CS419 Spring Computer Security. Vinod Ganapathy Lecture 15. Chapter 5: Database security

Similar documents
Computer Security: Principles and Practice

Introduction To Security and Privacy Einführung in die IT-Sicherheit I

Chapter 5: Database Security

CSE 565 Computer Security Fall 2018

COMPUTER NETWORK SECURITY

ACS-3921/ Computer Security And Privacy. Chapter 5 Database and Data Centre Security

University of Massachusetts Amherst Department of Computer Science Prof. Yanlei Diao

QUERY OPTIMIZATION [CH 15]

CSC 261/461 Database Systems Lecture 6. Fall 2017

COMP7640 Assignment 2

The Relational Model. Outline. Why Study the Relational Model? Faloutsos SCS object-relational model

CS W Introduction to Databases Spring Computer Science Department Columbia University

Chapter 4. Basic SQL. Copyright 2011 Pearson Education, Inc. Publishing as Pearson Addison-Wesley

Data Modelling and Databases. Exercise Session 7: Integrity Constraints

Chapter 4. Basic SQL. SQL Data Definition and Data Types. Basic SQL. SQL language SQL. Terminology: CREATE statement

Which of the following is the best way to prevent most users from viewing AVG_SALARY data?

Introduction to Data Management. Lecture #4 (E-R Relational Translation)

Oracle User Administration

First lecture of this chapter is in slides (PPT file)

Using Relational Databases for Digital Research

The Relational Model. Chapter 3. Comp 521 Files and Databases Fall

The Relational Model. Roadmap. Relational Database: Definitions. Why Study the Relational Model? Relational database: a set of relations

COSC 304 Introduction to Database Systems. Views and Security. Dr. Ramon Lawrence University of British Columbia Okanagan

Relational Databases BORROWED WITH MINOR ADAPTATION FROM PROF. CHRISTOS FALOUTSOS, CMU /615

CS 356 Operating System Security. Fall 2013

Copyright 2016 Ramez Elmasri and Shamkant B. Navathe

Comp 5311 Database Management Systems. 4b. Structured Query Language 3

Question 1 (a) 10 marks

192 Chapter 14. TotalCost=3 (1, , 000) = 6, 000

Answers to the review questions can be found in the listed sections. What are the components of a workload description? (Section 20.1.

COGS 121 HCI Programming Studio. Week 03 - Tech Lecture

DATABASE MANAGEMENT SYSTEMS

D B M G. SQL language: basics. Managing tables. Creating a table Modifying table structure Deleting a table The data dictionary Data integrity

The Relational Model. Chapter 3

High-Level Database Models (ii)

Sample Question Paper

The Relational Model. Chapter 3. Database Management Systems, R. Ramakrishnan and J. Gehrke 1

Security Control Methods for Statistical Database

Example 1 - Create Horizontal View. Example 2 - Create Vertical View. Views. Views

CHAPTER 5 SECURITY ADVANCED DATABASE SYSTEMS. Assist. Prof. Dr. Volkan TUNALI

Database Applications (15-415)

From ER to Relational Model. Book Chapter 3 (part 2 )

The Relational Model. Why Study the Relational Model? Relational Database: Definitions

Lecture 07. Spring 2018 Borough of Manhattan Community College

Chapter 1 SQL and Data

Outer Join, More on SQL Constraints

The Relational Model

The Relational Model. Chapter 3. Comp 521 Files and Databases Fall

The Relational Model (ii)

Solved MCQ on fundamental of DBMS. Set-1

Assignment #2. CS Spring 2015 Due on Friday, June 19, 2015, 9 AM For instructions on how to submit your assignment check the course website.

The Relational Model 2. Week 3

LAB 3 Notes. Codd proposed the relational model in 70 Main advantage of Relational Model : Simple representation (relationstables(row,

Integrity constraints, relationships. CS634 Lecture 2

Physical Database Design and Tuning. Chapter 20

C Examcollection.Premium.Exam.58q

Database Management Systems. Chapter 3 Part 2

Database Systems ( 資料庫系統 )

Database Management System Dr. S. Srinath Department of Computer Science & Engineering Indian Institute of Technology, Madras Lecture No.

CS698F Advanced Data Management. Instructor: Medha Atre. Aug 04, 2017 CS698F Adv Data Mgmt 1

Views. COSC 304 Introduction to Database Systems. Views and Security. Creating Views. Views Example. Removing Views.

Translating an ER Diagram to a Relational Schema

Access Control. Access control: ensures that all direct accesses to object are authorized a scheme for mapping users to allowed actions

Data Modeling. Yanlei Diao UMass Amherst. Slides Courtesy of R. Ramakrishnan and J. Gehrke

Objectives. After completing this lesson, you should be able to do the following:

Introduction to Data Management. Lecture #5 Relational Model (Cont.) & E-Rà Relational Mapping

Essay Question: Explain 4 different means by which constrains are represented in the Conceptual Data Model (CDM).

CSIT5300: Advanced Database Systems

Outline. Textbook Chapter 6. Note 1. CSIE30600/CSIEB0290 Database Systems Basic SQL 2

Chapter 9: Database Security: An Introduction. Nguyen Thi Ai Thao

CSIE30600 Database Systems Basic SQL 2. Outline

Slides by: Ms. Shree Jaswal

Data about data is database Select correct option: True False Partially True None of the Above

Integrity and Security

Access Control. Protects against accidental and malicious threats by

CS2300: File Structures and Introduction to Database Systems

Relational Data Structure and Concepts. Structured Query Language (Part 1) The Entity Integrity Rules. Relational Data Structure and Concepts

Database Modelling. Lecture 5 Part 1: Updating Database 1/6/2015 1

The Relational Model

Authorization, Database Security

Database Management Systems (COP 5725) Homework 3

SQL DDL. CS3 Database Systems Weeks 4-5 SQL DDL Database design. Key Constraints. Inclusion Constraints

Oracle Database 10g Express

q Ø v v v v v v v v IBM - 2

Chapter # 7 Introduction to Structured Query Language (SQL) Part I

Physical Database Design and Tuning. Review - Normal Forms. Review: Normal Forms. Introduction. Understanding the Workload. Creating an ISUD Chart

DB2 MOCK TEST DB2 MOCK TEST I

Hash-Based Indexing 165

DB Creation with SQL DDL

Handout 6 CS-605 Spring 18 Page 1 of 7. Handout 6. Physical Database Modeling

Database Security Lecture 10

SQL STRUCTURED QUERY LANGUAGE

More SQL: Complex Queries, Triggers, Views, and Schema Modification

Security and Authorization

Asst. Prof. Lipyeow Lim Information & Computer Science Department University of Hawaii at Manoa

EGCI 321: Database Systems. Dr. Tanasanee Phienthrakul

DATABASE DESIGN - 1DL400

Chapter 6. Foundations of Business Intelligence: Databases and Information Management VIDEO CASES

Introduction to Data Management. Lecture #4 (E-R à Relational Design)

Review. The Relational Model. Glossary. Review. Data Models. Why Study the Relational Model? Why use a DBMS? OS provides RAM and disk

Transcription:

CS419 Spring 2010 Computer Security Vinod Ganapathy Lecture 15 Chapter 5: Database security

Database Security

Relational Databases constructed from tables of data each column holds a particular type of data each row contains a specific value these ideally has one column where all values are unique, forming an identifier/key for that row

Relational databases have multiple tables linked by identifiers use a query language to access data items meeting specified criteria

Relational Database Example

Relational Database Elements relation / table / file tuple / row / record attribute / column / field primary key uniquely identifies a row foreign key links one table to attributes in another view / virtual table

Relational Database Elements

Structured Query Language Structured Query Language (SQL) originally developed by IBM in the mid 1970s standardized language to define, manipulate, and query data in a relational database CREATE TABLE department ( Did INTEGER PRIMARY KEY, Dname CHAR (30), Dacctno CHAR (6) ) CREATE TABLE employee ( Ename CHAR (30), Did INTEGER, SalaryCode INTEGER, Eid INTEGER PRIMARY KEY, Ephone CHAR (10), FOREIGN KEY (Did) REFERENCES department (Did) ) CREATE VIEW newtable (Dname, Ename, Eid, Ephone) AS SELECT D.Dname E.Ename, E.Eid, E.Ephone FROM Department D Employee E WHERE E.Did = D.Did

Database Access Control DBMS provide access control for database assume have authenticated user DBMS provides specific access rights to portions of the database e.g. create, insert, delete, update, read, write to entire database, tables, selected rows or columns possibly dependent on contents of a table entry can support a range of policies: centralized administration ownership based administration decentralized administration

SQL Access Controls two commands: GRANT { privileges role } [ON table] TO { user role PUBLIC } [IDENTIFIED BY password] [WITH GRANT OPTION] e.g. GRANT SELECT ON ANY TABLE TO ricflair REVOKE { privileges role } [ON table] FROM { user role PUBLIC } e.g. REVOKE SELECT ON ANY TABLE FROM ricflair typical access rights are: SELECT, INSERT, UPDATE, DELETE, REFERENCES

Cascading Authorizations

Role Based Access Control role based access control work well for DBMS eases admin burden, improves security categories of database users: application owner end user administrator

Inference

Inference Example

Inference Countermeasures inference detection at database design alter database structure or access controls inference detection at query time by monitoring and altering or rejecting queries need some inference detection algorithm a difficult problem cf. employee salary example

Statistical Databases provides data of a statistical nature e.g. counts, averages two types: pure statistical database ordinary database with statistical access some users have normal access, others statistical access control objective to allow statistical use without revealing individual entries security problem is one of inference

Statistical Database Security use a characteristic formula C a logical formula over the values of attributes e.g. (Sex=Male) AND ((Major=CS) OR (Major=EE)) query set X(C) of characteristic formula C, is the set of records matching C a statistical query is a query that produces a value calculated over a query set

Statistical Database Example

Protecting Against Inference

Tracker Attacks divide queries into parts C = C1.C2 count(c.d) = count(c1) count (C1. ~C2) combination is called a tracker each part acceptable query size overlap is desired result

Other Query Restrictions query set overlap control limit overlap between new & previous queries has problems and overheads partitioning cluster records into exclusive groups only allow queries on entire groups query denial and information leakage denials can leak information to counter must track queries from user

must minimize loss of accuracy in results Perturbation add noise to statistics generated from data will result in differences in statistics data perturbation techniques data swapping generate statistics from probability distribution output perturbation techniques random sample query statistic adjustment

Database Encryption databases typical a valuable info resource protected by multiple layers of security: firewalls, authentication, O/S access control systems, DB access control systems, and database encryption can encrypt entire database very inflexible and inefficient individual fields simple but inflexible records (rows) or columns (attributes) best also need attribute indexes to help data retrieval

Database Encryption

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback