No book, notes, or calculator

Overview of Information Security

Database Systems ( 資料庫系統 )

CSE 544 Principles of Database Management Systems

Slides by: Ms. Shree Jaswal

Introduction to Cryptography. Vasil Slavov William Jewell College

Answers to the review questions can be found in the listed sections. What are the components of a workload description? (Section 20.1.

FUNDAMENTALS OF SEVENTH EDITION

Relational Model. Topics. Relational Model. Why Study the Relational Model? Linda Wu (CMPT )

The Relational Model. Roadmap. Relational Database: Definitions. Why Study the Relational Model? Relational database: a set of relations

Relational Model: History

COSC 304 Introduction to Database Systems SQL DDL. Dr. Ramon Lawrence University of British Columbia Okanagan

Transcription:

CHAPTER 5 SECURITY ADVANCED DATABASE SYSTEMS Assist. Prof. Dr. Volkan TUNALI

Topics 2 Introduction Discretionary Access Control Mandatory Access Control Statistical Databases Data Encryption SQL Facilities

Introduction 3 Security protecting data against unauthorized users Integrity protecting data against authorized users Constraints for assuring Security and Integrity Must be explicitly defined Maintained and stored in the catalog Continuous monitoring by the DBMS so that Constraints are not violated

Security Aspects 4 Aspects of the Security problem Legal, social, and ethical aspects Physical controls Policy questions Operational problems Hardware controls Operating system support Issues related to the database itself

Database Security 5 Approaches to the database security Discretionary control (flexible) Users have different privileges on different objects Mandatory control (rigid) Each data object has a certain classification level Each user has a certain clearance level

Security Policy 6 Security is a policy issue, not a technical one Access request checked by security subsystem authorization Requested operation Requested object Requesting user Authentication checking that users are who they say User groups have the same same privileges roles A powerful tool commonly used to administer large databases

Discretionary Access Control 7 Security languages usually state what is allowed rather than constrained. AUTHORITY SA3 GRANT RETRIEVE ( S#, SNAME, CITY ), DELETE ON S TO Jim, Fred, Mary ; AUTHORITY <authority name> GRANT <privilege commalist> ON <relvar name> TO <user ID commalist> ; Unauthorized attempts may be logged DROP AUTHORITY <authority name> ;

Discretionary Access Control 8 AUTHORITY EX1 GRANT RETRIEVE ( P#, PNAME, WEIGHT ) ON P TO Jacques, Anne, Charley ; AUTHORITY EX2 GRANT RETRIEVE, UPDATE ( SNAME, STATUS ), DELETE ON LS TO Dan, Misha ; VAR SSPPR VIEW ( S JOIN SP JOIN (P WHERE CITY = Rome ) { P# }) { ALL BUT P#, QTY } ; AUTHORITY EX3 GRANT RETRIEVE ON SSPPR TO Giovanni ;

Discretionary Access Control 9 VAR SSQ VIEW SUMMARIZE SP PER S { S# } ADD SUM ( QTY ) AS SQ ; AUTHORITY EX4 GRANT RETRIEVE ON SSQ TO Fidel ; AUTHORITY EX5 GRANT RETRIEVE, UPDATE ( STATUS ) ON S WHEN DAY( ) IN ( Mon, Tue, Wed, Thu, Fri ) AND NOW( ) >= TIME 09:00:00 AND NOW( ) <= TIME 17:00:00 TO Purchasing ;

Discretionary Access Control 10 Request modification (University Ingres and QUEL) QUEL requests are modified so that no constraint violation possible DEFINE PERMIT RETRIEVE ON P TO U WHERE P.CITY = London RETRIEVE ( P.P#, P.WEIGHT ) WHERE P.COLOR = Red The system modifies these to the following: RETRIEVE ( P.P#, P.WEIGHT ) WHERE P.COLOR = Red AND P.CITY = London

Discretionary Access Control 11 Request modification (cont d) DEFINE PERMIT APPEND, RETRIEVE, REPLACE ON S ( S#, CITY ) TO Joe AT TTA4 FROM 9:00 TO 17:00 ON Sat TO Sun WHERE S.STATUS < 50 AND S.S# = SP.S# AND SP.P# = P.P# AND P.COLOR = Red Audit trail a special file or db in which the system keeps track of all operations performed by users Request, terminal, user, time, relvars, tuples, attributes, old values, new values

Mandatory Access Control 12 Mandatory access controls are usually applicable to static and rigid databases An example of clearance level of users and classification level of db objects Top secret > Secret > Confidential Simple security property user i can retrieve object j only if his/her clearance level is greater than or equal to classification level of j Star property user i can update object j only if his/her clearance level is equal to the classification level of j In the 1990s most DBMSs supported MAC because of DoD requirement

Mandatory Access Control 13 Multi-level security S WHERE CITY = London S WHERE CITY = London AND CLASS <= user clearance

Mandatory Access Control 14 Multi-level security (cont d) INSERT INTO S RELATION { TUPLE { S# S# ( S4 ), SNAME NAME ( Baker ), STATUS 25, CITY Rome } } ; This insert is not rejected but modified as follows: INSERT INTO S RELATION { TUPLE { S# S# ( S4 ), SNAME NAME ( Baker ), STATUS 25, CITY Rome } }, CLASS CLASS ( 3 ) } } ;

Statistical Databases 15 Statistical dbs permit queries that derive aggregated information but not queries that derive individual information. What is the average employee salary? Allowed Whay is the salary of employee mary? Rejected Problem: Deduction of confidential information by inference. Data Warehouses

Statistical Databases 16 WITH ( STATS WHERE SEX = M AND OCCUPATION = Programmer AS X : COUNT ( X ) WITH ( STATS WHERE SEX = M AND OCCUPATION = Programmer AS X : SUM ( X, SALARY )

Statistical Databases 17 The system should refuse queries for which the cardinality of the set to be summarized is less than some lower bound b and greater than the upper bound N b where N is the cardinality of the given relation ( b <= c <= N-b ) COUNT ( STATS ) WITH ( STATS WHERE NOT ( SEX = M AND OCCUPATION = Programmer )) AS X: COUNT (X) SUM ( STATS, SALARY ) WITH ( STATS WHERE NOT ( SEX = M AND OCCUPATION = Programmer )) AS X: SUM ( X, SALARY )

Statistical Databases 18 Using STATS table, assume that b=2 (N=10) Queries will be answered if (2 <= c <= 8 ) Therefore SEX = M and OCCUPATION = Programmer will not be answered. BUT: WITH ( STATS WHERE SEX = M ) AS X: COUNT (X) WITH ( STATS WHERE SEX = M AND NOT (OCCUPATION = Programmer )) AS X: COUNT (X) WITH ( STATS WHERE SEX = M ) AS X: SUM ( X, SALARY ) WITH ( STATS WHERE SEX = M AND NOT ( OCCUPATION = Programmer ) ) AS X: SUM ( X, SALARY ) Individual tracker enables the user to track down info about a particular record

Statistical Databases 19 If BE identifies some specific individual I, and if BE can be expressed in the form BE1 AND BE2 then BE1 AND NOT BE2 is a tracker for I set (BE)= set (BE1 AND BE2 ) = set (BE1 ) minus set ( BE1 AND NOT BE2 )

Statistical Databases 20 General tracker a boolean expression that can be used to find the answer to any inadmissible query T is a general tracker if and only if NOT T is also a general tracker ( 2b <= c <= N-2b ) Example: assume b=2 and 4<=c<= 6 and AUDITS=0 WITH ( STATS WHERE AUDITS = 0 ) AS X : COUNT ( X ) WITH ( STATS WHERE NOT ( AUDITS = 0 ) ) AS X : COUNT ( X ) WITH ( STATS ( WHERE ( SEX = M AND OCCUPATION = Programmer ) OR AUDITS = 0 ) AS X : COUNT ( X ) WITH ( STATS ( WHERE ( SEX = M AND OCCUPATON= Programmer ) OR NOT (AUDITS=0)) AS X: COUNT ( X )

Statistical Databases 21 Example (cont d) WITH ( STATS WHERE AUDITS = 0 ) AS X : SUM ( X, SALARY ) WITH ( STATS WHERE NOT ( AUDITS = 0 ) ) AS X : SUM ( X, SALARY ) WITH ( STATS ( WHERE ( SEX = M AND OCCUPATION = Programmer ) OR AUDITS = 0 ) AS X : SUM ( X, SALARY ) WITH ( STATS ( WHERE ( SEX = M AND OCCUPATON= Programmer ) OR NOT (AUDITS=0)) AS X: SUM ( X, SALARY ) Result : 778 000 728 000 = 50 000

Statistical Databases 22 General tracker: set (BE) = (set(be OR T) plus set (BE OR NOT T)) minus set (T OR NOT T) A General Tracker almost always exists.

Data Encryption 23 Usually for data in transmission, but also for the data in the database Terminology: Plaintext original data Encryption algorithm used to encrypt by an encryption key Ciphertext encrypted data Two approaches Substitution of other characters Permutation plaintext characters are arranged into some different sequence Data Encryption Standard (DES) by IBM in 1977 Plaintext is divided into 64-bit blocks, then permutation

Data Encryption 24 Public key encryption both the encryption algorithm and the encryption key are freely available, but not decryption key RSA scheme There is a known fast algorithm for determining whether a given number is prime There is no known fast algoritm for finding the prime factors of a given nonprime number

SQL Facilities 25 SQL supports only Discretionary Access Control Plus View mechanism Authorization subsystem CREATE VIEW LS AS SELECT S.S#, S.SNAME, S.STATUS, S.CITY FROM S WHERE S.CITY = London ; GRANT SELECT, UPDATE (SNAME, STATUS), DELETE ON LS TO Dan, Misha ; CREATE VIEW SSQ AS SELECT S.S#, (SELECT SUM (SP.QTY) FROM SP WHERE SP.S# = S.S# ) AS SQ FROM S ; GRANT SELECT ON SSQ TO Fidel ;

SQL Facilities 26 Creator of any object (owner) has all privileges on that object GRANT <privilege commalist> ON <object> TO <user ID commalist> [WITH GRANT OPTION] ; Privileges USAGE, SELECT, INSERT, UPDATE, DELETE, REFERENCES Objects DOMAIN, TABLE <user ID commalist> or PUBLIC WITH GRANT OPTION the users can in turn grant privileges to other users REVOKE [GRANT OPTION FOR] <privilege commalist> ON <object> FROM <user ID commalist> <option> ;

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback