Database Security :

• Data security is an important aspect of any database

system.
• Database security uses many information security controls
to protect database and its related applications, functions
etc.
• The data get secured against their confidentiality, integrity
and availability.
• It involves various types or categories of controls, such as
technical, procedural/administrative and physical.
Database security controls :
Many layers and types of information security control are
appropriate to databases.
• Access control
• Auditing
• Authentication
• Encryption
• Integrity controls
• Backups
• Application security
• System hardening and monitoring
• System hardening and monitoring :
The underlying architecture provides additional access to the
DBMS. It is vital that all systems are patched consistently,
hardened using known security configuration standards, and
monitored for access, including insider threats.

• DBMS configuration :
It is critical that the DBMS be properly configured and hardened
to take advantage of security features and limit privileged access
that may cause a misconfiguration of expected security settings.
Monitoring the DBMS configuration and ensuring proper change
control processes helps ensure that the configuration stays
consistent.
• Authentication :
Database security measures include authentication, the process of
verifying if a user’s credentials match those stored in your database,
and permitting only authenticated users access to your data,
networks, and database platform.

• Access :
A primary outcome of database security is the effective limitation of
access to your data. Access controls authenticate legitimate users
and applications, limiting what they can access in your database.
Access includes designing and granting appropriate user attributes
and roles and limiting administrative privileges.
• Database auditing :
Monitoring (or auditing) actions as part of a database
security protocol delivers centralized oversight of your
database. Auditing helps to detect, deter, and reduce the
overall impact of unauthorized access to your DBMS.

• Backups :
A data backup, as part of your database security protocol,
makes a copy of your data and stores it on a separate
system. This backup allows you to recover lost data that
may result from hardware failures, data corruption, theft,
hacking, or natural disasters.
• Encryption :
Database security can include the secure management of encryption
keys, protection of the encryption system, management of a secure,
off-site encryption backup, and access restriction protocols.

• Application security :
Database and application security framework measures can help
protect against common known attacker exploits that can circumvent
access controls, including SQL injection.
Data Security Requirements :
Why is database security important?
• Safeguarding the data is most important.
• Database security can guard against a compromise of your database,
which can lead to financial loss, reputation damage, consumer
confidence disintegration, brand erosion, and non-compliance
of government and industry regulation.
• Database security safeguards defend against a myriad of security
threats and can help protect your enterprise from:

• Deployment failure • Unmanaged sensitive data

• Excessive privileges • Backup data exposure
• Privilege abuse • Weak authentication
• Platform vulnerabilities • Database injection attacks
Database Users :
• Database users are the one who really use and take the benefits
of database.

Types of Database Users :

• Database users are categorized based up on their interaction
with the data base.
• These are seven types of data base users in DBMS.
• Database Administrator (DBA)
• Naive / Parametric End Users
• System Analyst
• Sophisticated Users
• Data Base Designers
• Application Program
• Casual Users / Temporary Users
Database Administrator (DBA) :
• Database Administrator (DBA) is a person/team who defines the
schema and also controls the 3 levels of database.
• The DBA will then create a new account id and password for the user
if he/she need to access the data base.
• DBA is also responsible for providing security to the data base and
he allows only the authorized users to access/modify the data base.
• DBA also monitors the recovery and back up and provide technical
support.
• The DBA has a DBA account in the DBMS which called a system or
super user account.
• DBA repairs damage caused due to hardware and/or software
failures.
Naive / Parametric End Users :
• Parametric End Users are the unsophisticated who don’t have any
DBMS knowledge but they frequently use the data base
applications in their daily life to get the desired results.
• For examples, Railway’s ticket booking users are naive users.
Clerks in any bank is a naive user because they don’t have any
DBMS knowledge but they still use the database and perform
their given task.

System Analyst :
• System Analyst is a user who analyzes the requirements of
parametric end users.
• They check whether all the requirements of end users are
satisfied.
Sophisticated Users :
• Sophisticated users can be engineers, scientists, business analyst,
who are familiar with the database.
• They can develop their own data base applications according to
their requirement.
• They don’t write the program code but they interact the data base
by writing SQL queries directly through the query processor.

Data Base Designers :

• Data Base Designers are the users who design the structure of data
base which includes tables, indexes, views, constraints, triggers,
stored procedures.
• He/she controls what data must be stored and how the data items
to be related.
Application Program :
• Application Program are the back end programmers who
writes the code for the application programs.
• They are the computer professionals.
• These programs could be written in Programming languages
such as Visual Basic, Developer, C, FORTRAN, COBOL etc.

Casual Users / Temporary Users :

• Casual Users are the users who occasionally use/access the
data base but each time when they access the data base they
require the new information, for example, Middle or higher
level manager.
Create, Alter and Delete User :

Create user :
The standard SQL syntax for creating user:
SQL Syntax:
GRANT CONNECT TO username IDENTIFIED BY password
Oracle Syntax:
CREATE USER username IDENTIFIED BY password
Example :
CREATE USER SYCO IDENTIFIED BY syco2020
Altering User :
• The password of the user and the account of the user
may be changed with alter user statement.
• The user himself can use this command to change his
own password.
• Syntax :
alter user user_name identified by password
• Example :
alter user SYCO identified by SYCO2020
Deleting user :
• Deleting a user also deletes all database objects (such as tables)
that they own, as well as any external logins for the user.
• The user being removed cannot be connected to the database
during this procedure.
• A user account is deleted with a drop user statement.
• Only database administrator can use this statement.
Syntax :
Drop user user_name[cascade]
cascade : Specify CASCADE to drop all objects in the user's schema before
dropping the user. You must specify this clause to drop a user whose
schema contains any objects.
If the user's schema contains tables, then Oracle Database drops the
tables and automatically drops any referential integrity constraints on
tables in other schemas that refer to primary and unique keys on these
tables.
If this clause results in tables being dropped, then the database also drops
all domain indexes created on columns of those tables and invokes
appropriate drop routines.

Example :
Drop user SYCO[cascade]
Protecting the Data within the Database:
• Authorization is permission given “to user, program, or process to
access an object or set of objects.
• The type of data access granted to a user can be read-only, or read
and write.
• Privileges specify the type of Data Manipulation Language (DML)
operations like SELECT, INSERT, UPDATE, DELETE, etc., which the user
can perform upon data.
• The two methods by which the access control is done are by using
privileges and roles.
• Privilege
• Role
Privileges :
• A privilege is permission to access a named object in a
prescribed manner.
for example, permission to query a table.
• Privileges can grant permissions to a particular user to
connect to the database (create a session); select rows
from someone else’s table; or execute someone else’s
stored procedure.
• There are 3 types of privileges :
1. Database privileges
2. System privileges
3. Object privileges
Database privileges :
• A privilege is a right to execute a particular type of SQL
statement or to access another user’s object. Some examples
of privileges include:
• The right to connect to the database (create a session)
• The right. to create a table
• The right to select rows from another user’s table
• The right to execute another user’s stored procedure
• Privileges are granted to users so that these can accomplish
tasks required for their job.
System privileges :
A system privilege is the right to perform a particular action,
on a particular type of object.
The privileges to create tables and to delete the operational
warehouse of any table in a database system are known as
system privileges.
In many commercial database management systems there
are hundreds of distinct system privileges.
Object privileges :
• An object privilege is a privilege or right to perform a particular
action on a specific table, view, sequence, procedure, function,
or package.
• For example, the privilege to delete rows from the table DEPT
is an object privilege.
• Object privileges granted for a table, view, sequence,
procedure, function, or package apply whether referencing the
base object by name or using a synonym.
Roles :
A role is a mechanism that can be used to provide authorization.
A single person or a group of people can be granted a role or a
group of roles. One role can be granted in turn to other roles.
By defining different types of roles, administrators can manage
access privileges much more easily.
Database management systems provide for easy and controlled
privilege management through roles.
Roles are named groups of related privileges that you grant to
users or other roles.
Roles are designed to ease the administration of end-user system
and object privileges.
Granting and Revoking Privileges and Roles :
• Grant or revoke privileges and roles from users or other roles
using the SQL commands GRANT and REVOKE.
• Who can grant and revoke the privileges and roles? The answer
is “it depends on the DBMS”.
• For example, in Oracle, a with the GRANT ANY ROLE system
privilege can grant or revoke any role to or from other users or
roles of the database most database management systems, the
Database Administrators (DBAs) and Security Officers will have
the necessary powers to grant and revoke the privileges and
roles to the users.
GRANT Command :
The GRANT command gives users privileges to base tables and views.
Syntax :
GRANT privileges
ON object
to users [with GRANT Option]
Object is either a base table or a view.
If ‘with GRANT Option’ is specified, it means that the recipient has
authority to grant the privileges that were granted to him to another
user.
Example :
1) Grant the SELECT authority on the EMP table to all users.
GRANT SELECT ON EMP TO PUBLIC;
2) Grant the SELECT, DELETE and UPDATE authority on DEPT table
to user 'AJAY'.
GRANT SELECT, DELETE, UPDATE ON DEPT TO AJAY;
Transaction :
A transaction can be defined as a group of tasks. A single task is the
minimum processing unit which cannot be divided further.
Consider an example of a simple transaction. Suppose a bank employee
transfers Rs 500 from A's account to B's account. This very simple and small
transaction involves several low-level tasks.
A’s Account B’s Account
Open_Account(A) Open_Account(B)
Old_Balance = A.balance Old_Balance = B.balance
New_Balance = Old_Balance - 500 New_Balance = Old_Balance + 500
A.balance = New_Balance B.balance = New_Balance
Close_Account(A) Close_Account(B)
Transaction is executed as a single unit. If the database was in consistent
state before a transaction, then after execution of the transaction also, the
database must be in a consistent state.
Process of Transaction :
The transaction is executed as a series of reads and writes of
database objects, which are explained below:
Read Operation :
To read a database object, it is first brought into main memory
from disk, and then its value is copied into a program variable as
shown in figure.
Write Operation :
To write a database object, an in-memory copy of the object is first
modified and then written to disk.
Transaction Properties :
• There are four important properties of transaction that
a DBMS must ensure to maintain data in the case of
concurrent access and system failures.
• These are called as ACID properties of transaction :
• Atomicity
• Consistency
• Isolation
• Durability
Atomicity :
(all or nothing)
A transaction is said to be atomic if a transaction always executes all
its actions in one step or not executes any actions at all It means
either all or none of the transactions operations are performed.

Consistency :
(No violation of integrity constraints)
A transaction must preserve the consistency of a database after the
execution. The DBMS assumes that this property holds for each
transaction.
Ensuring this property of a transaction is the responsibility of the
user.
Isolation :
(concurrent changes invisibles)
The transactions must behave as if they are executed in isolation. It means
that if several transactions are executed concurrently the results must be
same as if they were executed serially in some order.
The data used during the execution of a transaction cannot be used by a
second transaction until the first one is completed.

Durability :
(committed update persist)
The effect of completed or committed transactions should persist even after
a crash.
It means once a transaction commits, the system must guarantee that the
result of its operations will never be lost, in spite of subsequent failures.
Example :
In order to understand above properties consider the following example:
Let, Ti is a transaction that transfers Rs 50 from account A to account B.
This transaction can be defined as:
Atomicity :

Suppose that, just prior to execution of transaction Ti the values of account A and
B are Rs.I000 and Rs.2000.

Now, suppose that during the execution of Ti, a power failure has occurred that
prevented the Ti to complete successfully. The point of failure may be after the
completion Write (A,a) and before Write(B,b). It means that the changes in A are
performed but not in B. Thus the values of account A and Bare Rs.950 and
Rs.2000 respectively. We have lost Rs.50 as a result 'of this failure.

Now, our database is in inconsistent state.

The reason for this inconsistent state is that our transaction is completed
partially and we save the changes of uncommitted transaction. So, in order
to get the consistent state, database must be restored to its original values
i.e. A to Rs.I000 and B to Rs.2000, this leads to the concept of atomicity of
transaction. It means that in order to maintain the consistency of
database, either all or none of transaction's operations are performed.

In order to maintain atomicity of transaction, the database system keeps

track of the old values of any write and if the transaction does not
complete its execution, the old values are restored to make it appear as
the transaction never executed.
Consistency :
The consistency requirement here is that the sum of A and B must be
unchanged by the execution of the transaction. Without the consistency
requirement, money could be created or destroyed by the transaction. It
can. be verified easily that, if the database is consistent before an
execution of the transaction, the database remains consistent after the
execution of the transaction.

Ensuring consistency for an individual transaction is the responsibility of

the application programmer who codes the transaction.
Isolation :
If several transactions are executed concurrently (or in parallel), then each
transaction must behave as it was executed in isolation. It means that
concurrent execution does not result an inconsistent state.

For example, consider another transaction T2, which has to display the
sum of account A and B. Then, its result should be Rs.3000.
Let’s suppose that both Tl and T2 perform concurrently, their
schedule is shown below:
The above schedule results inconsistency of database and it shows
Rs.2950 as sum of accounts A and B instead of Rs.3000. The problem
occurs because second concurrently running transaction T2, reads A
and B at intermediate point and computes its sum, which results
inconsistent value.

Isolation property demands that the data used during the execution
of a transaction cannot be used by a second transaction until the first
one is completed.

A solution to the problem of concurrently executing transaction is to

execute each transaction serially 'that is one after the other. However,
concurrent execution of transaction provides significant performance
benefits, so other solutions are developed they allow multiple
transactions to execute concurrently.
Durability :
Once the execution of the transaction completes successfully, and the
user who initiated the transaction has been notified that the transfer of
funds has taken place, it must be the case that no system failure will
result in a loss of data corresponding to this transfer of funds.

The durability property guarantees that, once a transaction completes

successfully all the updates that it carried out on the database persist,
even if there is a system failure after the transaction completes
execution. Ensuring durability is the responsibility of a component of
the database system called the recovery-management component.
States of Transaction :
A transaction must be in one of the following states:
Active:
The initial state, the transaction stays in this state while it is executing.
Partially committed:
After the final statement has been executed.
Failed:
When the normal execution can no longer proceed.
Aborted:
After the transaction has been rolled back and the database has been
restored to its state prior to the start of the transaction.
Committed:
After successful completion.
The state diagram corresponding to a transaction is
shown in Figure.
• We say that a transaction has committed only if it has entered the
committed state. Similarly, we say that a transaction has aborted only if
it has entered the aborted state.

• A transaction is said to have terminated if has either committed or

aborted.

• A transaction starts in the active state. When it finishes its final

statement, it enters the partially committed state.

• At this point, the transaction has completed its execution, but it is still
possible that it may have to be aborted, since the actual output may still
be temporarily hiding in main memory and thus a hardware failure may
preclude its successful completion
• The database system then writes out enough information to disk that,
even in the event of a failure, the updates performed by the
transaction can be recreated when the system restarts after the
failure.

• When the last of this information is written out, the transaction

enters the committed state.
Types of Database Failure :
• System crash
• Statement failure
• Media failure
• Application Software errors
Causes of Failure :
• File Corruption
• File System Damage
• Database Hardware Failure
Database Backup :
• Database backup is the process of backing up the operational state,
architecture and stored data of database software.
• It creates a duplicate instance or copy of a database in case the primary
database crashes, corrupted or is lost.
• Database backup is used to protect and restore a database.
• Database backup is performed by the RDBMS or similar database
management software.
• Database administrators can use the database backup copy to restore
the database to its operational state along with its data and constraints.
• The database backup can be stored locally or on a backup server.
Types of Database Backup :
1. Physical backup 2. Logical backup

Physical backup :
• Physical backups are a backup of database directories and files (such as data
files, data controls and archived logs).
• The backups should always be stored in a separate, dedicated storage (such as
a disk, tape, or in the cloud).
• This type of backup is useful when we need to restore the complete database
within a short period of time.
• We can have either a full or incremental backup for physical backup.
• A full physical backup will contain a complete set of data files, archived files,
and transaction files.
• This is needed if we want to perform a full database restoration with minimal
application errors and data loss.
Logical backup :
• A Logical Backup contains copies of information about a database (such as
tables, schemas, and procedures) and are commonly exported out as
binary files using EXPORT/ IMPORT tools.
• If you need to restore or move a copy of the database to another
environment (platform) then, logical backups are used.
• With the help of an appropriate import tool, the logical data elements
(such as tables, schemas, and procedures) in the backup can be restored
at a lowest level with all the interdepedency elements on a specific
database platform.
• The data of a table is also exported using Structure Query Language (SQL)
and this is stored in a binary format as well.
• Logical backup only contains the structural level information of a
database.
Database Recovery :
• Database recovery is the process of restoring the database to a correct
(consistent) state in the event of a failure.
• It is the process of restoring the database to the most recent
consistent state that existed shortly before the time of system failure.
• The transactions on data are performed and executed at each second.
But if there is any failure of system will lost the data.
• Hence it is necessary to revert the changes of transaction to previously
committed point.
Recovery techniques :
• Backward recovery techniques
• Forward recovery techniques