240 likes | 393 Views
Security. Dale-Marie Wilson, Ph.D. Why Database Security?. Data Valuable resource Must be strictly controlled and managed Corporate resource Have strategic importance Must be secure and confidential. Database Security.
E N D
Security Dale-Marie Wilson, Ph.D.
Why Database Security? • Data • Valuable resource • Must be strictly controlled and managed • Corporate resource • Have strategic importance • Must be secure and confidential
Database Security • Mechanisms that protect database against intentional or accidental threats • Does not only apply to data held in database • Security breaches may affect other parts of system • Eventually affect database
Database Security • Involves measures to avoid: • Theft and fraud • Loss of confidentiality (secrecy) • Loss of privacy • Loss of integrity • Loss of availability • Threat • Any situation or event, intentional or unintentional, that adversely affects system => organization
Countermeasures – Computer-Based Controls • Concerned with physical controls to administrative procedures and includes: • Authorization • Access controls • Views • Backup and recovery • Integrity • Encryption • RAID technology
Countermeasures – Computer-Based Controls • Authorization • The granting of a right or privilege, which enables a subject to legitimately have access to a system or a system’s object • Mechanism that determines whether user is, who he/he claims
Countermeasures – Computer-Based Controls • Access control • Granting/revoking of privileges • Privilege • Allows user to create or access (read, write, modify) database object (relation, view, index) or run DBMS utilities • Granted to user to accomplish tasks required for jobs
Countermeasures – Computer-Based Controls • Discretionary Access Control (DAC) • Provided by most DBMS • Effective • Weakness • Unauthorized user can trick authorized user into disclosing sensitive data • SQL standard supports DAC • GRANT and REVOKE commands • GRANT command • Gives privileges to users • REVOKE command • Takes privileges from users
Countermeasures – Computer-Based Controls • Mandatory Access Control (MAC) • Based on system-wide policies • Cannot be changed by individual users • Not supported by SQL standard • Each database object assigned a security class • Each user assigned a clearance for a security class • Rules are imposed on reading and writing of database objects by users
Countermeasures – Computer-Based Controls • MAC • Determines whether user can read/write object • Based on rules of security level of object and clearance of user • Rules ensure sensitive data never ‘passed on’ to another user without necessary clearance
Bell-LaPudula Model • Each database object assigned security class • Each subject assigned clearance • Four classes: • Top secret (TS), Secret (S), Confidential (C), Unclassified (U) • TS > S > C > U • Two restrictions: • Simple Security property • Subject S is allowed to read Object O only if class(S) >= class(O) • *_Property • Subject S is allowed to write object O only if class(S) <= class (O)
Countermeasures – Computer-Based Controls • View • dynamic result of one or more relational operations operating on base relations to produce another relation • Virtual relation • Produced upon request by particular user, at time of request • Backup • Process of periodically taking copy of database, log file, programs to offline storage media • Journaling • Process of maintaining log file/journal of all changes made to database to enable effective recovery in event of failure
Countermeasures – Computer-Based Controls • Integrity • Prevents invalid data • Misleading or incorrect results • Encryption • Encoding of data by special algorithm • Renders data unreadable by any program without decryption key
RAID (Redundant Array of Independent Disks)Technology • DBMS hardware must be fault-tolerant • Continues to operate even if one hardware components fails • Main hardware components include: • Disk drives, disk controllers, CPU, power supplies, cooling fans • Disk drives most vulnerable component • Has shortest times between failures of other hardware components • Suggests having redundant components • Seamlessly integrated into working system whenever component failure occurs
RAID (Redundant Array of Independent Disks)Technology • Large disk array comprising an arrangement of several independent disks • Organized to improve reliability and increase performance • Performance • Increased through data striping • Data segmented into equal-size partitions (striping unit) • Transparently distributed across multiple disks • Reliability • Improved through storing redundant information across the disks using parity scheme or error-correcting scheme
RAID (Redundant Array of Independent Disks) Technology • Different disk configurations aka RAID levels • RAID 0 Nonredundant • RAID 1 Mirrored • RAID 0+1 Nonredundant and Mirrored • RAID 2 Memory-Style Error-Correcting Codes • RAID 3 Bit-Interleaved Parity • RAID 4 Block-Interleaved Parity • RAID 5 Block-Interleaved Distributed Parity • RAID 6 P+Q Redundancy
DBMS and Web Security • Internet communication relies on TCP/IP • TCP/IP and HTTP not designed with security in mind • Without special software, all Internet traffic travels ‘in the clear’ • Anyone who monitors traffic can read it
DBMS and Web Security • Must ensure while transmitting information over the Internet that: • inaccessible to anyone but sender and receiver (privacy); • not changed during transmission (integrity); • receiver can be sure it came from sender (authenticity); • sender can be sure receiver is genuine (non-fabrication); • sender cannot deny he or she sent it (non-repudiation).
DBMS and Web Security • Measures include: • Proxy servers • Firewalls • Message digest algorithms and digital signatures • Digital certificates • Kerberos • Secure sockets layer (SSL) and Secure HTTP (S-HTTP) • Secure Electronic Transactions (SET) and Secure Transaction Technology (SST) • Java security • ActiveX security