1

SECURITY IN
COMPUTING,
FIFTH EDITION
Chapter 7: Databases

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
 2

Objectives for Chapter 7

• Basic database terminology and concepts
• Security requirements for databases
• Implementing access controls in databases
• Protecting sensitive data
• Data mining and big data

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
 3

Database Terms
• Database administrator
• Database management system (DBMS)
• Record
• Field/element
• Schema
• Subschema
• Attribute
• Relation

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
 4

Database Example

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
 5

Schema Example

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
 6

Queries
• A query is a command that tells the
database to retrieve, modify, add, or delete
a field or record
• The most common database query
language is SQL

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
 7

Example SQL Query

• SELECT ZIP=‘43210’

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
 8

Database Security Requirements

• Physical integrity
• Logical integrity
• Element integrity
• Auditability
• Access control
• User authentication
• Availability

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
 9

Reliability and Integrity

• Reliability: in the context of databases, reliability is the
ability to run for long periods without failing
• Database integrity: concern that the database as a whole
is protected against damage
• Element integrity: concern that the value of a specific data
element is written or changed only by authorized users
• Element accuracy: concern that only correct values are
written into the elements of a database

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
 10

Two-Phase Update
• Phase 1: Intent
• DBMS does everything it can, other than making changes to the
database, to prepare for the update
• Collects records, opens files, locks out users, makes calculations
• DBMS commits by writing a commit flag to the database
• Phase 2: Write
• DBMS completes all write operations
• DBMS removes the commit flag
• If the DBMS fails during either phase 1 or phase 2, it can
be restarted and repeat that phase without causing harm

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
 11

Other Database Security Concerns

• Error detection and correction codes to protect data
integrity
• For recovery purposes, a database can maintain a
change log, allowing it to repeat changes as necessary
when recovering from failure
• Databases use locks and atomic operations to maintain
consistency
• Writes are treated as atomic operations
• Records are locked during write so they cannot be read in a
partially updated state

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
 12

Sensitive Data
• Inherently sensitive
• Passwords, locations of weapons
• From a sensitive source
• Confidential informant
• Declared sensitive
• Classified document, name of an anonymous donor
• Part of a sensitive attribute or record
• Salary attribute in an employment database
• Sensitive in relation to previously disclosed information
• An encrypted file combined with the password to open it

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
 13

Types of Disclosures
• Exact data
• Bounds
• Negative result
• Existence
• Probable value
• Direct inference
• Inference by arithmetic
• Aggregation
• Hidden data attributes
• File tags
• Geotags

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
 14

Preventing Disclosure
• Suppress obviously sensitive information
• Keep track of what each user knows based
on past queries
• Disguise the data

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
 15

Security vs. Precision

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
 16

Suppression Techniques
• Limited response suppression
• Eliminates certain low-frequency elements from being displayed
• Combined results
• Ranges, rounding, sums, averages
• Random sample
• Blocking small sample sizes
• Random data perturbation
• Randomly add or subtract a small error value to/from actual values
• Swapping
• Randomly swapping values for individual records while keeping
statistical results the same

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
 17

Data Mining
• Data mining uses statistics, machine learning,
mathematical models, pattern recognition, and other
techniques to discover patterns and relations on large
datasets
• The size and value of the datasets present an important
security and privacy challenge, as the consequences of
disclosure are naturally high

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
 18

Data Mining Challenges

• Correcting mistakes in data
• Preserving privacy
• Granular access control
• Secure data storage
• Transaction logs
• Real-time security monitoring

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
 19

Summary
• Database security requirements include:
• Physical integrity
• Logical integrity
• Element integrity
• Auditability
• Access control
• User authentication
• Availability
• There are many subtle ways for sensitive data to be
inadvertently disclosed, and there is no single answer for
prevention
• Data mining and big data have numerous open security
and privacy challenges
From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.