0% found this document useful (0 votes)
63 views24 pages

A Presentation By: Amir Khanzada Roll No: 2k11/SWE/24

This document outlines a presentation on database security. It begins by explaining the need for securing databases to protect sensitive data from unauthorized access and corruption. It then defines database security as protecting the confidentiality, integrity, and availability of database information. The concepts of secrecy, integrity, and availability in database security are introduced. Common security problems like accidental threats and fraudulent attacks are described. Finally, some security controls for databases are mentioned, including authorization, encryption, authentication, firewalls, and data encryption.

Uploaded by

Azka Aziz
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
63 views24 pages

A Presentation By: Amir Khanzada Roll No: 2k11/SWE/24

This document outlines a presentation on database security. It begins by explaining the need for securing databases to protect sensitive data from unauthorized access and corruption. It then defines database security as protecting the confidentiality, integrity, and availability of database information. The concepts of secrecy, integrity, and availability in database security are introduced. Common security problems like accidental threats and fraudulent attacks are described. Finally, some security controls for databases are mentioned, including authorization, encryption, authentication, firewalls, and data encryption.

Uploaded by

Azka Aziz
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 24

A Presentation by : Amir Khanzada

Roll No: 2k11/SWE/24

1
OUTLINE
 Overview To Database Security.
 What is Database Security
 Why need of database security.
 Concepts of Database Security.
 Security Problems
 Security Controls

2
OVERVI
EW
In today’s world, we need everything secured whether it
is your mobile phone , computer , vehicle or almost
anything.

Vehicles
Mobile Computer 3
What is database
Database: security?
It is a collection of information stored in a computer.

Security:

It is being free from danger.

Database Security:

It is the mechanisms that protect the database against intentional or


accidental threats.
4
Definition of Database Security
Database Security is
defined as the process by
which “Confidentiality,
Integrity and Availability” of
the database can be
protected

5
Why need of database security?

Data will be easily


If there is no corrupted
security to
database what It is important to restrict access
happens??? to the database from authorized
users to protect sensitive data.

6
Concepts of Database Security

Three are 3 main aspects


1. Secrecy or Confidentiality

2. Integrity

3. Availability

7
SECRECY /
 It is protecting the database from unauthorized users.

 Ensures that users are allowed to do the things they are


trying to do.

 Encryption is a technique or a process by which the data


is encoded in such a way that only that authorized users
are able to read the data.
8
INTEGRITY
 Protecting the database from authorized users.

 Ensures that what users are trying to do is correct.

For examples,
 An employee should be able to modify his or her own
information.

9
AVAILABILITY
 Database must have not unplanned downtime.

 To ensure this ,following steps should be taken

 Restrict the amount of the storage space given to each user in the
database.
 Limit the number of concurrent sessions made available to each
database user.
Back up the data at periodic intervals to ensure data recovery in case of
application users.

10
SECURITY
PROBLEMS
11
Any circumstance or event with the potential to adversely
impact an IS through unauthorized access, destruction,
disclosure, modification of data, and/or denial of service.

There are two kinds of threat.

Non-fraudulent Threat

fraudulent Threat

12
1. Non-fraudulent Threat
 Natural or accidental disasters.
 Errors or bugs in hardware or software.
 Human errors.

2. fraudulent Threat
 Authorized users
 Those who abuse their privileges and authority.
 Hostile agents
 Those improper users (outsider or insiders).
 who attack the software and/or hardware system, or read or
write data in a database.

13
DATABASE PROTECTION
REQUIREMENTS
1. Protection from Improper Access

2. Protection from Inference

3. Integrity of the Database

4. User Authentication

5. Multilevel Protection

6. Confinement

7. Management and Protection of Sensitive Data


14
SECURITY
CONTROLS

15
 Authorization - privileges, views.

 Encryption - public key / private key, secure


sockets.

 Authentication – passwords.

 Logical - firewalls, net proxies.

16
A FIREWALL is dedicated software on another computer which
inspects network traffic passing through it and denies (or) permits
passage based on set of rules. Basically it is a piece of software that
monitors all traffic that goes from your system to another via the
Internet or network and Vice Versa

Database Firewalls are a type of Web Application Firewalls that


monitor databases to identify and protect against database specific
attacks that mostly seek to access sensitive information stored in the
databases.

17
18
 Data encryption enables to encrypt sensitive data, such as credit
card numbers, stored in table columns.

 Encrypted data is decrypted for a database user who has access to


the data.

 Data encryption helps protect data stored on media in the event


that the storage media or data file gets stolen.

19
 As a security administrator, one can be sure that sensitive data is safe in
case the storage media or data file gets stolen.

 You do not need to create triggers or views to decrypt data. Data from
tables is decrypted for the database user.

 Database users need not be aware of the fact that the data they are
accessing is stored in encrypted form. Data is transparently decrypted for
the database users and does not require any action on their part.

 Applications need not be modified to handle encrypted data. Data


encryption/decryption is managed by the database.
20
 Read authorization - allows reading, but not modification of data

 Insert authorization - allows insertion of new data, but not


modification of existing data.

 Update authorization - allows modification, but not deletion of data.

 Delete authorization - allows deletion of data

21
select: allows read access to relation, or the ability to query using the view

insert: the ability to insert tuples

update: the ability to update using the SQL update statement

delete: the ability to delete tuples.

22
Example:
With grant option: grant select on
allows a user who is branch to U1 with
grant option
granted a privilege to gives U1 the select
pass the privilege on privileges on branch and
to other users. allows U1 to grant this
privilege to others

23
24

You might also like