Scribd
Upload
5 views

Chapter 4 Database Security and Authorization (1)

Chapter 4 discusses database security and authorization, focusing on the objectives of secrecy, integrity, and availability. It outlines access control mechanisms, including discretionary access control (DAC) and mandatory access control (MAC), and their implementation through grants and revokes of access rights. Additionally, it addresses the challenges of maintaining access control lists and the security implications of statistical databases.

Uploaded by

jamsibro140
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
5 views

Chapter 4 Database Security and Authorization (1)

Chapter 4 discusses database security and authorization, focusing on the objectives of secrecy, integrity, and availability. It outlines access control mechanisms, including discretionary access control (DAC) and mandatory access control (MAC), and their implementation through grants and revokes of access rights. Additionally, it addresses the challenges of maintaining access control lists and the security implications of statistical databases.

Uploaded by

jamsibro140
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
You are on page 1/ 24

Chapter 4

Database Security
and Authorization
Security Objectives
Prevent/detect/deter improper
Disclosure of information

Prevent/detect/deter Secrecy
Improper modification
of information

Integrity Availability

Prevent/detect/deter improper
Denial of access to services

2 Database Security
 Secrecy: Users should not be able to see
things they are not supposed to.
 E.g., A student can’t see other students’
grades.
 Integrity: Users should not be able to
modify things they are not supposed to.
 E.g., Only instructors can assign grades.
 Availability: Users should be able to see
and modify things they are allowed to.

3 Database Security 02/10/25


Databases
 Collection of
 interrelated data and
 set of programs to access the data
Convenient and efficient way of protecting the
data that
Requires:
- Proper user identification
- Information specifying the access rights is
protected from modification

4 Database Security
Access Control

 A security policy specifies who is authorized


to do what.
 A security mechanism allows us to enforce
a chosen security policy.
 Two main mechanisms at the DBMS level:
 Discretionary access control(allows each user to
control access to their own data)
 Mandatory access control(where access to system
resources is controlled by the operating system (under the control of
a system administrator)

5 Database Security
Access Control
 Subject: active entity that requests access to an object
- e.g., user or program
 Object: passive entity accessed by a subject
- e.g., record, relation, file
 Access right (privileges): how a subject is allowed to
access an object
- e.g., subject s can read object o

6 Database Security
Protection of object at different granularity levels

 Database
 Relation
 Record
 Attribute
 Element

7 Database Security
Relation-Level
Granularity
Confidential relation
Person- Company- Salary
name name
Smith BB&C $43,982

Dell Bell $97,900

Black BB&C $35,652

8 Database Security
Tuple-level Granularity

Works
Person-name Company- Salary
name
Smith BB&C $43,982 Public

Dell Bell $97,900 Conf.

Black BB&C $35,652 Public

9 Database Security
Attribute-Level
Granularity
Works
Person- Company- Salary
name Publ. name Publ. Conf.
Smith BB&C $43,982

Dell Bell $97,900

Black BB&C $35,652

10 Database Security
Cell-Level Granularity

Works
Person- Company- Salary
name name
Smith P BB&C P $43,982 C
Dell C Bell C $97,900 C
Black P BB&C C $35,652 C

11 Database Security
Discretionary Access Control (DAC)
 For each subject access right to the objects are
defined
 (subject, object, +/- access mode)

 (Kebede, Employee_relation, read)

 User based
 Grant and Revoke
 Problems:
- Propagation of access rights
- Revocation of propagated access rights
12 Database Security
DAC by Grant and Revoke

GRANT SELECT ON Employee GRANT SELECT ON Employee


TO Belay TO Melaku
Belay Melaku
WITH GRANT OPTION
?
Haile revokes grant
given to Belay
?
Haile does not want
Haile (owner) Melaku to access the
Employee relation
GRANT UPDATE(Salary) ON
Employee TO Berhanu

Berhanu
13 Database Security
Implementation
File 1 File 2
Access Control List (column) Joe:Read Joe:Read
(ACL) Joe:Write Sam:Read
Joe:Own Sam:Write
Capability List (row) Sam:Own
Joe: File 1/Read, File 1/Write, File 1/Own, File 2/Read
Sam: File 2/Read, File 2/Write, File 2/Own
Subject Access Object
Access Control Triples Joe Read File 1
Joe Write File 1
Joe Own File 1
Joe Read File 2
Sam Read File 2
Sam Write File 2
Sam Own File 2

14 Database Security
Grant and Revoke
GRANT <privilege> ON <relation>
To <user>
[WITH GRANT OPTION]
------------------------------------------------------------------------------------------------------------------------------------

 GRANT SELECT * ON Student TO Matthews


 GRANT SELECT * UPDATE(GRADE) ON Student TO
FARKAS
 GRANT SELECT(NAME) ON Student TO Brown

GRANT command applies to base relations as well


as views

15 Database Security
Grant and Revoke
REVOKE <privileges> [ON <relation>]
FROM <user>
-------------------------------------------------------------------------------------------------------------------------
 REVOKE SELECT* ON Student FROM Blue
 REVOKE UPDATE ON Student FROM Black
 REVOKE SELECT(NAME) ON Student FROM Brown

16 Database Security
Non-cascading Revoke
B E

A D

C F
A revokes D’s privileges
E
B
A

C F

17 Database Security
Cascading Revoke
B E

A D

C F
A revokes D’s privileges
B
A

18 Database Security
Query Modification
 GRANT SELECT(NAME) ON Student TO Blue
WHERE COURSE=“CSCE 590”

 Blue’s query:
SELECT *
FROM Student

 Modified query:
SELECT NAME
FROM Student
WHERE COURSE=“CSCE 590”
19 Database Security
DAC Overview
 Advantages:
 Easy to implement
 Disadvantages:
 Inherent vulnerability
 Maintenance of ACL or Capability lists
 Maintenance of Grant/Revoke

20 Database Security
Mandatory Access Control (MAC)
 Security label
- Top-Secret, Secret, Public
 Objects:
Objects security classification
- File 1 is Secret, File 2 is Public
 Subjects:
Subjects security clearances
- Brown is cleared to Secret, Black is cleared to Public
 Dominance ()
- Top-Secret  Secret  Public

21 Database Security
MAC
 Access rights:
rights defined by comparing the security
classification of the requested objects with the
security clearance of the subject
 If access control rules are satisfied, access is
permitted
 Otherwise access is rejected
 Granularity of access rights!

22 Database Security
Multilevel Relation
Example
SSN (SSN) Course (Course) Grade (Grade)
111-22-3333 S CSCE 786 S A TS
444-55-6666 S CSCE 567 S C TS

Top-secret user sees all data


Secret user sees Secret-View:
Secret-View

SSN (SSN) Course (Course) Grade (Grade)


111-22-3333 S CSCE 786 S null S
444-55-6666 S CSCE 567 S null S

24 Database Security
Statistical DB Security

 Statistical DB: Contains information about


individuals, but allows only aggregate queries
(e.g., average age, rather than Joe’s age).
 New problem: It may be possible to infer
some secret information!
 E.g., If I know Joe is the oldest sailor, I can ask
“How many sailors are older than X?” for different
values of X until I get the answer 1; this allows me
to infer Joe’s age.
 Idea: Insist that each query must involve at
least N rows, for some N. Will this work?
(No!)

You might also like