Database Security

Copyright © 2011 Ramez Elmasri and Shamkant Navathe

1 Introduction to Database Security
Issues

 Types of Security
 Legal and ethical issues
 Policy issues
 System-related issues
 The need to identify multiple security levels

Copyright © 2011 Ramez Elmasri and Shamkant Navathe

Introduction to Database Security Issues
(2)
 Threats to databases
 Loss of integrity
 Loss of availability
 Loss of confidentiality

 To protect databases against these types of threats four

kinds of countermeasures can be implemented:
 Access control
 Inference control
 Flow control
 Encryption

Copyright © 2011 Ramez Elmasri and Shamkant Navathe

Introduction to Database
Security Issues (3)

 A DBMS typically includes a database security

and authorization subsystem that is responsible
for ensuring the security portions of a database
against unauthorized access.

 Two types of database security mechanisms:

 Discretionary security mechanisms
 Mandatory security mechanisms

Copyright © 2011 Ramez Elmasri and Shamkant Navathe

Introduction to Database
Security Issues (4)

 The security mechanism of a DBMS must include

provisions for restricting access to the database
as a whole
 This function is called access control and is
handled by creating user accounts and passwords
to control login process by the DBMS.

Copyright © 2011 Ramez Elmasri and Shamkant Navathe

Introduction to Database
Security Issues (5)

 The security problem associated with databases

is that of controlling the access to a statistical
database, which is used to provide statistical
information or summaries of values based on
various criteria.

 The countermeasures to statistical database

security problem is called inference control
measures.

Copyright © 2011 Ramez Elmasri and Shamkant Navathe

Introduction to Database
Security Issues (6)

 Another security is that of flow control, which

prevents information from flowing in such a way
that it reaches unauthorized users.

 Channels that are pathways for information to

flow implicitly in ways that violate the security
policy of an organization are called covert
channels.

Copyright © 2011 Ramez Elmasri and Shamkant Navathe

Introduction to Database
Security Issues (7)

 A final security issue is data encryption, which is

used to protect sensitive data (such as credit card
numbers) that is being transmitted via some type
communication network.
 The data is encoded using some encoding
algorithm.
 An unauthorized user who access encoded data
will have difficulty deciphering it, but authorized
users are given decoding or decrypting algorithms
(or keys) to decipher data.

Copyright © 2011 Ramez Elmasri and Shamkant Navathe

1.2 Database Security and the DBA
 The database administrator (DBA) is the central
authority for managing a database system.
 The DBA’s responsibilities include
 granting privileges to users who need to use the
system
 classifying users and data in accordance with the
policy of the organization
 The DBA is responsible for the overall security of
the database system.

Copyright © 2011 Ramez Elmasri and Shamkant Navathe

1.2 Database Security and the DBA (2)
 The DBA has a DBA account in the DBMS
 Sometimes these are called a system or superuser account
 These accounts provide powerful capabilities such as:
 1. Account creation
 2. Privilege granting
 3. Privilege revocation
 4. Security level assignment
 Action 1 is access control, whereas 2 and 3 are
discretionarym and 4 is used to control mandatory
authorization

Copyright © 2011 Ramez Elmasri and Shamkant Navathe

1.3 Access Protection, User Accounts,
and Database Audits

 Whenever a person or group of person s need to

access a database system, the individual or
group must first apply for a user account.
 The DBA will then create a new account id and
password for the user if he/she deems there is a
legitimate need to access the database
 The user must log in to the DBMS by entering
account id and password whenever database
access is needed.

Copyright © 2011 Ramez Elmasri and Shamkant Navathe

1.3 Access Protection, User Accounts,
and Database Audits(2)

 The database system must also keep track of all

operations on the database that are applied by a
certain user throughout each login session.
 To keep a record of all updates applied to the
database and of the particular user who applied
each update, we can modify system log, which
includes an entry for each operation applied to the
database that may be required for recovery from a
transaction failure or system crash.

Copyright © 2011 Ramez Elmasri and Shamkant Navathe

1.3 Access Protection, User Accounts,
and Database Audits(3)

 If any tampering with the database is suspected,

a database audit is performed
 A database audit consists of reviewing the log to
examine all accesses and operations applied to
the database during a certain time period.
 A database log that is used mainly for security
purposes is sometimes called an audit trail.

Copyright © 2011 Ramez Elmasri and Shamkant Navathe

Discretionary Access Control Based
on Granting and Revoking Privileges
 The typical method of enforcing discretionary
access control in a database system is based
on the granting and revoking privileges.

Copyright © 2011 Ramez Elmasri and Shamkant Navathe

2.3 Revoking Privileges
 In some cases it is desirable to grant a privilege
to a user temporarily. For example,
 The owner of a relation may want to grant the
SELECT privilege to a user for a specific task and
then revoke that privilege once the task is
completed.
 Hence, a mechanism for revoking privileges is
needed. In SQL, a REVOKE command is included
for the purpose of canceling privileges.

Copyright © 2011 Ramez Elmasri and Shamkant Navathe