A Presentation By: Amir Khanzada Roll No: 2k11/SWE/24
A Presentation By: Amir Khanzada Roll No: 2k11/SWE/24
1
OUTLINE
Overview To Database Security.
What is Database Security
Why need of database security.
Concepts of Database Security.
Security Problems
Security Controls
2
OVERVI
EW
In today’s world, we need everything secured whether it
is your mobile phone , computer , vehicle or almost
anything.
Vehicles
Mobile Computer 3
What is database
Database: security?
It is a collection of information stored in a computer.
Security:
Database Security:
5
Why need of database security?
6
Concepts of Database Security
2. Integrity
3. Availability
7
SECRECY /
It is protecting the database from unauthorized users.
For examples,
An employee should be able to modify his or her own
information.
9
AVAILABILITY
Database must have not unplanned downtime.
Restrict the amount of the storage space given to each user in the
database.
Limit the number of concurrent sessions made available to each
database user.
Back up the data at periodic intervals to ensure data recovery in case of
application users.
10
SECURITY
PROBLEMS
11
Any circumstance or event with the potential to adversely
impact an IS through unauthorized access, destruction,
disclosure, modification of data, and/or denial of service.
Non-fraudulent Threat
fraudulent Threat
12
1. Non-fraudulent Threat
Natural or accidental disasters.
Errors or bugs in hardware or software.
Human errors.
2. fraudulent Threat
Authorized users
Those who abuse their privileges and authority.
Hostile agents
Those improper users (outsider or insiders).
who attack the software and/or hardware system, or read or
write data in a database.
13
DATABASE PROTECTION
REQUIREMENTS
1. Protection from Improper Access
4. User Authentication
5. Multilevel Protection
6. Confinement
15
Authorization - privileges, views.
Authentication – passwords.
16
A FIREWALL is dedicated software on another computer which
inspects network traffic passing through it and denies (or) permits
passage based on set of rules. Basically it is a piece of software that
monitors all traffic that goes from your system to another via the
Internet or network and Vice Versa
17
18
Data encryption enables to encrypt sensitive data, such as credit
card numbers, stored in table columns.
19
As a security administrator, one can be sure that sensitive data is safe in
case the storage media or data file gets stolen.
You do not need to create triggers or views to decrypt data. Data from
tables is decrypted for the database user.
Database users need not be aware of the fact that the data they are
accessing is stored in encrypted form. Data is transparently decrypted for
the database users and does not require any action on their part.
21
select: allows read access to relation, or the ability to query using the view
22
Example:
With grant option: grant select on
allows a user who is branch to U1 with
grant option
granted a privilege to gives U1 the select
pass the privilege on privileges on branch and
to other users. allows U1 to grant this
privilege to others
23
24