Group 1 - Database Management
Group 1 - Database Management
SECURITY
GROUP 1
CONTENTS
01 INTRODUCTION TO DATABASE SECURITY
Input Validation: Validate and sanitize all user inputs to prevent malicious
attacks.
Network Security: Implement network security measures such as firewalls, intrusion detection
systems (IDS), and intrusion prevention systems (IPS) to protect the database server from
Hardware Security: Use secure hardware components like Trusted Platform Modules (TPMs) to
Employee Training: Train employees on security best practices and the importance of data
security.
NETWORKING INFRASTRUCTURE
resource management.
Network Monitoring: Monitor network traffic for suspicious activity and respond to
Incident Response Plan: Develop and test an incident response plan to handle security
breaches effectively.
05
LOGICAL DATABASE
SECURITY
LOGICAL DATABASE SECURITY
Logical database security focuses on controlling access to data based on user roles and
permissions. It involves implementing access control mechanisms such as:
User Authentication: Verifying the identity of users before granting access to the
database.
Authorization: Defining which users are allowed to access specific data objects (e.g.,
tables, views) and what operations they can perform (e.g., read, write, delete).
Role-Based Access Control (RBAC): Assigning users to roles and granting permissions
to roles rather than individual users.
QUERIES ON
SECURITY
USER AUTHENTICATION
Syntax:
Creating Users: CREATE USER user_name WITH PASSWORD 'password';
Dropping Users: DROP USER user_name;
Example
CREATE USER ‘kimwaga’@’localhost’ WITH PASSWORD 'password';
SELECT user, host, password from mysql.user;
DROP USER ‘enzo’@’localhost’;
ACCESS CONTROL
Granting Privileges:
Syntax:
GRANT SELECT, INSERT, UPDATE, DELETE ON table_name TO user_name;
GRANT ALL PRIVILEGES ON table_name TO role_name;
Example:
GRANT SELECT, INSERT, UPDATE, DELETE ON patient TO kimwaga;
GRANT ALL PRIVILEGES ON table doctor TO Admin;
Cont..
Revoking Privileges:
Syntax
REVOKE SELECT, INSERT ON table_name FROM user_name;
REVOKE ALL PRIVILEGES ON table_name FROM role_name;
Example
REVOKE SELECT, INSERT ON patient FROM enzo;
REVOKE ALL PRIVILEGES ON doctor FROM user 1;
ROLE-BASED ACCESS CONTROL
Syntax
Creating Roles:
CREATE ROLE role_name;
Granting Privileges to Roles:
GRANT SELECT, INSERT ON table_name TO role_name;
Assigning Users to Roles:
GRANT role_name TO user_name;
Example
CREATE ROLE Admin;
GRANT SELECT, INSERT ON doctor TO Admin;
GRANT Admin TO enzo;
THANK YOU!
GROUP MEMBERS
01
1. RICHARD SHANIBU
2. ISAAC YUSUPH
3. HILDA RAPHAEL
4. GLORY MWAKA
02
5. ELTON RICARDO
6. HELEN VEDASTUS
03